Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 4105] New: Empty custom column field name value causes run

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 8 Oct 2009 05:47:19 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4105

           Summary: Empty custom column field name value causes runtime
                    crash
           Product: Wireshark
           Version: SVN
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jyoung@xxxxxxx


Build Information:
C:\projects\wireshark>wireshark-gtk2\tshark -v

** (tshark.exe:2288): WARNING **: se_debug_use_canary 0
TShark 1.3.1 (SVN Rev 30396 from /trunk)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.20.5, with WinPcap (version unknown), with libz 1.2.3,
without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8, with c-ares
1.6.0,
with Lua 5.1, without Python, with GnuTLS 2.8.1, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.1
beta5
(packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 2.8.1,
Gcrypt 1.4.4.

Built using Microsoft Visual C++ 9.0 build 30729

C:\projects\wireshark>
--
Hello,

If one creates a custom column but fails to enter some value within the "Field
name:" text entry box the resulting preferences "column.format:" string will
cause Wireshark to crash when a capture file is opened (or when exits the
preferences dialog if a capture file is already opened).

Below is an example of a preferences file "column.format:" statement that
includes an "empty" custom column "Field name:" entry:

> column.format: "No.", "%m", "Time", "%t", "Source", "%s", "Destination",
> 	"%d", "Protocol", "%p", "Length", "%L",
>	"ip.id", "%Cus:ip.id", "icmp.seq", "%Cus:icmp.seq", "Info",
>	"%i", "New Column", "%Cus:"

It is the last component, the "%Cus:", that triggers this crash.

Previously Wireshark would accept empty custom column field name values without
crashing.  Testing indicates that SVN 29788 was the last revision that accepted
empty "Field name:" values.  The current crash behavior appears to have been
introduced with changes applied with SVN 29789 [1].

Workaround: Delete the empty custom column entries or add SOME text to the
"Field name:" text entry field.   (NOTE: The added text does NOT actually need
to be a valid "Field name:" to avoid the crash.)

[1] http://anonsvn.wireshark.org/viewvc?view=rev&revision=29789


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube