Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 1264] Buildbot crash output: fuzz-2006-12-08-11198.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 1264] Buildbot crash output: fuzz-2006-12-08-11198.pcap

Date: Tue, 2 Jan 2007 02:55:33 +0000 (GMT)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1264





------- Comment #5 from stephentfisher@xxxxxxxxx  2007-01-02 02:55 GMT -------
I've found the culprit - a pair of loops starting at line 273 of
packet-dcp-etsi.c:

      for(i=0,j=0; i<fragments; i++,j++) {
        while(j<got[i]) {
          frag = fragment_add_seq_check (dummytvb, 0, pinfo, seq,
            dcp_fragment_table, dcp_reassembled_table, j, plen, (j+1!=fcount));
                .
                .

Why would it be running fragment_add_seq_check() for every fragment
number from 0 to the fragment index number from the packet (got[0]) (in
this fuzz capture's case, 4,456,448)?  I can't find any fragmented
DPC-PFT captures to test changes on as the fuzz file only has one.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Prev by Date: [Wireshark-bugs] [Bug 760] Wrong timestamps for sniffer Cap file
Next by Date: [Wireshark-bugs] [Bug 1279] Negative values for RTCP round trip delay cannot be stored in guint32
Previous by thread: [Wireshark-bugs] [Bug 760] Wrong timestamps for sniffer Cap file
Next by thread: [Wireshark-bugs] [Bug 1264] Buildbot crash output: fuzz-2006-12-08-11198.pcap
Index(es):
- Date
- Thread