Hi,
Le mardi 24 mars 2009 ᅵ 19:46 +0800, yami a ᅵcrit :
> Hi
>
> I've tried Didier's patch in Windows (compiled in MSVC 2005 Express
> with a few code tweak).
Great, I think you are the first on Windows, can you mail me your
change? (I haven't a Windows tool chain).
About your patch, two small stuffs:
- if redissect is true you always have to call dcache_cleanup(). IMO a
better place is in epan/packet.c:init_dissection()
- There's a problem with the syntax tree cache (st_root), in:
tcp.stream eq 9
9 is a fvalue allocated (slab allocator) in epan/dfilter/semcheck.c:
check_relation_LHS_FIELD() but this fvalue is also used by reference in
the byte code (dfilter->insns) and it is freed by dfilter_free() in
epan/dfilter/dfvm.c:dfvm_value_free()
Because it's a slab the next expression (say tcp.stream eq 11) reused
the same memory and doesn't generate a memory error but both the cache
and the new syntax tree nodes data point to same address and the solver
finds a match.
I don't know the proper way to fix this one, for testing I've commented
FVALUE_FREE call in dfvm_value_free()
Didier