Wireshark-bugs: [Wireshark-bugs] [Bug 9652] Buildbot crash output: fuzz-2014-01-17-15845.pcap
Date: Tue, 21 Jan 2014 09:54:01 +0000

Comment # 29 on bug 9652 from
(In reply to comment #28)
> Gerald, why does the fuzz-test generator use "-T ether"?

To handle cases where we can read the file format but not write it.  We might
want to try "-F pcapng" first, in the hopes of at least preserving the
link-layer type, and either give up, or try "-T ether" combined with "-F
pcapng", if that fails.

In the short term, the correct fix is perhaps to do that, and to add
packet-size checks in the packet-write routines to prevent writing out packets
that won't pass packet-read routine checks (I'd add a new error for the "packet
too big" case - and perhaps return that for too-large packets when reading, as
well).

In the medium term, we should perhaps also support writing in mime-encap.c
etc., so that we can fuzz, for example, JPEG files.

In the longer term, wiretap probably won't read JPEG files, but filetap will,
and we might want to support writing files there in order to support fileshark
being a binary file editor.


You are receiving this mail because:
  • You are watching all bug changes.