Ethereal-users: Re: [Ethereal-users] core dump when reading snoop of ldap protocol
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Matt Selsky <selsky@xxxxxxxxxxxx>
Date: Sun, 27 Jul 2003 20:55:26 -0400
I'm using a null DN to do the bind. The problem appears to be with read_string_value() static int read_string_value(ASN1_SCK *a, proto_tree *tree, int hf_id, proto_item **new_item, char **s, int start, guint length) s = 0 and length = 0 Since length = 0, string = "(null)"; But at the end of the function: if (s && length) *s = string; else if (length) g_free(string); s should be set to string, but it's not since s is null. On Sun, Jul 27, 2003 at 07:21:33PM -0400, Matt Selsky wrote: > I captured an ldap request using snoop on Solaris9 and then tried to > read the snoop file in tethereal 0.9.14 and got a segmentation fault. > I was able to open the snoop file in 0.9.9 however. > > The segfault occurs during the processing of the "bind request" packet. > > Let me know if it would be helpful to post the problematic packet > itself. > > Here's a backtrace from the core file: > > (gdb) bt > #0 0xfef33474 in strlen () from /usr/lib/libc.so.1 > #1 0xfef85798 in _doprnt () from /usr/lib/libc.so.1 > #2 0xfef8777c in vsnprintf () from /usr/lib/libc.so.1 > #3 0x00252bac in col_append_fstr (cinfo=0x5d11e4, el=124, format=0x367000 ", DN=%s") at column-utils.c:271 > #4 0x0011cd8c in dissect_ldap_request_bind (a=0xffbfe618, tree=0x0, tvb=0x6de488, pinfo=0x6de2d8) at packet-ldap.c:903 > #5 0x0011e36c in dissect_ldap_message (tvb=0x6de488, offset=2, pinfo=0x6de2d8, ldap_tree=0x0, ldap_item=0x0, first_time=1) at packet-ldap.c:1602 > #6 0x0011eb88 in dissect_ldap (tvb=0x6de454, pinfo=0x6de2d8, tree=0x0) at packet-ldap.c:2028 > #7 0x00256228 in call_dissector_through_handle (handle=0x64a158, tvb=0x6de454, pinfo=0x6de2d8, tree=0x0) at packet.c:354 > #8 0x002565ec in call_dissector_work (handle=0x64a158, tvb=0x6de454, pinfo=0x6de2d8, tree=0x0) at packet.c:496 > #9 0x002568e8 in dissector_try_port (sub_dissectors=0x0, port=389, tvb=0x6de454, pinfo=0x6de2d8, tree=0x0) at packet.c:712 > #10 0x001f8f3c in decode_tcp_ports (tvb=0x6de454, offset=20, pinfo=0x6de2d8, tree=0x0, src_port=35203, dst_port=35203, nxtseq=4293804594) at packet-tcp.c:2044 > #11 0x001f9ea4 in dissect_tcp (tvb=0x6de420, pinfo=0x6de2d8, tree=0x0) at packet-tcp.c:2461 > #12 0x00256228 in call_dissector_through_handle (handle=0x6517a8, tvb=0x6de420, pinfo=0x6de2d8, tree=0x22) at packet.c:354 > #13 0x002565ec in call_dissector_work (handle=0x6517a8, tvb=0x6de420, pinfo=0x6de2d8, tree=0x0) at packet.c:496 > #14 0x002568e8 in dissector_try_port (sub_dissectors=0x0, port=6, tvb=0x6de420, pinfo=0x6de2d8, tree=0x0) at packet.c:712 > #15 0x000f8fc0 in dissect_ip (tvb=0x6de3ec, pinfo=0x6de2d8, tree=0x0) at packet-ip.c:1092 > #16 0x00256228 in call_dissector_through_handle (handle=0x5dce60, tvb=0x6de3ec, pinfo=0x6de2d8, tree=0x0) at packet.c:354 > #17 0x002565ec in call_dissector_work (handle=0x5dce60, tvb=0x6de3ec, pinfo=0x6de2d8, tree=0x0) at packet.c:496 > #18 0x002568e8 in dissector_try_port (sub_dissectors=0x0, port=2048, tvb=0x6de3ec, pinfo=0x6de2d8, tree=0x0) at packet.c:712 > #19 0x000b2980 in ethertype (etype=2048, tvb=0x6de3b8, offset_after_etype=14, pinfo=0x6de2d8, tree=0x0, fh_tree=0x0, etype_id=2655, trailer_id=2657) at packet-ethertype.c:167 > #20 0x000b24c8 in dissect_eth (tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet-eth.c:268 > #21 0x00256228 in call_dissector_through_handle (handle=0x5d3848, tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet.c:354 > #22 0x002565ec in call_dissector_work (handle=0x5d3848, tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet.c:496 > #23 0x002568e8 in dissector_try_port (sub_dissectors=0x0, port=1, tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet.c:712 > #24 0x000c85c4 in dissect_frame (tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet-frame.c:179 > #25 0x00256228 in call_dissector_through_handle (handle=0x5d38d8, tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet.c:354 > #26 0x002565ec in call_dissector_work (handle=0x5d38d8, tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet.c:496 > #27 0x002573a0 in call_dissector (handle=0x5d38d8, tvb=0x6de3b8, pinfo=0x6de2d8, tree=0x0) at packet.c:1255 > #28 0x0025611c in dissect_packet (edt=0x6de2d0, pseudo_header=0x6b7a64, pd=0x6c88f8 "\b", fd=0xffbff818, cinfo=0x5d11e4) at packet.c:310 > #29 0x00254758 in epan_dissect_run (edt=0x6de2d0, pseudo_header=0x6b7a64, data=0x6c88f8 "\b", fd=0xffbff818, cinfo=0x5d11e4) at epan.c:106 > #30 0x0023f850 in wtap_dispatch_cb_print (user=0x5c10c0 "", phdr=0x6b7a50, offset=7201488, pseudo_header=0x6b7a64, buf=0x6c88f8 "\b") at tethereal.c:2217 > #31 0x0024d890 in wtap_loop (wth=0x6b7a38, count=0, callback=0x23f774 <wtap_dispatch_cb_print>, user=0xffbff948 "", err=0xffbff944) at wtap.c:345 > #32 0x0023f260 in load_cap_file (cf=0x5c10c0, out_file_type=2) at tethereal.c:1939 > #33 0x0023e214 in main (argc=65852, argv=0x1012c) at tethereal.c:1232 > > _______________________________________________ > Ethereal-users mailing list > Ethereal-users@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-users
- Follow-Ups:
- Re: [Ethereal-users] core dump when reading snoop of ldap protocol
- From: Guy Harris
- Re: [Ethereal-users] core dump when reading snoop of ldap protocol
- References:
- [Ethereal-users] core dump when reading snoop of ldap protocol
- From: Matt Selsky
- [Ethereal-users] core dump when reading snoop of ldap protocol
- Prev by Date: [Ethereal-users] core dump when reading snoop of ldap protocol
- Next by Date: [Ethereal-users] tethereal packet-length in real-time
- Previous by thread: [Ethereal-users] core dump when reading snoop of ldap protocol
- Next by thread: Re: [Ethereal-users] core dump when reading snoop of ldap protocol
- Index(es):