ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-dev: Re: [ethereal-dev] ethereal-0.7.9 core dumps in vfprintf on dissecting smb lanma

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Mon, 20 Dec 1999 13:56:41 -0800 (PST)
> (when I have this inside gdb, I think I'm grabbing the server

Debuggers+GTK+ applications = pain.

The CList widget, which is what's used to display the packet list, has
the immensely irritating habit of grabbing the keyboard, which means the
server remains locked up if you've set a breakpoint in a dissector.

I have a patch (it appears to be home, rather than here at work) to GLib
and GTK+ that adds a "--gtk-no-grabs" command-line flag for GTK+,
telling it not to do grabs.

> (gdb) bt
> #0  0x402d9abf in _IO_vfprintf (s=0xbfffd55c, 
>     format=0x8116280 "Server Comment: %s", ap=0xbfffd6d8) at vfprintf.c:1259
> #1  0x402e6770 in _IO_vsnprintf (string=0x8201a90 "Server Comment: ", 
>     maxlen=240, format=0x8116280 "Server Comment: %s", args=0xbfffd6d4)
>     at vsnprintf.c:129
> #2  0x8069e72 in proto_tree_add_item_value (tree=0x81ff790, hfindex=796, 
>     start=144, length=4, include_format=1, visible=1, ap=0xbfffd6d0)
>     at proto.c:411
> #3  0x8069c4d in proto_tree_add_text (tree=0x81ff790, start=144, length=4)
>     at proto.c:283
> #4  0x80b1469 in dissect_pipe_lanman (pd=0x81462b8 "", offset=114, 
>     fd=0x81d39b8, parent=0x81eded8, tree=0x81ee324, si={tid = 1, uid = 100, 
>       mid = 12607, pid = 12507, conversation = 0x81cd3f0, 
>       request_val = 0x81ec718, unicode = 0}, max_data=130, SMB_offset=58, 
>     errcode=0, dirn=0, command=0x81d3376 "LANMAN", DataOffset=64, 
>     DataCount=66, ParameterOffset=56, ParameterCount=6) at packet-smb.c:10228

This could either be an error dissecting the "Server Comment" part of a
LAN Manager pipe operation.  Do you have a capture file that causes
this?  (Note that if Ethereal crashes, there should be a temporary file
containing the capture, probably either in "/tmp" or "/var/tmp", and
with a name beginning with "ether".)  If so, please send it either to
Richard Sharpe or to the list.

> Some other things:
> 
> 	ethereal --help
> prints the help twice

This appears to be fixed in the version in CVS.

> When showing the small window (ethereal: capture/playback)
> I think we mean NetBeui, not NetBIOS (NetBIOS also is tcp rfc 1001
> packets)

...and a variety of other encapsulations of NetBIOS.

Either NetBEUI or NBF would be appropriate.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube