Ethereal-dev: [Ethereal-dev] assertion failed in both ethereal and tethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Andrew Hood <ajhood@xxxxxxxxx>
Date: Sat, 28 Aug 2004 22:00:17 +1000
ethereal 0.10.6 (SVN 20040827090146)
Compiled with GTK+ 2.3.0, with GLib 2.3.5, with libpcap 0.8.3, with libz 1.1.4, 
with libpcre 4.4, with Net-SNMP 5.1, with ADNS.
Running with libpcap version 0.8.3 on Linux 2.4.21.
I got this crash from both ethereal and tethereal. The attached pcap is enough to trigger it. It does not happen with 0.10.5 (SVN 20040723183607) and the same versions of glib, gtk, libpcap, libz and ADNS. 

==============
GLib-CRITICAL **: file gmem.c: line 746 (g_mem_chunk_alloc): assertion `mem_chunk != NULL' failed 

This partial trace is from "tethereal -r segv.pcap"
(process:18968): GLib-CRITICAL **: file gmem.c: line 746 (g_mem_chunk_alloc): assertion `mem_chunk != NULL' failed 

Program received signal SIGSEGV, Segmentation fault.
get_tcp_conversation_data (pinfo=0x81e6ef0) at packet-tcp.c:293
293                     tcpd->ual1=NULL;
(gdb) bt
#0  get_tcp_conversation_data (pinfo=0x81e6ef0) at packet-tcp.c:293
#1 0x404ab70a in verify_tcp_window_scaling (pinfo=0x81e6ef0) at packet-tcp.c:502 

Rest of backtrace seems irrelevent due to analysis below.
==============
It looks like get_tcp_conversation_data tries to use tcp_analysis_chunk but tcp_analyze_seq_init did not initialise it because tcp_analyze_seq was zero. The default value of tcp.analyze_sequence_numbers appears to be FALSE which explains that.
So is the correct answer to check tcp_analyze_seq before calling verify_tcp_window_scaling? That certainly fixes the crash. 

Index: epan/dissectors/packet-tcp.c
===================================================================
--- epan/dissectors/packet-tcp.c        (revision 11842)
+++ epan/dissectors/packet-tcp.c        (working copy)
@@ -2893,7 +2893,8 @@
    * then we should just forget about the windowscaling completely.
    */
   if(!pinfo->fd->flags.visited){
-    if((tcph->th_flags & (TH_SYN|TH_ACK))==(TH_SYN|TH_ACK)) {
+    if(tcp_analyze_seq &&
+       ((tcph->th_flags & (TH_SYN|TH_ACK))==(TH_SYN|TH_ACK))) {
       verify_tcp_window_scaling(pinfo);
     }
   }


--
There's no point in being grown up if you can't be childish sometimes.
                -- Dr. Who

Attachment: segv.pcap
Description: Binary data