Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10476] Consistent crashes reading PCAP from tPacketCapture Android app on 1.12

Wireshark-bugs: [Wireshark-bugs] [Bug 10476] Consistent crashes reading PCAP from tPacketCapture

Date: Wed, 17 Sep 2014 18:38:49 +0000

Comment # 17 on bug 10476 from Pascal Quantin

(In reply to Alex Kirk from comment #16)
> Bill was correct on both fronts. Landed now, and it was in fact Frame 412.
> 
> Identical crash when running with "-C Default". I didn't think I had made
> any config changes on that particular installation.
> 
> As for that pointer - invalid as in NULL, or pointing off somewhere wonky in
> memory? If the latter, my immediate thought would be to see if the value
> retrieved looks like it came from that frame, because if that's the case,
> it's most likely exploitable.

Invalid as we get a non null but wrong pointer (not the address that we pushed
in the TRY block (tshark.c:2092) at the very beginning of the dissection).
To make things clear: it's not the dissection of the last frame on which tshark
chokes, but on the ENDTRY block (tshark.c:2111) once dissection is complete.

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 10476] New: Consistent crashes reading PCAP from tPacketCapture Android app on 1.12.0
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 3560] USB Packets in pcap-ng Files Not Dissected Properly
Next by Date: [Wireshark-bugs] [Bug 7279] WiMax\M2M Dissectors failure. Worked in v1.0.15, fails under 1.6.8 Win32 & RHEL5.7
Previous by thread: [Wireshark-bugs] [Bug 10476] Consistent crashes reading PCAP from tPacketCapture Android app on 1.12.0
Next by thread: [Wireshark-bugs] [Bug 10476] Consistent crashes reading PCAP from tPacketCapture Android app on 1.12.0
Index(es):
- Date
- Thread