Wireshark · Wireshark-dev: Re: [Wireshark-dev] Wireshark 1.0.7 segfault when loading PCNFSD capture

[Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxxxx>]

Gerald Combs wrote:

> It looks like "data" in pcnfsd_decode_obscure() might be NULL or have an
> invalid value. Would it be possible to open a ticket at
> bugs.wireshark.org and attach your capture file? The bug and/or
> attachment can be marked private if needed.

Hi Gerald,

Yes it looks as if you are absolutely right. It seems that within the 
traces I captured from the client there were several transactions where 
the password field was empty (perhaps because they were just hitting 
enter at the login box when it kept failing?). The segfault occurs 
because pcnfsd_decode_obscure() attempts to alter the string passed to 
it, which fails miserably if the real string is empty and password 
points to a static "<EMPTY>" string instead.

The patch is simple enough that I've attached it here rather than 
opening a new bug on bugs.wireshark.org. Thanks for the excellent support!


ATB,

Mark.

--
Mark Cave-Ayland - Senior Technical Architect
PostgreSQL - PostGIS
Sirius Corporation plc - control through freedom
http://www.siriusit.co.uk
t: +44 870 608 0063

--- wireshark-1.0.7/epan/dissectors/packet-pcnfsd.c	2009-04-09 00:32:49.000000000 +0100
+++ wireshark-1.0.7.mod/epan/dissectors/packet-pcnfsd.c	2009-04-22 08:00:16.000000000 +0100
@@ -238,7 +238,10 @@
 	}
 
 	if (password) {
-		pcnfsd_decode_obscure(password, strlen(password));
+		/* Only attempt to decode the password if it has been specified */
+		if (strcmp(password, "<EMPTY>"))	
+			pcnfsd_decode_obscure(password, strlen(password));
+
 		if (password_tree)
 			proto_tree_add_string(password_tree,
 				hf_pcnfsd_auth_password_clear,