You were absolutely right about changing from FT_UINT_BYTES to FT_BYTES. Now the problem is simply "malformed packet" which is very likely just unfinished code or something. This also solved another issue that I was seeing where certain TLV values were reported as "Missing" instead of throwing an error.
I'm still wondering why this makes a difference, though. Thanks! --kan-- -- Kevin A. Noll, KD4WOZ CCIE, CCDP -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joerg Mayer Sent: Thursday, May 31, 2007 10:21 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] FW: DISSECTOR_ASSERT_NOT_REACHED in WLCCP decode... On Wed, May 30, 2007 at 10:18:13PM +0200, Joerg Mayer wrote: > On Wed, May 30, 2007 at 01:15:35PM -0700, Stephen Fisher wrote: > > > So I'm looking at the value strings, and I'm wondering why we > > > should terminate them with {0, NULL} and what happens if one of > > > the value pairs needs to be {0, "a real string"} ? > > > > You can still use 0, "a real string" as one of the entries. You > > just need to have 0, NULL as the final entry. If you don't, the > > code will keep reading past the end and run into random memory space > > looking for that 0, NULL entry. > > And one of those overruns might actually cause the crash you were > talking about. I just found another 10 Minutes to actually test the code (with the added {0, NULL} stuff). Please replace all FT_UINT_BYTES by FT_BYTES (you've misunderstood the meaning of _UINT_ in that type. That will get you further (up to some failed assertion "(guint)hfindex < gpa_hfinfo.len, which means, that you reference a non-existent hf_ element). Ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
