Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Out of Memory issue

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Kumar, Hemant" <kumarh@xxxxxxxxxxxx>
Date: Fri, 25 Jul 2008 11:44:10 -0700

 

Hello

 

I am facing a weird kind of issue.

To check if memory issue was with my dissector and creation of trees and subtrees

I didn’t dissected the messages but just displayed the protocol type for my packets under

Protocol column in display pane.

And in the details pane , there was no dissection.

After displaying 16500 packets, it dies out citing out of memory error.

 

So I wanted to ask id there any limit on  the number of packets which a plugin dissector

can display because without plugin dissector dll, it does displays all message packets

With TCP/UDP under protocol column but when my dissector works, with my_protocol

name being displayed under protocol it fails.

 

Please It seems I am getting stuck on this. Please provide your valuable comment or

If you need more info, please lt me know?

 

Thanks

Hemant

From: Kumar, Hemant
Sent: Thursday, July 24, 2008 9:54 PM
To: 'Developer support list for Wireshark'
Subject: RE: [Wireshark-dev] Out of Memory issue

 

Sorry I mistakenly wrote wrong size of data which I am dissection. Its 1082 bytes.

Can anyone please provide some insight?

 

Thanks in advance

Hemant

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Kumar, Hemant
Sent: Thursday, July 24, 2008 5:12 PM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Out of Memory issue

 

Hello

 

Hello

 

My dissector runs in to out of memory problem after dissecting certain number of packets.

The maximum size of packet which I am dissecting is 1082KB.

Some of the fields in the packets are buffers which I have added to the display tree also.

It dies out in following TRY statement:--

 

TRY {

        read_packet(cf, dfcode, data_offset);

    }

    CATCH(OutOfMemoryError) {

 

|

|

|

|

    }

    ENDTRY;

  }

 

Any idea or any memory management routine which needs to be implemented in my

Plugin dissector code?

 I read on the link "http://wiki.wireshark.org/KnownBugs/OutOfMemory",

That wireshark should be able to handle data of the order of GBs.

Also without my plugin dll,  the dissector does go smoothly and shows data payload section under UDP and

TCP but with dissection coming in to picture it runs in to this error.

 

Please shed some light on this issue.

 

Thanks

Hemant

 

 

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube