dissector accessed an invalid memory address

Question

Hi all, I'm trying to modify a code of packet-data.c in order to change some piece of code. Then, i run a command:

tshark -r vnp2.pcapng

After some minutes, I got a problem of memory:

** (tshark.exe:6552): WARNING **: Dissector bug, protocol Data, in packet 82644:
 STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address

and the program crashed. I check the code and see that it could be caused by this code:

sccp_sonnh = (guint8 *)malloc(sizeof(guint8)*nSccp_length);

even I tried to free after using sccp:

free(sccp_sonnh);

At first, I think I should ask this question on StackOverFlow but finally, I think it is better to post on this forum because it is quite related to the source code of Wireshark. So, I have some questions:

Is this code the root cause of this problem ?
Is there any way to solve this problem?
Is it possible to use malloc and free like this?
If NO, please provide me the way to declare an array with variable length (I can not do this, so I used malloc)

Please help if you have any experience on this. Thank you so much!

Accepted Answer

1

Depending on which version of the source you're working with, Wireshark has had a number of memory allocators, the current one is wmem. See README.wmem in the doc directory of the source tree.

answered 17 Sep '14, 01:45

grahamb ♦
19.8k●3●30●206
accept rate: 22%

Problem solved. I use wmem_alloc instead of malloc. Malloc and free should not be used for code modification. Thanks for your suggestion :)

(17 Sep '14, 23:38) hoangsonk49

If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.

(18 Sep '14, 02:25) grahamb ♦