On Dec 3, 2008, at 11:10 AM, Abhik Sarkar wrote:
To investigate, I start Wireshark and then attach to it from VC++.
Then I go to Edit > Preferences. The result is that the program always
stops due to an access violation and VC++ opens the file packet-vnc.c
and breaks at this block in vnc_server_framebuffer_update
case ENCODING_COPY_RECT:
bytes_needed =
vnc_copyrect_encoding(tvb, pinfo, offset,
vnc_encoding_type_tree,
width, height);
break;
I can't figure out what packet-vnc.c would have to do with my going to
Edit > Preferences,
If you change protocol preferences, that could change how packets are
dissected, so Wireshark re-dissects the packets. If you have a
capture file open, and it contains a packet that Wireshark thinks is a
VNC packet, it will call the VNC dissector when it re-dissects the
packet.
There might be a bug in the VNC dissector.
If you haven't changed any protocol preferences, that's another bug -
it shouldn't be doing any re-dissection if nothing that would affect
dissection was changed.
Do you have a capture file or live capture open? If not, that's
*another* bug, as it shouldn't be doing any dissection, as there's
nothing to dissect.
So what is the sequence you go through?
You start Wireshark - do you open a capture file or start a capture
before doing Edit > Preferences?
Do you do anything with the Edit > Preferences dialog? Do you change
any preferences? Do you close the dialog?
