I found an ASAN bug in wiretap (stack-based buffer overrun) for which
an initial patch was submitted to
https://code.wireshark.org/review/1628/ (patchset 1 or 2).
After a more thorough look, it seems that the pcapng_dump_t type and
related code are unused.
It was first added in commit a41d93603c07fa8b6a7a334e7bf969ebd188085e
Author: Michael Tüxen <[email protected]> 2009-06-27 17:20:44
Add support for writing pcapng files with multiple
This fixes a bug reported by Sake during the
Sharkfest 09. Thanks for providing a
Netscreen tracefile with multiple link layer
This patch will be included in Wireshark 1.2.1
svn path=/trunk/; revision=28862
Your (Anders) patch commented out the functions that actually use this:
Author: Anders Broman <[email protected]>
Date: Mon Feb 20 20:15:51 2012 +0000
Handle reading and writing of multiple IDB:s, write IDB options and use correct lengt for strings, handle more than 100 char comment
svn path=/trunk/; revision=41082
It seems that the functionality got moved to other files, but the original
code using pcapng_dump_t can be removed (including the overrunning
g_array_ parts). Is that a correct observation?
A patch is underway, I'm asking just in case the change was unintentional.