patchs for wireshark dissection
Andrew Bartlett
abartlet at samba.org
Mon Jul 13 00:15:43 MDT 2009
On Mon, 2009-07-13 at 08:10 +0200, Stefan (metze) Metzmacher wrote:
> Matthieu Patou schrieb:
> > On 07/12/2009 08:37 PM, Stefan (metze) Metzmacher wrote:
> >> I need to revert parts of the patches, to prevent a crash
> >> (in the string handling code...)
> >>
> >> http://gitweb.samba.org/?p=metze/wireshark/wip.git;a=commitdiff;h=c9dbf6ad8c7c3320800bf9158b718c6c98a602f5
> >>
> >>
> >>
> > Metze can you send me the capture that makes a crash ?
>
> http://samba.org/~metze/ads/rpc-netlogon-lsa-string-is-fine-01.pcap
>
> But also just from looking at the code, it seems to be just wrong.
> The length of the array has nothing to do with the max count!
> There is no magic string terminator that we need to autodetect,
> if there're following (zero or uninitialized) bytes then they're
> just padding!
Perhaps I'm missing something, but wasn't this whole area meant to be
overtaken by PIDL generated dissectors?
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20090713/bba7e2dd/attachment.bin
More information about the samba-technical
mailing list