| Bug ID |
10636
|
| Summary |
crashing while dissecting nfs traces with callbacks
|
| Product |
Wireshark
|
| Version |
Git
|
| Hardware |
x86
|
| OS |
All
|
| Status |
UNCONFIRMED
|
| Severity |
Major
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 13208 [details]
[PATCH] rpc: ignore duplicate program registrations
Build Information:
local build of 58304b9e3e2b "S1AP: Add an S1AP context to be able to determine
which message and..."
--
4afd70d4e46c "Use g_hash_table_new_full to free some values" (fix for bug
10261) introduced a use-after-free.
The problem is that some rpc_call->proc_info can point to an rpc procedure, so
it isn't necessarily safe to free rpc procedures.
Results are segfaults and garbled text in the info column for NFSv4 callbacks.
The attached patch fixes the segfaults and garbled text, by just refusing to
register duplicate rpc procedures. (They are never removed from the hash
table, so the only time they are freed is when they're replaced.)
Another alternative might be just to revert the original change.
You are receiving this mail because:
- You are watching all bug changes.