Ethereal-dev: [Ethereal-dev] Ethereal crash

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Ulrich Eckhardt <Ulrich.Eckhardt@xxxxxxxxxxx>
Date: Thu, 26 Oct 2000 11:31:43 +0200
Hi,

when i read an output from tcpdump via ethereal -n -r <dumpfile>
ethereal crashes. This crash seems to come from unkown ipx 
data. Tetheral creash also.

I attach such a tcp-dump file, wich causes ethereal to crash.
The last packet of this dump causes the crash.

I have run ethereal 0.8.12, with GTK+ 1.2.6, with libpcap 0.5, 
with libz 1.1.3, with CMU SNMP (version unknown) on Linux
kernel 2.4.0-test7.

The last words of etherreal :

(gdb) set args -n -r /tmp/t1.dmp
(gdb) run
Starting program: /usr/src/ethereal-0.8.12/ethereal -n -r /tmp/t1.dmp

Program received signal SIGSEGV, Segmentation fault.
tvb_decrement_usage_count (tvb=0x0, count=1) at tvbuff.c:250
250             if (tvb->usage_count <= count) {

and the backtrace :

(gdb) backtrace
#0  tvb_decrement_usage_count (tvb=0x0, count=1) at tvbuff.c:250
#1  0x80f685b in tvb_free (tvb=0x8406a88) at tvbuff.c:209
#2  0x80f67fc in tvb_free_void (tvb=0x8406a88) at tvbuff.c:186
#3  0x80eb181 in do_throw (except=0xbfffe8a8) at except.c:185
#4  0x80eb3f8 in except_throw (except_group=1, except_code=1,
msg=0x81908e0 "XCEPT_GROUP_ETHEREAL")
    at except.c:269
#5  0x80f6cff in check_offset_length (tvb=0x8406a58, offset=14,
length=289, offset_ptr=0x8406a9c,
    length_ptr=0x8406aa0) at tvbuff.c:428
#6  0x80f6dc0 in tvb_set_subset (tvb=0x8406a88, backing=0x8406a58,
backing_offset=14, backing_length=289,
    reported_length=289) at tvbuff.c:450
#7  0x80f6e5b in tvb_new_subset (backing=0x8406a58, backing_offset=14,
backing_length=289,
    reported_length=289) at tvbuff.c:484
#8  0x807b285 in dissect_eth (tvb=0x8406a58, pinfo=0x81e5b20, tree=0x0)
at packet-eth.c:271
#9  0x80ed4e4 in dissect_packet (pseudo_header=0x83d53a4, pd=0x83f31d0
"\001", fd=0x83f6e90, tree=0x0)
    at packet.c:1055
#10 0x80fbae8 in add_packet_to_packet_list (fdata=0x83f6e90,
cf=0x81d58a0, pseudo_header=0x83d53a4,
    buf=0x83f31d0 "\001", refilter=1) at file.c:641
#11 0x80fbe6f in read_packet (cf=0x81d58a0, offset=1671) at file.c:796
#12 0x80fb491 in read_cap_file (cf=0x81d58a0, err=0xbffff814) at
file.c:353
#13 0x8119b1c in main (argc=4, argv=0xbffff974) at
main.c:1271              

Best Regards
Uli

-- 
Ulrich Eckhardt                         Tr@nscom  
http://www.uli-eckhardt.de              http://www.transcom.de
                                        Lagerstra�e 11-15 A8
                                        64807 Dieburg Germany

Attachment: t1.dmp
Description: Binary data