Wireshark-dev: Re: [Wireshark-dev] Segmentation fault in dissector

From: "ronnie sahlberg" <ronniesahlberg@xxxxxxxxx>
Date: Tue, 27 Mar 2007 21:50:57 +0000
Is this a proprietary dissector  or a dissector you plan to contribute
to wirehsark?


On 3/27/07, durgabhavani.uppuluru@xxxxxxxxx
<durgabhavani.uppuluru@xxxxxxxxx> wrote:

Hi,



We are using a 32 bit machine and dissector is working fine. The same
dissector when used in a 64 bit m/c is giving problems. I would like to
know how is it going to get affected in the change of environment,
because initially it did not even compile properly .While testing in a
64 bit machine the wireshark is getting crashed giving the following
error:



Inside unpack digits , length = 29 and offset is = 18





Program received signal SIGSEGV, Segmentation fault.

[Switching to Thread 182924546464 (LWP 1776)]

0x0000002a9b46afb7 in unpack_digits (tvb=0x10dfbd8, offset=18,
dgt=0x2a9b588e78) at packet-xxx.c:4488

4488                    digit_str[i] = dgt->out[octet & 0x0f];

(gdb)





The code for unpack digits is as follows:



static char*

unpack_digits(tvbuff_t *tvb, int offset, dgt_set_t *dgt){



        int length, length_fake, offset_fake, counter=0;

        guint8 octet, num_of_digits_imsi;

        int i=0;

        char *digit_str;



        length = tvb_length(tvb);

        printf("\n\nInside unpack digits , length = %d and offset is =
%d\n\n",length,offset);

        if (length < offset)

                return "";

        digit_str = ep_alloc((length - offset)*2+1);



        offset_fake = offset-1;

        num_of_digits_imsi = tvb_get_guint8(tvb,offset_fake);

        if( (num_of_digits_imsi % 2) == 0 )

                        length_fake = num_of_digits_imsi / 2;

        else

                        length_fake = (num_of_digits_imsi+1)/2;



        printf("\noffset_fake = %d\tnum_of_digits_imsi = %d\tlength_fake
=  %d",offset_fake,num_of_digits_imsi,length_fake);

        while ( counter < length_fake ){



                octet = tvb_get_guint8(tvb,offset);



                digit_str[i] = dgt->out[octet & 0x0f];

                i++;



                /* unpack second value in byte */

                octet = octet >> 4;



                if (octet == 0x0f)      /* odd number bytes - hit filler
*/

                        break;



                digit_str[i] = dgt->out[octet & 0x0f];

                i++;

                offset++;

                counter++;



        }

        digit_str[i]= '\0';

        return digit_str;

}





Can anybody please help???



Regards,

Bhavani.




The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not
the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The
company accepts no liability for any damage caused by any virus transmitted
by this email.

www.wipro.com