Evan Huus
changed
bug 9999
Comment # 3
on bug 9999
from Evan Huus
Hmm, I'm hitting a different assertion than the one the build-bot reported. The
one I'm hitting makes no sense though (I've no idea why the tvb would be null)
so I'm going to focus on the buildbot one.
It seems to be the result of a protocol adding an FT_NONE with length -1 (to
end of buffer) but an offset already past the end of the tvb. The
get_hfi_and_length function treats that as an assertable error condition, but
I'm not sure why. And since get_hfi_and_length is now called *first* in
proto_tree_add_item (before bounds checks) it's blowing up.
Jeff, thoughts? I would assume that get_hfi_and_length should do nothing in
that case, so that test_length() can throw a normal out-of-bounds exception.
Unless some other caller of get_hfi_and_length (maybe alloc_field_info) is
relying on this behaviour?
Also odd: the same code path and assertions seem to exist in trunk, but this
bug is not reproducible.
You are receiving this mail because:
- You are watching all bug changes.