Wireshark-bugs: [Wireshark-bugs] [Bug 5009] New: editcap SEGFAULTs on empty input file

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 14 Jul 2010 16:16:58 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5009

           Summary: editcap SEGFAULTs on empty input file
           Product: Wireshark
           Version: 1.2.9
          Platform: SPARC
        OS/Version: Solaris
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Extras
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: irwin@xxxxxxxxxxxxx


Build Information:
% tshark -v
TShark 1.2.9

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GLib 2.12.12, with libpcap 1.1.1, with libz 1.2.5,
without POSIX capabilities, with libpcre 7.9, without SMI, without c-ares,
without ADNS, without Lua, without GnuTLS, without Gcrypt, without Kerberos,
without GeoIP.

Running on SunOS 5.9, with libpcap version 1.1.1.

Built using gcc 4.1.2.

--
When fed a pcap file containing 0 packets, editcap segfaults:

% /usr/local/etc/tcpdump-4.1.1 -V
tcpdump-4.1.1 version 4.1.1
libpcap version 1.1.1
...

% /usr/local/etc/tcpdump-4.1.1 -c 1 -w sample ip host 1.2.3.4
tcpdump-4.1.1: listening on bge0, link-type EN10MB (Ethernet), capture size
65535 bytes
^C (I interrupted it)
0 packets captured
8 packets received by filter
0 packets dropped by kernel

% ls -l sample
-rw-------   1 irwin    systems       24 Jul 14 19:11 sample

% capinfos sample
File name:           sample
File type:           Wireshark/tcpdump/... - libpcap
File encapsulation:  Ethernet
Number of packets:   0
File size:           24 bytes
Data size:           0 bytes
Capture duration:    n/a
Start time:          n/a
End time:            n/a
Data byte rate:      n/a
Data bit rate:       n/a
Average packet size: 0.00 bytes
Average packet rate: n/a

% editcap sample sample.out
Segmentation Fault (core dumped)

% gdb /usr/local/bin/editcap core
...
Program terminated with signal 11, Segmentation fault.
#0  wtap_dump_close (wdh=0x0, err=0xffbff820) at file_access.c:936
936             if (wdh->subtype_close != NULL) {

(gdb)  bt
#0  wtap_dump_close (wdh=0x0, err=0xffbff820) at file_access.c:936
#1  0x00013e84 in main (argc=3, argv=0xffbff89c) at editcap.c:1263
(gdb) up
#1  0x00013e84 in main (argc=3, argv=0xffbff89c) at editcap.c:1263
1263        if (!wtap_dump_close(pdh, &err)) {
(gdb) print pdh
$1 = (wtap_dumper *) 0x0


Looking at editcap.c, it looks like pdh never got initialized.

Perhaps 
  while (wtap_read(wth, &err, &err_info, &data_offset)) {... }
never executed the block because wtap_read() returned false right away?

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.