Ethereal-dev: Re: [ethereal-dev] WIN32 interface list and packet capture patch

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Tue, 21 Mar 2000 02:21:26 -0800
> Windows NT SP5 and a source distribution for the Torino code give a 
> working application here. BUT, as I said last week there's a "bug" in 
> packet-smb.c that made me unable to capture.

You can remove the quotes around "bug" - any program that passes a null
pointer to "strlen()" and expects "strlen()" to behave sanely is broken.

> The bug itself has to do with the MSVC++ 6 version of strlen being 
> unable to handle empty string. I know this sounds unlikely, but if 
> I supply a NULL pointer to it, it generates an access violation in 
> debug mode and when I just run the same executable outside the 
> debugger it hangs.

...whereas on many UNIX systems (probably most of them, at this point)
it just generates a segmentation violation, period, regardless of
whether you're running it inside a debugger or not.

> I have attached a patch that checks if the supplied "string" is 
> not NULL.

Checked in.

> I have also supplied a screen capture of Ethereal showing 
> a packet that triggers the bug to check for someone if there's a 
> problem with it. I think there's a bug somewhere else too, because 
> the contents of the packet itself doesn't suggest a respone to me...

That's certainly possible - are there any SMB packets from
130.139.45.122 to 130.139.40.9 before that, that might the request to
which it's a response?

Can you either send one of us (Richard, say, or me) the capture file in
question, or an edited version thereof to remove packets you don't want
to make public but not to remove any traffic between 130.139.40.9 and
130.139.45.122 (the offending packet being from 130.139.40.9 to
130.139.45.122)?