Wireshark-users: Re: [Wireshark-users] in >wireshark-2.0.2, tshark follow ssl stream segfaults
From: Miroslav Rovis <miro.rovis@xxxxxxxxxxxxxxxxx>
Date: Wed, 13 Jul 2016 08:36:37 +0200
On 160712-18:37-0400, Jeff Morriss wrote:
...
> > tshark -o "ssl.keylog_file: dump_160606_1xxx_SSLKEYLOGFILE.txt" -r \
> >         "dump_160606_1328_g0n.pcap" -T fields -e data -qz follow,ssl,raw,0
> > \
> >         | grep -E '[[:print:]]' > dump_160606_1328_g0n_s000-ssl.raw
> >
> > gets me these in the syslog:
> >
> 
> [...]
> 
> 
> > Jul 12 18:01:53 g0n kernel: [158754.612649] traps: tshark[11975] general
> > protection ip:23c0292717 sp:3cdf3aec7f0 error:0 in
> > tshark[23c026e000+43000]
> >
> > Jul 12 18:01:53 g0n kernel: [158754.612673] grsec: (miro:U:/)
> > Segmentation fault occurred at            (nil) in
> > /usr/bin/tshark[tshark:11975] uid/euid:1000/1000 gid/egid:1000/1000,
> > parent /bin/bash[bash:29776] uid/euid:1000/1000 gid/egid:1000/1000
> >
> 
> tshark is crashing due to a segmentation violation.  That's a bug.  Please
> open a bug report:
> 
> https://bugs.wireshark.org
> 
> Please attach the capture file and include your instructions to reproduce
> it from above (just so folks don't have to go retrieve that from the email
> and your web site).

The bug has been filed:

in >wireshark-2.0.2, tshark follow ssl stream segfaults
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12616

Regards!
-- 
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr

Attachment: signature.asc
Description: PGP signature