Wireshark · Wireshark-dev: Re: [Wireshark-dev] new dissector for ETSI DCP (ETSI TS 102 821)

Wireshark-dev: Re: [Wireshark-dev] new dissector for ETSI DCP (ETSI TS 102 821)

From: Stephen Fisher <stephentfisher@xxxxxxxxx>

Date: Fri, 29 Dec 2006 12:40:07 -0800

On Sun, Dec 10, 2006 at 01:57:15PM +0000, Bill Meier wrote:

> Julian:
> 
> Could you possibly take a look at report # 1264 (if you haven't 
> already seen it) ?
> 
> http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1264
> 
> It seems to involve an "Infinite loop at frame 75 on fragmented 
> DCP-PFT protocol in packet-dcp-etsi.c"

I've found the culprit - a pair of loops starting at line 273 of 
packet-dcp-etsi.c:

      for(i=0,j=0; i<fragments; i++,j++) {
        while(j<got[i]) {
          frag = fragment_add_seq_check (dummytvb, 0, pinfo, seq,	
            dcp_fragment_table, dcp_reassembled_table, j, plen, (j+1!=fcount));
		.
		.

Why would it be running fragment_add_seq_check() for every fragment 
number from 0 to the fragment index number from the packet (got[0]) (in 
this fuzz capture's case, 4,456,448)?  I can't find any fragmented 
DPC-PFT captures to test changes on as the fuzz file only has one.

Steve

References:
- Re: [Wireshark-dev] new dissector for ETSI DCP (ETSI TS 102 821)
  - From: Bill Meier

Prev by Date: [Wireshark-dev] layer 2 dissector
Next by Date: Re: [Wireshark-dev] gentoo section addition to user guide
Previous by thread: Re: [Wireshark-dev] new dissector for ETSI DCP (ETSI TS 102 821)
Next by thread: [Wireshark-dev] [PATCH] COS DSCP Column patch
Index(es):
- Date
- Thread