Wireshark · Ethereal-dev: Re: [Ethereal-dev] RE: [Ethereal-users] Ethereal 10.8 (win and linux) crashing - x11

[Guy Harris <gharris@xxxxxxxxx>]

Francisco Alcoba (TS/EEM) wrote:

> There is a bug in packet-x11.c, see the mails below for the history. In function
> listOfKeycode a "buffer" of 1024 chars is used to store a string related to keycodes (?).
> Ethereal crashes because the number of keycodes makes the string longer than that.
> Just changing the definition to 4096, which does not seem to be a good solution, avoids
> the crash. Unfortunately, I know nothing of x11, so I don't really know which would be 
> the way to really correct it -i.e. should it allow for a maximum of 1024 characters and
> stop reading keycodes after that, should it use dynamic allocation of the string, etc.-.

One good way to correct it is to put the protocol tree item into the 
tree *before* looping through the list of keycodes, and then append to 
the item with proto_item_append_text().  That way you don't need to 
choose a fixed size for the buffer, as you don't have a buffer.

I've checked in a change to do that.

> Anyway the packet detail does not show the whole string in "buffer", I don't know why.

There's a fixed maximum length for protocol tree items' display 
representation; the string exceeded it.