tshark with --export-dicom gives “Segmentation fault (core dumped)”
My problem is described in this stack overflow question https://stackoverflow.com/questions/6....
Is this a known bug?
I would like to provide you the stack trace with gdb but I'm having trouble getting the binary, maybe you can guide me through this process.
Add output of thsark -v
ON THE HOST:
TShark (Wireshark) 2.6.10 (Git v2.6.10 packaged as 2.6.10-1~ubuntu18.04.0)
Copyright 1998-2019 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.56.4, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua
5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.30.0, with LZ4, with Snappy, with libxml2 2.9.4.
Running on Linux 4.15.0-106-generic, with Intel(R) Core(TM) i7-3770 CPU
@ 3.40GHz (with SSE4.2), with 15994 MB of physical memory, with locale
de_DE.UTF-8, with libpcap version 1.8.1, with GnuTLS 3.5.18, with Gcrypt 1.8.1,
with zlib 1.2.11, binary plugins supported (13 loaded).
Built using gcc 7.4.0
ON CONTAINER:
TShark (Wireshark) 3.2.3 (Git v3.2.3 packaged as 3.2.3-1)
Copyright 1998-2020 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.64.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua
5.2.4, with GnuTLS 3.6.13 and PKCS #11 support, with Gcrypt 1.8.5, with MIT
Kerberos, with MaxMind DB resolver, with nghttp2 1.40.0, with brotli, with LZ4,
with Zstandard, with Snappy, with libxml2 2.9.10.
Running on Linux 4.15.0-106-generic, with Intel(R) Core(TM) i7-3770 CPU
@ 3.40GHz (with SSE4.2), with 15994 MB of physical memory, with locale C, with
libpcap version 1.9.1 (with TPACKET_V3), with GnuTLS 3.6.13, with Gcrypt 1.8.5,
with brotli 1.0.7, with zlib 1.2.11, binary plugins supported (0 loaded).
Built using gcc 9.3.0.
Can you add output of
tshark -vfrom runs on the host and the containerRunning with -V I could see that tshark crashes exactly on dicom packet (segment). The output with -v you can find in the edit.
Can you provide a small capture with the
dicompacket that causes the error?I confirm that the problem is only with version 3.2, when I switch to version 2.6 and ubuntu 18.4 I don't have this bug anymore. Thanks for the support.
If you want to thank us for the support, please don't just say "older Wireshark, problem solved!" - get a stack trace, or supply a sample capture that causes the problem, and make a bug report, so we (the Wireshark developers) can try to fix the problem, so other users with 3.2 (who might not have the option of going back to 2.6 - or 3.0 if it doesn't have the bug) can get the fix as well.