-
Notifications
You must be signed in to change notification settings - Fork 829
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
print-nfs prints beyond end of string #9
Comments
Submitted by guy_harris Logged In: YES "fn_printn()" takes as its third argument a "const char *", However, there's a TCHECK2() call before the fn_printn() It might have tripped over the fact that TTEST2() (and Nevertheless, I'd suggest trying the current CVS version |
Converted from SourceForge issue 592852, submitted by nobody
Version 3.7.1
Machine: i686
Os: Linux 2.2.16-22enterprise
Command: tcpdump -tuNl -s 200 port nfsd
Problem: segmentation faults
The last packet printed in a sample execution is:
silver.482673452 > marble.nfs: 124 lookup fh
Unknown/CABAEBFE85A6370002000000110800001108000002000000EAF25E5A00000000
"^@ssh^@^@^@M-_M-FM-zM-vM-^GM-'jM-zM-&M-%M-`^O^@M-hM-^WM-^/M-xM-^MM-p/NM-V4M-kO^@x^WM-a^@^@^Q^@^@^@PORT
nfsd^@^@^@^Y^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^Y^@^@^@x^O^U^H^@^
... and a lot of more garbage, until it crashes.
The actual last packet printed actually varies from an
execution to
another, but the problem is always the same: when
printing some nfs
lookup request packets, the string printing loop goes
past the end of the string representing the filename,
until it hits a memory location out of the process image.
I had a look at the source code: I think the problem
happens in
fn_printn() called from parsefn() in print-nfs.c. I
changed the call
to
fn_printn(cp, len, snaplen);
and it does not segfault anymore, but all the printed
filenames in
lookup requests are empty.
Ruggero
ruggero@wam.umd.edu
The text was updated successfully, but these errors were encountered: