https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7085
Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |darkjames-ws@xxxxxxxxxxxx
--- Comment #3 from Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> 2012-04-14 05:06:26 PDT ---
My analysis:
- conversation->last is set only for first item
- for all other elements it's NULL (or random when scrubbing enabled)
In conversation_set_addr2(), conversation_set_port2() we can add *any*
conversation to other hashtable.
(by any I mean that it can have ->last set to NULL/random)
If memory is scrubbed it will sigsegv in find_or_create_conversation():
#v+
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff51dc039 in conversation_lookup_hashtable (hashtable=0x1b5f4c0,
frame_num=3, addr1=0x7fffffffc698, addr2=0x7fffffffc6a8, ptype=PT_TCP,
port1=3398, port2=6087)
at conversation.c:726
726
if((match->last)&&(match->last->setup_frame<=frame_num))
(gdb) print match->last
$1 = (struct conversation *) 0xbaddcafebaddcafe
#v-
If memory is zeroed it will sigsegv in conversation_new()
#v+
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff51dba47 in conversation_new (setup_frame=3, addr1=0x7fffffffc6b8,
addr2=0x7fffffffc6c8, ptype=PT_TCP, port1=3398, port2=6087, options=0) at
conversation.c:568
568 if(setup_frame>=conversation->last->setup_frame) {
(gdb) print conversation->last
$1 = (struct conversation *) 0x0
#v-
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.