Wireshark-dev: Re: [Wireshark-dev] Crash on Edit > Preferences

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Wed, 3 Dec 2008 14:14:42 -0800

On Dec 3, 2008, at 11:10 AM, Abhik Sarkar wrote:

To investigate, I start Wireshark and then attach to it from VC++.
Then I go to Edit > Preferences. The result is that the program always
stops due to an access violation and VC++ opens the file packet-vnc.c
and breaks at this block in vnc_server_framebuffer_update
		case ENCODING_COPY_RECT:
			bytes_needed =
				vnc_copyrect_encoding(tvb, pinfo, offset,
						      vnc_encoding_type_tree,
						      width, height);
			break;

I can't figure out what packet-vnc.c would have to do with my going to
Edit > Preferences,

If you change protocol preferences, that could change how packets are dissected, so Wireshark re-dissects the packets. If you have a capture file open, and it contains a packet that Wireshark thinks is a VNC packet, it will call the VNC dissector when it re-dissects the packet.

There might be a bug in the VNC dissector.

If you haven't changed any protocol preferences, that's another bug - it shouldn't be doing any re-dissection if nothing that would affect dissection was changed.

Do you have a capture file or live capture open? If not, that's *another* bug, as it shouldn't be doing any dissection, as there's nothing to dissect.

So what is the sequence you go through?

You start Wireshark - do you open a capture file or start a capture before doing Edit > Preferences?

Do you do anything with the Edit > Preferences dialog? Do you change any preferences? Do you close the dialog?