From d7f12436709e40d58d7fcdfbcdd08740c039e162 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Fri, 27 Nov 2015 17:57:34 +0100 Subject: Fix crash in UDP Multicast Streams dialog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Attempting to open the UDP Multicast Streams dialog in the GTK UI triggers an instant crash (heap-buffer-overflow). Déjà vu. This is the same problem that plagued the RTP Streams dialog. This patch is based on the fix in v1.99.3rc0-33-g2c65b33 (mcaststream_dlg_update confused GList vs. mcaststream_tapinfo_t). After fixing that, the dialog crashed shortly after setting parameters (heap-use-after-free). That fix is based on v1.99.10rc0-292-gb02a0ee (after a retap, the old items were still present in the list). Just that change was not enough as clearing the list still triggered a signal, possibly because of the "changed" signal (while the RTP player uses a selection setter function). Apply the patch based on v1.99.10rc0-270-g01bd832 (disable selection while clearing). Change-Id: I152bac6f954d8d1c5c20d6c7d56a196c3e20c681 Reviewed-on: https://code.wireshark.org/review/12227 Reviewed-by: Peter Wu Petri-Dish: Peter Wu Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte --- ui/mcast_stream.h | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'ui/mcast_stream.h') diff --git a/ui/mcast_stream.h b/ui/mcast_stream.h index e780f8e885..bd871c485b 100644 --- a/ui/mcast_stream.h +++ b/ui/mcast_stream.h @@ -79,19 +79,23 @@ typedef struct _mcast_stream_info { } mcast_stream_info_t; +typedef struct _mcaststream_tapinfo mcaststream_tapinfo_t; + +typedef void (*mcaststream_tap_reset_cb)(mcaststream_tapinfo_t *tapinfo); +typedef void (*mcaststream_tap_draw_cb)(mcaststream_tapinfo_t *tapinfo); /* structure that holds the information about all detected streams */ /* struct holding all information of the tap */ -typedef struct _mcaststream_tapinfo { +struct _mcaststream_tapinfo { gpointer user_data; /* User data pointer */ - tap_reset_cb tap_reset; /**< tap reset callback */ - tap_draw_cb tap_draw; /**< tap draw callback */ + mcaststream_tap_reset_cb tap_reset; /**< tap reset callback */ + mcaststream_tap_draw_cb tap_draw; /**< tap draw callback */ GList* strinfo_list; /* list of mcast_stream_info_t */ guint32 npackets; /* total number of mcast packets of all streams */ mcast_stream_info_t* allstreams; /* structure holding information common for all streams */ gboolean is_registered; /* if the tap listener is currently registered or not */ -} mcaststream_tapinfo_t; +}; extern gint32 mcast_stream_trigger; -- cgit v1.2.1