[Wireshark-bugs] [Bug 15220] New: Using same display filter reference within a plugin register info, results crushing during filter use from GUI and produce invalid JSON output

Fri, 19 Oct 2018 02:35:03 -0700 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15220

            Bug ID: 15220
           Summary: Using same display filter reference within a plugin
                    register info, results crushing during filter use from
                    GUI and produce invalid JSON output
           Product: Wireshark
           Version: 2.4.2
          Hardware: x86-64
                OS: Solaris
            Status: UNCONFIRMED
          Severity: Major
          Priority: Low
         Component: Common utilities (libwsutil)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: umut.kahramankap...@gmail.com
  Target Milestone: ---

Build Information:
Compiled (64-bit) with GTK+ 2.20.1, with Cairo 1.8.10, with Pango 1.28.3, with
libcap, without POSIX capabilities, with Glib 2.28.6, with zlib 1.2.3-T4mods,
without SMI, without c-ares, with Lua 5.1.4, without GnuTLS, with Gcrypt 1.5.3,
with MIT Kerberos, without GeoIP, without nghttp2, without LZ4, without Snappy,
with libxml2 2.9.1, without PortAudio, without AirPcal, without SBC, without
SpanDSP.

Running on SunOS 5.11, with Intel(R) Xeon(R) CPU X5675 @ 3.07GHz (with SSE4.2),
with locale en_US.UTF-8, with libpcap version 1.5.1, with Gcrypt 1.5.3, with
zlib 1.2.3-T4mods.

Built using gcc.4.8.2
--
While compiling a new plugin, the following example code creates two separate
items to have same display filter reference ("example.dfr", which results
Wireshark to crash and throw following error message during filtering via GUI

ERROR:ftypes.c:707:fvalue_eq: assertion failed: (a->ftype->cmp_eq)


Code example
...
static hf_register_info hf[] = {
  {$hf_example_DFR, /*values 0-1*/
    {"Example DFR", "example.dfr", FUINT8, BASE_DEC, 
     NULL, 0x20, "Example Display Filter Reference", HFILL
    }
  },
  {$hf_example_DFR_2, /*values 2-3*/
    {"Example DFR_2", "example.dfr", FUINT8, BASE_DEC, 
     NULL, 0x01, "Example Display Filter Reference 2", HFILL
    }
  }
}
...


JSON output will include following substructure, which results using the same
key value for two different hash values, and reduce the value of JSON
outputting which eases automated output parsing for post analysis.

[
  {
   "_index": ...,
   "_type": ...,
   "_score": ...,
   "_source": {
      "layers": {
         "frame": {...},
         "eth": {...},
         "ip": {...},
         "udp": {...},
         "example_plugin": { ...,
           "example.dfr": "1",
           "example.dfr": "2",
           ...
         }
      }
    }
  }
]

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to