Wireshark · Wireshark-dev: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since 2.2.0

Wireshark-dev: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since

From: Lukas Tribus <luky-37@xxxxxxxxxxx>

Date: Fri, 16 Sep 2016 14:40:51 +0000

Hello,


dumpcap (and wireshark, if using that dumpcap feature) hangs using a full CPU core since 2.2.0 in the following conditions:

- OS is Windows (other OS'es unknown)
- interface is remote ("rpcap://...")
- dumpcap is trying to read the link type (-L)


For example, old stable 2.0.6 works fine:
Wireshark206Portable\App\Wireshark>dumpcap -i rpcap://[172.22.0.12]/eth0 -L
Data link types of interface rpcap://[172.22.0.12]/eth0 (use option -y to set):
  EN10MB (Ethernet)
>


\Wireshark220Portable\App\Wireshark>dumpcap -i rpcap:// [172.22.0.12]/eth0 -L
<<--- hangs using a full CPU core


Wireshark, if using this dumpcap feature hangs as well (when adding remote interfaces).

Wireshark 2.0.6 and previous releases work fine.


Capturing traffic actually still works fine, only the -L knob is affected (but when adding remote interfaces to Wireshark that knob is always needed).



Thanks,
Lukas Tribus

Follow-Ups:
- Re: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since 2.2.0
  - From: Jeff Morriss

Prev by Date: Re: [Wireshark-dev] Correct procedure for pushing a new dissector to Gerrit
Next by Date: Re: [Wireshark-dev] I need wmem_alloc advice please
Previous by thread: Re: [Wireshark-dev] Ethernet header below MPLS...
Next by thread: Re: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since 2.2.0
Index(es):
- Date
- Thread