Ethereal-users: Re: [ethereal-users] Ethereal (multiple vers) core dumps on Sol 7 withAFS traffi

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Fri, 14 Jan 2000 20:10:44 -0800
> I got a little further this time, but I think the same is true with
> dissect_afs().  I'll try to fix it myself also...

After seeing the unaligned dereference in the BGP dissector, I decided
to go on a bug hunt, and cleaned up the AFS, IPv6, and PIM dissectors as
well.

I've attached the patch to the AFS dissector.

Index: packet-afs.c
===================================================================
RCS file: /usr/local/cvsroot/ethereal/packet-afs.c,v
retrieving revision 1.8
diff -c -r1.8 packet-afs.c
*** packet-afs.c	2000/01/07 22:05:28	1.8
--- packet-afs.c	2000/01/15 04:10:12
***************
*** 764,771 ****
  	}
  
  	request_key.conversation = conversation->index;	
! 	request_key.service = ntohs(rxh->serviceId);
! 	request_key.callnumber = ntohl(rxh->callNumber);
  
  	request_val = (struct afs_request_val *) g_hash_table_lookup(
  		afs_request_hash, &request_key);
--- 764,771 ----
  	}
  
  	request_key.conversation = conversation->index;	
! 	request_key.service = pntohs(&rxh->serviceId);
! 	request_key.callnumber = pntohl(&rxh->callNumber);
  
  	request_val = (struct afs_request_val *) g_hash_table_lookup(
  		afs_request_hash, &request_key);
***************
*** 778,784 ****
  		*new_request_key = request_key;
  
  		request_val = g_mem_chunk_alloc(afs_request_vals);
! 		request_val -> opcode = ntohl(afsh->opcode);
  		opcode = request_val->opcode;
  
  		g_hash_table_insert(afs_request_hash, new_request_key,
--- 778,784 ----
  		*new_request_key = request_key;
  
  		request_val = g_mem_chunk_alloc(afs_request_vals);
! 		request_val -> opcode = pntohl(&afsh->opcode);
  		opcode = request_val->opcode;
  
  		g_hash_table_insert(afs_request_hash, new_request_key,
***************
*** 959,965 ****
   */
  
  /* Get the next available integer, be sure and call TRUNC beforehand */
! #define GETINT() (ntohl( *((int*)&pd[curoffset]) ))
  
  /* Check if enough bytes are present, if not, return to caller
     after adding a 'Truncated' message to tree */
--- 959,965 ----
   */
  
  /* Get the next available integer, be sure and call TRUNC beforehand */
! #define GETINT() (pntohl(&pd[curoffset]))
  
  /* Check if enough bytes are present, if not, return to caller
     after adding a 'Truncated' message to tree */
***************
*** 1108,1114 ****
  #define STROUT(field) \
  	{	int i; \
  		TRUNC(4); \
! 		i = ntohl(*((int *) &pd[curoffset])); \
  		curoffset += 4; \
  		TRUNC(i); \
  		if ( i > 0 ) { \
--- 1108,1114 ----
  #define STROUT(field) \
  	{	int i; \
  		TRUNC(4); \
! 		i = pntohl(&pd[curoffset]); \
  		curoffset += 4; \
  		TRUNC(i); \
  		if ( i > 0 ) { \
***************
*** 1188,1194 ****
  	curoffset = offset;
  
  	TRUNC(sizeof(guint32));
! 	bytes = ntohl(*((int *) &pd[curoffset]));
  	UINTOUT(hf_afs_fs_acl_datasize);
  
  	TRUNC(bytes);
--- 1188,1194 ----
  	curoffset = offset;
  
  	TRUNC(sizeof(guint32));
! 	bytes = pntohl(&pd[curoffset]);
  	UINTOUT(hf_afs_fs_acl_datasize);
  
  	TRUNC(bytes);
***************
*** 1367,1373 ****
  			unsigned int j,i;
  			TRUNC(1);
  
! 			j = ntohl( *((int*)&pd[curoffset]) );
  			curoffset += 1;
  			for (i=0; i<j; i++)
  			{
--- 1367,1373 ----
  			unsigned int j,i;
  			TRUNC(1);
  
! 			j = pntohl(&pd[curoffset]);
  			curoffset += 1;
  			for (i=0; i<j; i++)
  			{