Re: [Wireshark-dev] Wireshark messages I don't want to see
Hi Jörg, On Tue, Jul 14, 2015 at 08:01:38PM +0200, Joerg Mayer wrote: ... but have no idea how to find or fix: jmayer@egg privat$ wireshark -r 6.pcap.gz /home/jmayer/work/wireshark/git/epan/address.h:158:5: runtime error: null pointer passed as argument 1, which is declared to never be null /home/jmayer/work/wireshark/git/epan/address.h:158:5: runtime error: null pointer passed as argument 2, which is declared to never be null /home/jmayer/work/wireshark/git/epan/crypt/airpdcap.c:1558:16: runtime error: index 256 out of bounds for type 'AIRPDCAP_SEC_ASSOCIATION [256]' These messages are from ubsan (Undefined Behavior Sanitizer). In order to debug such issues, I suggest setting these options: export UBSAN_OPTIONS=print_stacktrace=1 \ ASAN_OPTIONS=strip_path_prefix=/home/jmayer/work/wireshark/git/ \ It produces the stack trace of the origin and strips the common source prefix. See http://stackoverflow.com/q/30809022 if you want to use gdb to break on such reports. git head as of 6-7 hours ago, qt only. I loaded an 802.11 trace, added a wpa2 key and looked at the result. The trace is probably confidential (will need to ask). Please let me know what information is needed to get rid of the first 3 messages in particular. A stacktrace would be helpful :-) -- Kind regards, Peter Wu https://lekensteyn.nl ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Wireshark messages I don't want to see
On Tue, Jul 14, 2015 at 11:52:18AM -0700, Guy Harris wrote: Line 1558 of epan/crypt/airpdcap.c is if (ctx-sa[ctx-first_free_index].used) { in AirPDcapStoreSa(). It was assuming that ctx-first_free_index would be within the bounds of the array, which isn't guaranteed (what if there *are* no free indices?); I've added a bounds check in 4f1b8d74338ca2a6ded8498e9d87cbc3294454c0. This was on Linux (which has AIRPCAP disabled) and with only 2 entries total (1x wpa, 1x wpa2) Thanks! Jörg -- Joerg Mayer jma...@loplof.de We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Wireshark messages I don't want to see
On Tue, Jul 14, 2015 at 09:13:49PM +0200, Joerg Mayer wrote: On Tue, Jul 14, 2015 at 11:52:18AM -0700, Guy Harris wrote: Line 1558 of epan/crypt/airpdcap.c is if (ctx-sa[ctx-first_free_index].used) { in AirPDcapStoreSa(). It was assuming that ctx-first_free_index would be within the bounds of the array, which isn't guaranteed (what if there *are* no free indices?); I've added a bounds check in 4f1b8d74338ca2a6ded8498e9d87cbc3294454c0. This was on Linux (which has AIRPCAP disabled) and with only 2 entries total (1x wpa, 1x wpa2) With current git head all the messages are gone. Many thanks! Jörg -- Joerg Mayer jma...@loplof.de We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Wireshark messages I don't want to see
On Jul 14, 2015, at 11:01 AM, Joerg Mayer jma...@loplof.de wrote: ... but have no idea how to find or fix: Line 158 of the current epan/address.h is the memcpy(to_data, from-data, from-len); in copy_address(). The fact that it didn't *crash* is probably because from-len is zero, so it didn't actually try dereferencing either of the null pointers, and so that to_data, which is allocated based on from-len, is null. I guess what it should do is if (from-len != 0) memcpy(to_data, from-data, from-len); as ANSI C makes no guarantees that memcpy(NULL, NULL, 0) is harmless. (In practice, it's probably harmless in all implementations, but we shouldn't assume that.) I just now checked that in as change I0b3dc1541b52670d8fef459754c9494cfcc59e5d. Line 1558 of epan/crypt/airpdcap.c is if (ctx-sa[ctx-first_free_index].used) { in AirPDcapStoreSa(). It was assuming that ctx-first_free_index would be within the bounds of the array, which isn't guaranteed (what if there *are* no free indices?); I've added a bounds check in 4f1b8d74338ca2a6ded8498e9d87cbc3294454c0. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe