Bug ID |
10037
|
Summary |
Pipe support broken in Wireshark
|
Classification |
Unclassified
|
Product |
Wireshark
|
Version |
1.11.x (Experimental)
|
Hardware |
x86
|
OS |
Ubuntu
|
Status |
UNCONFIRMED
|
Severity |
Major
|
Priority |
Low
|
Component |
Wireshark
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Created attachment 12725 [details]
Trace dump, which opens fine in file-open, but crashes in pipedump
Build Information:
Shark 1.11.4 (v1.11.4-rc1-102-gace8389 from unknown)
Copyright 1998-2014 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.38.1, with libpcap, with libz 1.2.8, with POSIX
capabilities (Linux), without libnl, with SMI 0.4.8, with c-ares 1.10.0, with
Lua 5.1, without Python, with GnuTLS 2.12.23, with Gcrypt 1.5.0, with MIT
Kerberos, with GeoIP.
Running on Linux 3.11.0-12-generic, with locale de_DE.UTF-8, with libpcap
version 1.4.0, with libz 1.2.8.
Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
Built using gcc 4.8.2.
--
Pipe support seems to be broken in wireshark in the current git checkout under
Linux (Win32 seems to be working, OSX still unconfirmed). I have the following
procedure for testing:
1. mkfifo /tmp/wspipe
2. cat pipe_trace.dmp > /tmp/wspipe
3. wireshark -k -i /tmp/wspipe
This leads to a segfault in file.c:1053 which wants to free err_info, but that
address is out-of-bounds according to gdb. *err is set to -12, which is the
error message: "Less data was read than was expected"
If the same file is opened via file->open, no error occurs.
Wireshark 1.10.2 from the Ubuntu repos, seems to have the same issue, and as
this is an issue residing in wiretap, so does tshark (git and 1.10.2).
You are receiving this mail because:
- You are watching all bug changes.