Wireshark-bugs: [Wireshark-bugs] [Bug 9999] Buildbot crash output: randpkt-2014-04-17-16318.pcap

Date: Fri, 18 Apr 2014 22:21:17 +0000

changed bug 9999

What Removed Added
CC   [email protected]

Comment # 3 on bug 9999 from
Hmm, I'm hitting a different assertion than the one the build-bot reported. The
one I'm hitting makes no sense though (I've no idea why the tvb would be null)
so I'm going to focus on the buildbot one.

It seems to be the result of a protocol adding an FT_NONE with length -1 (to
end of buffer) but an offset already past the end of the tvb. The
get_hfi_and_length function treats that as an assertable error condition, but
I'm not sure why. And since get_hfi_and_length is now called *first* in
proto_tree_add_item (before bounds checks) it's blowing up.

Jeff, thoughts? I would assume that get_hfi_and_length should do nothing in
that case, so that test_length() can throw a normal out-of-bounds exception.
Unless some other caller of get_hfi_and_length (maybe alloc_field_info) is
relying on this behaviour?

Also odd: the same code path and assertions seem to exist in trunk, but this
bug is not reproducible.


You are receiving this mail because:
  • You are watching all bug changes.