Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10582] AMQP dissector crash

Wireshark-bugs: [Wireshark-bugs] [Bug 10582] AMQP dissector crash

Date: Fri, 17 Oct 2014 20:51:35 +0000

Comment # 6 on bug 10582 from Bill Meier

(In reply to Bill Meier from comment #5)
> 
> The attached capture exposes one such case which causes a loop of function
> calls which eventually exhausts the stack.
> 

The AMQP dissector is seeing a large value in the capture file for what it
thinks should be a field specifying the number of elements in an array.

So: Once the dissector is fixed to not crash, the question will then become:

Is this a valid AMQP PDU (which is being dissected incorrectly) ? 

(Given the file name, I expect that the capture really contains an AMQP PDU
(and not something else which happened to use the AMQP TCP port)).

If so, some questions:

1. What version of AMQP is being used ?

2. What software (client/broker, etc) is being used which resulted in the
captured packet ?

3. ...

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 10582] New: Problem opening capture!
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10582] AMQP dissector crash
Next by Date: [Wireshark-bugs] [Bug 9626] [BACnet] Event Notifications of Event Type CHANGE_OF_STATUS_FLAGS are not decoded properly
Previous by thread: [Wireshark-bugs] [Bug 10582] AMQP dissector crash
Next by thread: [Wireshark-bugs] [Bug 10582] AMQP dissector crash
Index(es):
- Date
- Thread