Wireshark-bugs: [Wireshark-bugs] [Bug 6378] AFP dissector: Buildbot crash output: fuzz-2011-09-2
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6378
--- Comment #2 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-09-28 20:11:58 PDT ---
Created an attachment (id=7107)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7107)
Isolated the problematic packet (but need a few before it too)
I tested again using r39181, which included the change to packet-afp.c in
r39176, but unfortunately the problem is still present. The below tshark
output is revealing, but I'm not sure how best to fix it:
** (tshark.exe:2524): WARNING **: Dissector bug, protocol AFP, in packet 3:
More
than 1000000 items in the tree -- possible infinite loop
Frame 3: 310 bytes on wire (2480 bits), 310 bytes captured (2480 bits)
Ethernet II, Src: CadmusCo_fb:96:e0 (08:00:27:fb:96:e0), Dst: 49:0d:93:7f:8b:ea
(49:0d:93:7f:8b:ea)
Internet Protocol Version 4, Src: 10.10.10.151 (10.10.10.151), Dst:
10.10.10.150
(10.10.10.150)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 51796
(5179
6), Seq: 1, Ack: 285, Len: 244
Data Stream Interface
Apple Filing Protocol
Command: FPSpotlightRPC (76)
[Response to: 2]
[Time from request: 0.001912000 seconds]
Return code: 0
Endianess: Litte Endian
ToC Offset: 176 Bytes, Query length: 208 Bytes
Spotlight RPC data
array, toc index: 1, children: 3
int64
int64: 0x0000000000000000
type: complex (CNIDs), toc index: 2, children: 1
CNID Array
unknown1: 0x0fec
unknown2: 0x6b000000
CNID: 1028
type: complex (FileMeta), toc index: 3, children: 1
filemeta
Endianess: Litte Endian
ToC Offset: 56 Bytes, Query length: 88 Bytes
Spotlight RPC data
array, toc index: 1, children: 2332033026
null
null
|
V
LOTS more of these null's - presumably 2332033024 more.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.