Wireshark-bugs: [Wireshark-bugs] [Bug 6378] AFP dissector: Buildbot crash output: fuzz-2011-09-2
Date: Wed, 28 Sep 2011 20:11:59 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6378

--- Comment #2 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-09-28 20:11:58 PDT ---
Created an attachment (id=7107)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7107)
Isolated the problematic packet (but need a few before it too)

I tested again using r39181, which included the change to packet-afp.c in
r39176, but unfortunately the problem is still present.  The below tshark
output is revealing, but I'm not sure how best to fix it:

** (tshark.exe:2524): WARNING **: Dissector bug, protocol AFP, in packet 3:
More
 than 1000000 items in the tree -- possible infinite loop
Frame 3: 310 bytes on wire (2480 bits), 310 bytes captured (2480 bits)
Ethernet II, Src: CadmusCo_fb:96:e0 (08:00:27:fb:96:e0), Dst: 49:0d:93:7f:8b:ea
(49:0d:93:7f:8b:ea)
Internet Protocol Version 4, Src: 10.10.10.151 (10.10.10.151), Dst:
10.10.10.150
 (10.10.10.150)
Transmission Control Protocol, Src Port: afpovertcp (548), Dst Port: 51796
(5179
6), Seq: 1, Ack: 285, Len: 244
Data Stream Interface
Apple Filing Protocol
    Command: FPSpotlightRPC (76)
    [Response to: 2]
    [Time from request: 0.001912000 seconds]
    Return code: 0
    Endianess: Litte Endian
    ToC Offset: 176 Bytes, Query length: 208 Bytes
    Spotlight RPC data
        array, toc index: 1, children: 3
            int64
                int64: 0x0000000000000000
            type: complex (CNIDs), toc index: 2, children: 1
                CNID Array
                    unknown1: 0x0fec
                    unknown2: 0x6b000000
                    CNID: 1028
            type: complex (FileMeta), toc index: 3, children: 1
                filemeta
                    Endianess: Litte Endian
                    ToC Offset: 56 Bytes, Query length: 88 Bytes
                    Spotlight RPC data
                        array, toc index: 1, children: 2332033026
                        null
                        null
                         |
                         V
LOTS more of these null's - presumably 2332033024 more.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.