Wireshark-bugs: [Wireshark-bugs] [Bug 2677] New: 'dumpcap -L' crashes;
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 3 Jul 2008 19:31:21 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2677

           Summary: 'dumpcap -L' crashes;
           Product: Wireshark
           Version: 1.0.1
          Platform: PC
        OS/Version: Windows Vista
            Status: NEW
          Severity: Major
          Priority: High
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: wmeier@xxxxxxxxxxx


Build Information:
Dumpcap 1.0.1 (SVN Rev 25639)

...

Compiled with GLib 2.14.6, with WinPcap (version unknown), with libz 1.2.3,
without POSIX capabilities.

Running on Windows Vista Service Pack 1, build 6001, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5.

Built using Microsoft Visual C++ 6.0 build 8804

--
Summary
=======

On Windows Vista 'dumpcap -L' (using dumpcap v1.0.1) crashes (and thus
wireshark Capture ! Options is followed by a dumpcap crash).

It appears that Windows Wireshark will always show a dumpcap crash 
when the "Capture Options" window is invoked and for any attempt to change the
interface in that window..

  ==> I'm surprised that there's only been one report on this so far; 
      Is this less serious than it seems to me ??
      Is the crash not happening on other Windows OS's such as Windows XP ?

Details
=======

The crash is in get_pcap_linktype_list() in capture-pcap-util.c.

Specifically the crash occurs at the 'free' statement in the code extract
below.

--------
get_pcap_linktype_list(const char *devname, char **err_str)
{
<...>
#ifdef HAVE_PCAP_SET_DATALINK
        int *linktypes;
        int i, nlt;
#endif
<...>
#ifdef HAVE_PCAP_LIST_DATALINKS
        nlt = pcap_list_datalinks(pch, &linktypes);
<...>
        free(linktypes);
<...>
}
-------

Notes:

1. This code was very recently enabled on Windows via 
defining HAVE_PCAP_LIST_DATALINKS (SVN #25593);

2. This crash certainly smells like those related to the "use of free() when
using mixed CRTs" issue. 

However, as far as I can tell, the 4.0.2 wpcap.dll and the 1.0.1 dumpcap are
both linked against the same CRT (msvcrt.dll). So: I'm not sure if this is a
wpcap bug or what.

3. In any case the use of free() is presumably not really OK since it will
presumably cause problems if dumpcap is built with (say) MSVC8 which links with
a different CRT.

I did find a thread on the WinPcap list archives relating to this issue.
http://www.winpcap.org/pipermail/winpcap-users/2006-September/001421.html

There's even a comment in that thread by Gianluca that a requirement to use
free() in this way is not a good thing.  :)

However, I've not found any later information about an addition to the API of a
way to free the memory allocated by pcap_list_datalinks.

Maybe I've missed something....


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.