Wireshark · Wireshark-dev: Re: [Wireshark-dev] VALS macro causing Wireshark to crash on Windows

Wireshark-dev: Re: [Wireshark-dev] VALS macro causing Wireshark to crash on Windows

From: Ulf Lamping <ulf.lamping@xxxxxx>

Date: Thu, 07 Aug 2008 01:16:28 +0200

Chih Wang schrieb:

Hi all,

I have a custom dissector in plugin form originally developed on Linux

(Ubuntu on x86). Wireshark ran fine on the system with the plugin.

The code was moved to a Windows XP box verbatim. After setting up the
build environment on the box, I was able to build Wireshark and the
plugin.

However, when I ran Wireshark, I noticed that when I selected some of
the filters from my custom dissector using the Expression button,
Wireshark crashed with memory access error (memory could not be read).
After a little more digging, I realized that Wireshark only crashed when
I selected a field that used VALS macro. All other filters worked fine.

Has anyone experienced this problem?

Here is the code snippet:

	static const value_string msgtypenames[] = {
	  { 0x10, "Type 16" },
	  { 0x01, "Type 1" },
	  { 0x03, "Type 3" },
	  { 0x05, "Type 5"}

Please terminate the value_string with { 0, NULL}, otherwise you'll endup in problems!

	};
<snip>
	static hf_register_info hf[] = {
	  /*** common fields */
	  { &hf_foo_msg_type,
	    { "Message TYPE", "foo.type",
      	FT_UINT8, BASE_DEC,
	      VALS(msgtypenames), 0x0,
      	NULL, HFILL }
	  },
<snip>

My development environment is as follows:
- Wireshark 1.0.2 source
- Windows XP Pro SP2
- VC++ 2005 Express Edition
- Microsoft Platform SDK for Windows Server 2003 R2

Both gtk1 and gtk2 Wireshark binary has the same problem.

Any help will be greatly appreciated.

Best regards,
Chih Wang


CONFIDENTIALITY NOTICE: The information contained in this message may be privileged and/or confidential. If you are not the intended recipient, or responsible for delivering this message to the intended recipient, any review, forwarding, dissemination, distribution or copying of this communication or any attachment(s) is strictly prohibited. If you have received this message in error, please notify the sender immediately, and delete it and all attachments from your computer and network.

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-dev

References:
- [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Paolo Abeni
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Sake Blok
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Paolo Abeni
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Sake Blok
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Paolo Abeni
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Sake Blok
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Andrew Hood
- Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
  - From: Luis EG Ontanon
- [Wireshark-dev] SSL attacks and performing cpu/time intensive computation in a protocol dissector
  - From: Richard van der Hoff
- [Wireshark-dev] VALS macro causing Wireshark to crash on Windows
  - From: Chih Wang

Prev by Date: Re: [Wireshark-dev] VALS macro causing Wireshark to crash on Windows
Next by Date: Re: [Wireshark-dev] VALS macro causing Wireshark to crash on Windows
Previous by thread: Re: [Wireshark-dev] VALS macro causing Wireshark to crash on Windows
Next by thread: Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol dissector
Index(es):
- Date
- Thread