Wireshark-bugs: [Wireshark-bugs] [Bug 1906] New: Segfault on Statistics/RTP/Show of two frames p
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1906
Summary: Segfault on Statistics/RTP/Show of two frames portmap
dump
Product: Wireshark
Version: 0.99.6
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Normal
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: fpeters@xxxxxxxxxx
Build Information:
Version 0.99.6
Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.0, with GLib 2.14.1, with libpcap 0.9.8, with libz
1.2.3.3, with libpcre 7.2, without Net-SNMP, with ADNS, without Lua, with
GnuTLS
1.7.19, with Gcrypt 1.2.4, with MIT Kerberos, with PortAudio PortAudio
V19-devel, without AirPcap.
Running on Linux 2.6.23, with libpcap version 0.9.8.
Built using gcc 4.1.3 20070718 (prerelease) (Debian 4.1.2-14).
--
Reported as Debian bug http://bugs.debian.org/446206
----
wireshark segfaults on a Statistics/RTP/Show all streams (the original
source is a 500MB dump from 2 hours of intranet traffic, including a
ToIP conference). I reduced the case to a two portmap frames dump (see
attachment).
The backtrace contains a lot of functions, probably a loop.
Core was generated by `wireshark'.
Program terminated with signal 11, Segmentation fault.
#0 0xb637a6f5 in g_hash_table_lookup () from /usr/lib/libglib-2.0.so.0
#1 0xb6e7087c in conversation_lookup_hashtable (hashtable=0x8a293a0,
frame_num=2, addr1=0x89b5870, addr2=0xb7f2ea30,
ptype=PT_UDP, port1=111, port2=0) at conversation.c:655
655 match = g_hash_table_lookup(hashtable, &key);
#2 0xb6e70e9c in find_conversation (frame_num=2, addr_a=0x89b5870,
addr_b=0xb7f2ea30, ptype=PT_UDP, port_a=111, port_b=0,
options=1) at conversation.c:929
929 conversation =
#3 0xb722bf75 in dissect_rpc_indir_reply (tvb=0x88b9f68,
pinfo=0x89b5820, tree=0x0, offset=593036, result_id=32340,
prog_id=32333, vers_id=32337, proc_id=32335) at packet-rpc.c:1529
1529 conversation = find_conversation(pinfo->fd->num,
&pinfo->dst, &null_address,
#4 0xb71f19fc in dissect_callit_reply (tvb=0x88b9f68, offset=593036,
pinfo=0x89b5820, tree=0x0) at packet-portmap.c:344
344 offset = dissect_rpc_indir_reply(tvb, pinfo, tree, offset,
#5 0xb7229fab in call_dissect_function (tvb=0x88b9f68, pinfo=0x89b5820,
tree=0x89b5870, offset=593032,
dissect_function=0xb71f1950 <dissect_callit_reply>,
progname=0xbf7a9024 "") at packet-rpc.c:1272
1272 offset = dissect_function(tvb, offset, pinfo, tree);
#6 0xb71f19fc in dissect_callit_reply (tvb=0x88b9f68, offset=593028,
pinfo=0x89b5820, tree=0x0) at packet-portmap.c:344
344 offset = dissect_rpc_indir_reply(tvb, pinfo, tree, offset,
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.