Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] [PATCH] mem leak in dissect_ip_tcp_options

From: Sebastien Tandel <sebastien@xxxxxxxxx>
Date: Sun, 14 Jan 2007 21:09:14 +0100
oups! true for ep_alloc and the leak ...

it is nonetheless allocated/freed in an useless way.


Luis Ontanon wrote:
> ep_alloc allocates a buffer that is freed automatically before passing
> to the next packet. It is not leaked. see doc/README.malloc and/or
> epan/emem.h
>
>
> On 1/14/07, Sebastien Tandel <sebastien@xxxxxxxxx> wrote:
>   
>> Hi all,
>>
>>
>>    I provide a patch for a memory leak in dissect_ip_tcp_options.
>> Each time a packet was dissected with dissect_ip_tcp_options, it
>> unconditionally allocated a chunk of memory of NAME_STR_LEN length which
>> should only occur when the option is unknown. (If there is a reason to
>> do that, would be useful to write a comment in the file.)
>>
>>
>>
>> Regards,
>>
>> Sebastien Tandel
>>
>>
>> Index: epan/dissectors/packet-ip.c
>> ===================================================================
>> --- epan/dissectors/packet-ip.c (révision 20426)
>> +++ epan/dissectors/packet-ip.c (copie de travail)
>> @@ -691,12 +691,11 @@
>>    unsigned int      optlen;
>>    const char       *name;
>>  #define NAME_STR_LEN 7+1+1+2+2+1+1     /* "Unknown (0x%02x)" */
>> -  char             *name_str;
>> +  char             *name_str= NULL;
>>    void            (*dissect)(const struct ip_tcp_opt *, tvbuff_t *,
>>                                 int, guint, packet_info *, proto_tree *);
>>    guint             len;
>>
>> -  name_str=ep_alloc(NAME_STR_LEN);
>>    while (length > 0) {
>>      opt = tvb_get_guint8(tvb, offset);
>>      for (optp = &opttab[0]; optp < &opttab[nopts]; optp++) {
>> @@ -711,6 +710,7 @@
>>        optp = NULL;     /* indicate that we don't know this option */
>>        len_type = VARIABLE_LENGTH;
>>        optlen = 2;
>> +      name_str=ep_alloc(NAME_STR_LEN);
>>        g_snprintf(name_str, NAME_STR_LEN, "Unknown (0x%02x)", opt);
>>        name = name_str;
>>        dissect = NULL;
>>
>>
>> _______________________________________________
>> Wireshark-dev mailing list
>> Wireshark-dev@xxxxxxxxxxxxx
>> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>>
>>
>>     
>
>
>