http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2072
------- Comment #4 from jeff.morriss@xxxxxxxxxxx 2007-12-05 21:09 GMT -------
Hum, it is crashing here:
uiuc = NIB_NIBBLE(nibble + 4, bufptr);
where:
(gdb) print nibble
$1 = 38
(gdb) print bufptr
$2 = (const guint8 *) 0xd9236c "Ô\n@Ô"
The pointer is fine but "nibble+4" is 42 and that macro expands to:
/* extract the nibble at the given nibble address 'n' of buffer 'b' */
#define NIB_NIBBLE(n,b) \
(((n) & 1) \
? (b)[(n)/2] & NIBBLE_MASK \
: ((b)[(n)/2] >> 4) & NIBBLE_MASK)
which means it's going to access bufptr[21] which is not a nice round
32-bit-aligned address.
(So it's probably not coring for me as a result of the fuzzing of the capture
file but rather because of the way the plugin was programmed. Not sure if we
should open a different bug for this or leave it here...)
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.