["Dr. Uwe Girlich" <Uwe.Girlich@xxxxxxxxxxx>]

Hello list!

> Should maybe the lines:
> ---------------------------------
>    proto_tree_add_bytes_format(string_tree,
>        hfindex, tvb, offset, string_length_copy,
>     string_buffer_print,
>     "contents: %s", string_buffer_print);
> be changed into something like:
> --------------------------------------------
>    proto_tree_add_bytes_format(string_tree,
>        hfindex, tvb, offset, string_length_copy,
>     string_buffer,
>     "contents: %s", string_buffer_print);
That's the point. I just checked this correction in (packet-rpc.c 1.109).
We have this totally wrong code since

>revision 1.56
>date: 2001/04/18 20:27:42;  author: guy;  state: Exp;  lines: +4 -2
>Change from Ronnie Sahlberg to add ONC RPC strings to the tree as
>strings, with a field index, rather than as text, so they can be
>filtered.

string_buffer_print holds the print data only, which may be identically to the
original data (and a '\0') but may also contain something like
"<DATA><TRUNCATED>" or similar stuff. But proto_tree_add_bytes_format() get
this pointer together with the full available size string_length_copy and tries
to copy all the data.

If this copy failes, we have copied too many bytes and found an unmapped
address. Here we learn again, that different malloc() strategies (of different
operating systems) are good to have to find such errors. We should consider
"valgrinding" ethereal.

Bye, Uwe