On Monday, June 30, 2003, at 3:32PM, Nathan Way wrote:
Here is the raw capture file. Frame 782 gives Ethereal 0.9.11 fits -
it will segment fault when trying to display that particular frame.
I'm not sure now if I've thoroughly tried this with Ethereal 0.9.13.
I have about 15 saved capture files that cause 0.9.13 to segment fault
but I am not certain it is related to the MAPI decode. I will do some
more looking on my end.
The current CVS version of Ethereal has no problem with that frame; the
code to handle that particular type of string did change between 0.9.13
and the current CVS version, but it also changed from 0.9.12 (when the
code *would* have tried to allocate a huge chunk of memory) to 0.9.13
(when I checked in a change to keep it from doing so).
Another 0.9.12 -> 0.9.13 change was a fix to the dissection of logon
replies - as I remember, the fix was done to keep it from fetching
bogus data as the length of a string.
So that particular bug was probably fixed in 0.9.13; the other bugs
might, or might not, be fixed in the current CVS version, so see if you
can isolate them and then report them, and we can see whether they're
ones we know about and fixed or not.