[Wireshark-bugs] [Bug 13916] New: tshark fails to dissect diameter traffic (Segmentation fault)

Tue, 25 Jul 2017 08:09:16 -0700 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13916

            Bug ID: 13916
           Summary: tshark fails to dissect diameter traffic (Segmentation
                    fault)
           Product: Wireshark
           Version: Git
          Hardware: x86-64
                OS: FreeBSD
            Status: UNCONFIRMED
          Severity: Major
          Priority: Low
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: ba...@farrokhi.net
  Target Milestone: ---

Created attachment 15712
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15712&action=edit
lldb backtrace

Build Information:
TShark (Wireshark) 2.5.0 (Git Rev Unknown from unknown)

Copyright 1998-2017 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, with GLib 2.50.2,
with zlib 1.2.11, without SMI, without c-ares, with Lua 5.2.4, without GnuTLS,
with Gcrypt 1.8.0, without Kerberos, without GeoIP, without nghttp2, without
LZ4, without Snappy, with libxml2 2.9.4.

Running on FreeBSD 11.0-STABLE, with Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
(with SSE4.2), with locale C, with libpcap version 1.6.2, with Gcrypt 1.8.0,
with zlib 1.2.11.

Built using clang 4.2.1 Compatible FreeBSD Clang 4.0.0 (tags/RELEASE_400/final
297347).
--
latest git (615685e at this moment) as well as 2.4 (git 9be0fa5) fail to
dissect diameter traffic. 

% ./tshark -r diameter.pcap -2R "diameter.CC-Request-Type==1" -d
tcp.port==6001,diameter > /dev/null
Segmentation fault (core dumped)
% echo $?
139

However it works fine when the "read filter" is set to "diameter" only. e.g:

% ./tshark -r diameter.pcap -2R "diameter" -d tcp.port==6001,diameter >
/dev/null && echo success
success

lldb backtrace is attached.

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to