Wireshark-bugs: [Wireshark-bugs] [Bug 5095] new dissector for Apache Etch

Date: Mon, 18 Oct 2010 10:15:15 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5095

Bill Meier <wmeier@xxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED

--- Comment #18 from Bill Meier <wmeier@xxxxxxxxxxx> 2010-10-18 13:15:06 EDT ---
Ok: I've committed the dissector (with some additional changes from me)
    in SVN #34558.

It would be much appreciated if you could add a page for the
ETCH protocol to the Wireshark Wiki  (wiki.wireshark.org).

See: http://wiki.wireshark.org/HowToEdit
and  http://wiki.wireshark.org/ProtocolReference 

Thanks for your contribution !

--------------------

The main changes I made:

1. Fix a bug in add_symbol which caused intermittent Wireshark crashes.

   Specifically:  
          gchar* tmp_val = (gchar *) g_malloc(strlen(symbol) + 1);
          ...
          g_snprintf(tmp_val, ETCH_MAX_SYMBOL_LENGTH, "%s", symbol);

      caused problems because ETCH_MAX_SYMBOL_LENGTH was larger than
      the size of the allocated buffer.

      It seems that g_snprintf requires that the provided buffer be of the
      length specified even if it is known/guaranteed that strlen(symbol)
      is less that length. Apparently g_snprintf writes to (initializes ?)
      (some part of ?) the complete buffer.

      So: the g_snprintf above was trashing memory beyond the space
      allocated and thus eventually a crash sometimes occurred.

      I fixed the bug by simplifying the code and by using
      g_strdup_printf(...).

2. The tvb_length checks you so carefully added in the latest patch aren't 
   really needed. If dissector code attempts to access data beyond the end of
   that contained in a frame (ie: a tvbuff), Wireshark will gracefully
   handle that by generating an exception and displaying a "Malformed" message
   (or something similar). 
   So: I removed the checks.  :)

3. I tightened up the error checking done when reading the symbol hash file.

4. Although I originally suggested the use of report_open_failure(), I
   decided to make a change to use report_failure() showing the error
   message returned from ws_dir_open().

In addition to the above, I did some additional relatively minor cleanup.

-- On a different mote:

 Originally I wasn't comfortable with the code related to:
     /* Switch to another frame? => Clear column */

After doing some testing with the "multipacket" capture you provided (and with
another that I generated) I've convinced myself that the code is OK.

I'll attach another "multipacket" capture file with a frame containing a full
PDU as well as a partial PDU.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.