Mark Cave-Ayland wrote:
> Yes it looks as if you are absolutely right. It seems that within the
> traces I captured from the client there were several transactions where
> the password field was empty (perhaps because they were just hitting
> enter at the login box when it kept failing?). The segfault occurs
> because pcnfsd_decode_obscure() attempts to alter the string passed to
> it, which fails miserably if the real string is empty and password
> points to a static "<EMPTY>" string instead.
>
> The patch is simple enough that I've attached it here rather than
> opening a new bug on bugs.wireshark.org. Thanks for the excellent support!
Thanks! I checked in your patch along with other changes in r28128.