https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7436
Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |darkjames-ws@xxxxxxxxxxxx
--- Comment #7 from Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> 2012-07-05 13:05:17 PDT ---
(In reply to comment #5)
> Is this right? In the sample, "0x6a617200" is "jar\000", i.e. the end of the
> filename in the OPEN request. However, your version does indeed take 2.4x
> longer to run (0xffffffff/0x6a617200). I don't understand how part of the
> filename is ending up as a loop counter.
Good point, when there's no tree then offset from some function is not properly
returned (like in dissect_nfs_open_claim4, dissect_nfs_openflag4).
There's actually no CREATE_SESSION in packet, so dissect_rpc_chanattrs4()
should not be called in first place.
Jeff, I'm going to fix it and close this bug
I can try to craft malformed packet with CREATE_SESSION and add to another bug
(like bug #3290?), it's fine for you?
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.