Wireshark-dev: [Wireshark-dev] Patch for empty SSH env variables
From: Charles Rumford <[email protected]>
Date: Mon, 5 Oct 2009 17:37:00 -0400
hello all -

Recently, I started using ssh-agent. When I started using this, Wireshark
started to seg fault on me every time I ran it. Not realizing that it was the
ssh-agent, I just assumed that my computer sucked, and that I would never be
able to run Wireshark on my computer.

A friend of mine had been having the same issue, and we decided to dive into
the code and figure out what was going one. It turns out that ssh-agent set
the SSH_CONNECTION and SSH_CLIENT environment variables to the empty string
when on the local machine.  Because of this in util.c, in *get_conn_cfilter(),
tokens[0] is null and there is no check to get around this.

I have attached patch to fix this problem. Does this seem like a reasonable
fix for this problem?

-- 
Charles Rumford
Quick meaningless comic non sequitur.
--- wireshark-1.2.2/util.c	2009-09-14 21:50:46.000000000 -0400
+++ new/util.c	2009-10-05 17:23:28.429537057 -0400
@@ -151,7 +151,7 @@
 	}
 	if ((env = getenv("SSH_CONNECTION")) != NULL) {
 		tokens = g_strsplit(env, " ", 4);
-		if (tokens[3]) {
+		if (tokens[3] && tokens[0]) {
 			g_string_printf(filter_str, "not (tcp port %s and %s host %s "
 							 "and tcp port %s and %s host %s)", tokens[1], host_ip_af(tokens[0]), tokens[0],
 				tokens[3], host_ip_af(tokens[2]), tokens[2]);
@@ -159,9 +159,11 @@
 		}
 	} else if ((env = getenv("SSH_CLIENT")) != NULL) {
 		tokens = g_strsplit(env, " ", 3);
-		g_string_printf(filter_str, "not (tcp port %s and %s host %s "
-			"and tcp port %s)", tokens[1], host_ip_af(tokens[0]), tokens[0], tokens[2]);
-		return filter_str->str;
+        if (tokens[0]) {
+            g_string_printf(filter_str, "not (tcp port %s and %s host %s "
+                "and tcp port %s)", tokens[1], host_ip_af(tokens[0]), tokens[0], tokens[2]);
+            return filter_str->str;
+        }
 	} else if ((env = getenv("REMOTEHOST")) != NULL) {
 		/* FreeBSD 7.0 sets REMOTEHOST to an empty string */
 		if (g_ascii_strcasecmp(env, "localhost") == 0 ||