Ethereal-dev: [Ethereal-dev] [grin@xxxxxxxxxxxxxxx: Bug#81164: ethereal: segfault analysing a

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Frederic Peters <fpeters@xxxxxxxx>
Date: Sun, 7 Jan 2001 22:41:22 +0100
Hello,

Reported as bug to the Debian bts.

Regards,
	Frederic

----- Forwarded message from Peter Gervai <grin@xxxxxxxxxxxxxxx> -----

Date: Thu, 04 Jan 2001 01:04:38 +0100
From: Peter Gervai <grin@xxxxxxxxxxxxxxx>
Subject: Bug#81164: ethereal: segfault analysing a tcpdump file (dissect_socks)
To: submit@xxxxxxxxxxxxxxx
X-Mailer: bug 3.3.7

Package: ethereal
Version: 0.8.14-1
Severity: normal

Sig11 on a pcap dumpfile.

#0  dissect_socks (pd=0x838d710 "", offset=54, fd=0x84100e0, tree=0x0) at packet-socks.c:991
991                     if (( hash_info->version == 4) || ( hash_info->version == 5)){
(gdb) bt
#0  dissect_socks (pd=0x838d710 "", offset=54, fd=0x84100e0, tree=0x0) at packet-socks.c:991
#1  0x814fbb5 in dissector_try_port (sub_dissectors=0x82b04c0, port=1080, tvb=0x834bb88, pinfo=0x82aba60, tree=0x0) at packet.c:1303
#2  0x80f813f in decode_tcp_ports (tvb=0x834bb58, offset=20, pinfo=0x82aba60, tree=0x0, src_port=1080, dst_port=25) at packet-tcp.c:417
#3  0x80f8886 in dissect_tcp (tvb=0x834bb58, pinfo=0x82aba60, tree=0x0) at packet-tcp.c:590
#4  0x814fbc8 in dissector_try_port (sub_dissectors=0x82ad948, port=6, tvb=0x834bb58, pinfo=0x82aba60, tree=0x0) at packet.c:1306
#5  0x80a89be in dissect_ip (tvb=0x834bb28, pinfo=0x82aba60, tree=0x0) at packet-ip.c:956
#6  0x814fbc8 in dissector_try_port (sub_dissectors=0x82ad7e8, port=2048, tvb=0x834bb28, pinfo=0x82aba60, tree=0x0) at packet.c:1306
#7  0x809d1f9 in ethertype (etype=2048, tvb=0x834baf8, offset_after_etype=14, pinfo=0x82aba60, tree=0x0, fh_tree=0x814e19b, item_id=377) at packet-ethertype.c:114
#8  0x809cfd9 in dissect_eth (tvb=0x834baf8, pinfo=0x82aba60, tree=0x0) at packet-eth.c:306
#9  0x809dae8 in dissect_frame (tvb=0x834baf8, pinfo=0x82aba60, tree=0x0) at packet-frame.c:135
#10 0x814f791 in dissect_packet (p_tvb=0x848f990, pseudo_header=0x834bf54, pd=0x838d710 "", fd=0x84100e0, tree=0x0) at packet.c:1041
#11 0x814dd02 in epan_dissect_new (pseudo_header=0x834bf54, data=0x838d710 "", fd=0x84100e0, tree=0x0) at epan.c:90
#12 0x811684b in add_packet_to_packet_list (fdata=0x84100e0, cf=0x829b7c0, pseudo_header=0x834bf54, buf=0x838d710 "", refilter=1) at file.c:646
#13 0x8116c0a in read_packet (cf=0x829b7c0, offset=1325504) at file.c:805
#14 0x811619f in read_cap_file (cf=0x829b7c0, err=0xbfffed84) at file.c:356
#15 0x8145cda in file_open_ok_cb (w=0x8343628, fs=0x82ffd80) at file_dlg.c:191
#16 0x1dc8d1 in gtk_marshal_NONE__NONE () from /usr/lib/libgtk-1.2.so.0
#17 0x20b06c in gtk_signal_remove_emission_hook () from /usr/lib/libgtk-1.2.so.0
#18 0x20a4d5 in gtk_signal_set_funcs () from /usr/lib/libgtk-1.2.so.0
#19 0x2085b3 in gtk_signal_emit () from /usr/lib/libgtk-1.2.so.0
#20 0x17abe8 in gtk_button_clicked () from /usr/lib/libgtk-1.2.so.0
#21 0x17c20d in gtk_button_get_relief () from /usr/lib/libgtk-1.2.so.0
#22 0x1dc8d1 in gtk_marshal_NONE__NONE () from /usr/lib/libgtk-1.2.so.0
#23 0x20a36f in gtk_signal_set_funcs () from /usr/lib/libgtk-1.2.so.0
#24 0x2085b3 in gtk_signal_emit () from /usr/lib/libgtk-1.2.so.0
#25 0x17ab28 in gtk_button_released () from /usr/lib/libgtk-1.2.so.0
#26 0x17bb78 in gtk_button_get_relief () from /usr/lib/libgtk-1.2.so.0
#27 0x1dc55b in gtk_marshal_BOOL__POINTER () from /usr/lib/libgtk-1.2.so.0
#28 0x20a513 in gtk_signal_set_funcs () from /usr/lib/libgtk-1.2.so.0
#29 0x2085b3 in gtk_signal_emit () from /usr/lib/libgtk-1.2.so.0
#30 0x23e96b in gtk_widget_event () from /usr/lib/libgtk-1.2.so.0
#31 0x1dc4c5 in gtk_propagate_event () from /usr/lib/libgtk-1.2.so.0
#32 0x1db6ee in gtk_main_do_event () from /usr/lib/libgtk-1.2.so.0
#33 0x288067 in gdk_wm_protocols_filter () from /usr/lib/libgdk-1.2.so.0
#34 0x2b82d9 in g_get_current_time () from /usr/lib/libglib-1.2.so.0
#35 0x2b88e3 in g_get_current_time () from /usr/lib/libglib-1.2.so.0
#36 0x2b8a7c in g_main_run () from /usr/lib/libglib-1.2.so.0
#37 0x1dafe7 in gtk_main () from /usr/lib/libgtk-1.2.so.0
#38 0x8135062 in main (argc=1, argv=0xbffffc44) at main.c:1370
#39 0x32be6c in __libc_start_main () from /lib/libc.so.6

(gdb) p conversation
$6 = (conversation_t *) 0x1
(gdb) p hash_info
$7 = (socks_hash_entry_t *) 0x0


969                             /* new conversation create local data structure */
970             else {
971                     hash_info = g_mem_chunk_alloc(socks_vals);
972                     hash_info->start_done_row = G_MAXINT;
973                     hash_info->state = None;
974                     hash_info->port = -1;

...

986
987             if (check_col(fd, COL_PROTOCOL))
988                     col_set_str(fd, COL_PROTOCOL, "Socks");
989
990             if (check_col(fd, COL_INFO)){
991                     if (( hash_info->version == 4) || ( hash_info->version == 5)){
992                             col_add_fstr(fd, COL_INFO, "Version: %d",
993                                     hash_info->version);
994                     }
995                     else                    /* unknown version display error */


Maybe someone forgot to check whether g_mem_chunk_alloc returned allocation failure?


(Just FYI the pcap listed by tcpdump:
15:41:13.492366  ip 62: a.example.com.1068 > b.example.com.smtp: S 17400728:17400728(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
15:41:13.493017  ip 62: b.example.com.smtp > a.example.com.1068: S 3218871106:3218871106(0) ack 17400729 win 32120 <mss 1460,nop,nop,sackOK>
15:41:13.497155  ip 60: a.example.com.1068 > b.example.com.smtp: . ack 1 win 8760 (DF)
15:41:15.113379  ip 128: b.example.com.smtp > a.example.com.1068: P 1:75(74) ack 1 win 32120
15:41:15.121608  ip 69: a.example.com.1068 > b.example.com.smtp: P 1:16(15) ack 75 win 8686 (DF)
  ^^^ segfaults here somewhere
15:41:15.122263  ip 54: b.example.com.smtp > a.example.com.1068: . ack 16 win 32120

and it simply isn't socks, maybe that's why the socks analyzer dies on it.)


-- System Information
Debian Release: woody
Kernel Version: Linux Yikes 2.2.17 #5 Wed Oct 11 13:56:51 CEST 2000 i686 unknown

Versions of the packages ethereal depends on:
ii  libc6          2.2-6          GNU C Library: Shared libraries and Timezone
ii  libglib1.2     1.2.8-1        The GLib library of C routines
ii  libgtk1.2      1.2.8-2        The GIMP Toolkit set of widgets for X
ii  libpcap0       0.5.2-2        System interface for user-level packet captu
ii  xlibs          4.0.2-1        X Window System client libraries
ii  zlib1g         1.1.3-11       compression library - runtime



----- End forwarded message -----

-- 
Frederic Peters <fpeters@xxxxxxxx>        « Le travail a été ce que l'homme
Debian GNU/Linux : http://www.debian.org     a trouvé de mieux pour ne rien
Gaby : http://gaby.netpedia.net              faire de sa vie. »  R. Vaneigem