On 09/05/2012 12:05 AM, Jaap Keuter wrote:
On 09/04/2012 06:35 PM, Jaap Keuter wrote:
On 2012-09-04 16:52, Christopher Maynard wrote:
Jeff Morriss <jeff.morriss.ws@...> writes:
Jaap Keuter wrote:
> On 2012-09-04 08:32, Joerg Mayer wrote:
>> On Tue, Sep 04, 2012 at 08:18:28AM +0200, Jaap Keuter wrote:
>>> Ok, thanks for the response on the strstr() question. Still remain
>>> the big question: the DND crash! Am I the only one seeing this? Does
>>> the proposed patch elevate the problem on your platform?
[...]
> Does anyone else see this?
It works OK for me on Windoze (1.8.1, XP, 32-bit); here I dragged a PCAP
file onto the Wireshark icon on my desktop.
It works OK for me on Fedora Core 10 (SVN, GTK-2.14.7-9, 64-bit); here I
dragged a PCAP file into a running (from the build directory) Wireshark
(Wireshark isn't installed so I have no icon for the executable).
After a distclean, it works for me on Windows XP SP3 32-bit, r44768
(as well as
Windows 7 64-bit -- forget which revision, but not quite r44768).
I had encountered this problem once upon a time though and filed bug
5987[1] for
it, which actually seemed to be a duplicate of bug 6457[2].
[1]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5987
[2]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6457
Hmm, it seems neither of those. So either it's related to the specific GTK
version (on KDE?), or the fact that I used Dolphin (the KDE File Mananager) as
source for the capture file DND.
The plot thickens... ;)
Thanks,
Jaap
Ok, some more details. Looking at Drag-and-Drop Protocol for the X Window System
[1], I found this on dragging and dropping files[2].
It refers to the MIMEtype text/uri-list, which is defined, according to IANA[3],
in RFC 2483. Even though its status is experimental it says:
" The format of text/uri-list resources is:
...
3) As for all text/* formats, lines are terminated with a CRLF pair.
"
This is not what I'm seeing. The last line is no longer CRLF terminated!
Who does that? The source? I've tries 3 file browser (Dolphin, Konqueror, File
open dialog) with the same results. The X Server, or the target (Wireshark,
through GTK+)? Do I need to pull out xscope?
[1] http://www.newplanetsoftware.com/xdnd/
[2] http://www.newplanetsoftware.com/xdnd/dragging_files.html
[3] http://www.iana.org/assignments/media-types/text/index.html
[4] http://tools.ietf.org/rfcmarkup?rfc=2483
Wireshark DND tests
Using xscope I've traced the X protocol on both sides of the DND exchange.
The scenario starts by dragging and dropping a.pcap and b.pcap together
from Dolphin (File Manager) to Wireshark (Target). This results in a.pcap
being loaded. Then dragging and dropping of b.pcap is performed. This results
in a crash of Wireshark.
Platform FC14/x86_64, KDE
For the first run xscope is used as follows:
> xscope -v3 -t > xscope_Dolphin_DND_v3_ab.log
To launch the X client to trace the following command is used:
> DISPLAY=localhost:1.0 dolphin
Wireshark is launched normally and the scenario is played out.
For the second run xscope is used as follows:
> xscope -v3 -t > xscope_Wireshark_DND_v3_ab.log
To launch the X client to trace the following command is used:
> DISPLAY=localhost:1.0 wireshark
Dolphin is launched normally and the scenario is played out.
Now we dig through the log files. To find the relevant exchanges search the logs
for the start of the URL:
'66 69 6c 65 3a 2f 2f'
f i l e : / /
Dolphin sends:
----------8<-------------------------------------------------------------------
............REQUEST: ChangeProperty
sequence number: 0000a7c7
mode: Replace
request length: 0014
window: WIN 06c05130
property: ATM 0000023b
type: ATM 000001d2
format: 08
length of data: 00000038
data: 66 69 6c 65 3a 2f 2f 2f 68 6f 6d 65 2f 6a 6b 65
: 75 74 65 72 2f 61 2e 70 63 61 70 0d 0a 66 69 6c
: 65 3a 2f 2f 2f 68 6f 6d 65 2f 6a 6b 65 75 74 65
: 72 2f 62 2e 70 63 61 70
----------8<-------------------------------------------------------------------
which translates into:
"file:///home/jkeuter/a.pcap\r\nfile:///home/jkeuter/b.pcap"
and:
----------8<-------------------------------------------------------------------
............REQUEST: ChangeProperty
sequence number: 00021370
mode: Replace
request length: 000d
window: WIN 06c0529a
property: ATM 0000023b
type: ATM 000001d2
format: 08
length of data: 0000001b
data: 66 69 6c 65 3a 2f 2f 2f 68 6f 6d 65 2f 6a 6b 65
: 75 74 65 72 2f 62 2e 70 63 61 70
----------8<-------------------------------------------------------------------
which translates into:
"file:///home/jkeuter/b.pcap"
Wireshark receives:
----------8<-------------------------------------------------------------------
11.08: 88 bytes <-- X11 Server 2
..............REPLY: GetProperty
format: 08
sequence number: 496b
reply length: 0000000e
type: ATM 000001d2
bytes-after: 00000000
length of value: 00000038
value: 66 69 6c 65 3a 2f
: 2f 2f 68 6f 6d 65
: 2f 6a 6b 65 75 74
: 65 72 2f 61 2e 70
: 63 61 70 0d 0a 66
: 69 6c 65 3a 2f 2f
: 2f 68 6f 6d 65 2f
: 6a 6b 65 75 74 65
: 72 2f 62 2e 70 63
: 61 70
----------8<-------------------------------------------------------------------
which translates into:
"file:///home/jkeuter/a.pcap\r\nfile:///home/jkeuter/b.pcap"
and:
----------8<-------------------------------------------------------------------
20.64: 60 bytes <-- X11 Server 2
..............REPLY: GetProperty
format: 08
sequence number: 5d64
reply length: 00000007
type: ATM 000001d2
bytes-after: 00000000
length of value: 0000001b
value: 66 69 6c 65 3a 2f
: 2f 2f 68 6f 6d 65
: 2f 6a 6b 65 75 74
: 65 72 2f 62 2e 70
: 63 61 70
----------8<-------------------------------------------------------------------
which translates into:
"file:///home/jkeuter/b.pcap"
It's right after this reply that Wireshark crashes.
So this tells us that the client is sending non well-formed text/uri-list's.
Thanks,
Jaap
