Evan Huus
changed
bug 8904
Comment # 1
on bug 8904
from Evan Huus
Several uninitialized values in dissect_smtp, for example:
Conditional jump or move depends on uninitialised value(s)
at 0x6A0616D: dissect_smtp (packet-smtp.c:870)
by 0x63F6C53: call_dissector_through_handle (packet.c:458)
by 0x63F730F: call_dissector_work (packet.c:552)
by 0x63F7B1B: dissector_try_uint_new (packet.c:969)
by 0x63F7B76: dissector_try_uint (packet.c:995)
by 0x6A39C06: decode_tcp_ports (packet-tcp.c:3864)
by 0x6A3A031: process_tcp_payload (packet-tcp.c:3923)
by 0x6A3A5FC: dissect_tcp_payload (packet-tcp.c:1746)
by 0x6A3C031: dissect_tcp (packet-tcp.c:4758)
Also at lines 890, 927, 949.
And the actual cause of the crash, a memcpy from NULL:
#0 memcpy (__len=6, __src=0x0, __dest=0x7fff46bf3d20)
#1 IsDFP_Frame at packet-pn-rt.c:176
#2 dissect_CSF_SDU_heur at packet-pn-rt.c:262
#3 dissect_PNIO_C_SDU at packet-dcerpc-pn-io.c:9236
#4 dissect_PNIO_heur at packet-dcerpc-pn-io.c:9379
#5 dissector_try_heuristic at packet.c:1807
You are receiving this mail because:
- You are watching all bug changes.