Wireshark · Wireshark-dev: Re: [Wireshark-dev] Should we check value_strings for NULL termination while registering?

Wireshark-dev: Re: [Wireshark-dev] Should we check value_strings for NULL termination while reg

From: Ulf Lamping <ulf.lamping@xxxxxx>

Date: Fri, 22 Sep 2006 00:20:43 +0200

Gilbert Ramirez wrote:

I believe we do this in the build-bot testing, by doing:

tshark -G values

Since that operation iterates across all the value_string arrays, a
non-terminated array will result in an error .... or at least it
should.

Is that enough testing?

Unsure. It can drive you mad if you develop a dissector and crash forthat reason as there's no hint into that direction. It can take youhours of development time to find the cause.

So it's basically a tradeoff between ease of development (crash if thevalue_string isn't zero terminated) and program startup time (as thischeck obviously will require some time to be done).

The build-bot tests are (hopefully) done long after the dissector isdeveloped and seems to work perfectly. So yes, it helps to make sure nosecurity related bugs are introduced but no, it won't help much duringdevelopment time of an (unexperienced) developer.


Regards, ULFL

Follow-Ups:
- Re: [Wireshark-dev] Should we check value_strings for NULL termination while registering?
  - From: Jeff Morriss

References:
- [Wireshark-dev] Should we check value_strings for NULL termination while registering?
  - From: Ulf Lamping
- Re: [Wireshark-dev] Should we check value_strings for NULL termination while registering?
  - From: Gilbert Ramirez

Prev by Date: Re: [Wireshark-dev] Why is AUTHORS-SHORT-FORMAT installed with the Win32 installer?!?
Next by Date: Re: [Wireshark-dev] Why is AUTHORS-SHORT-FORMAT installed with the Win32 installer?!?
Previous by thread: Re: [Wireshark-dev] Ethereal 0.10.11 vs WireShark 0.99.3
Next by thread: Re: [Wireshark-dev] Should we check value_strings for NULL termination while registering?
Index(es):
- Date
- Thread