This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to handle exceptions on Linux

0

Tshark handles exceptions/assertion failures on Windows, but on Linux, it will crash on exceptions/assertion failures, how to do?

asked 11 Feb '14, 23:28

metamatrix's gravatar image

metamatrix
56161619
accept rate: 100%

can you please show an example where tshark on Windows fails 'in a better/different way' than on Linux?

(12 Feb '14, 00:39) Kurt Knochner ♦

e.g. packet-frame.c ln 491

        /* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions
           like memory access violations.
           (a running debugger will be called before the except part below) */
                /* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling)
                   stack in an inconsistent state thus causing a crash at some point in the
                   handling of the exception.*/
    TRY {
#ifdef _MSC_VER
        __try {
#endif

...



#ifdef _MSC_VER
}
#endif


#ifdef _MSC_VER
} __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) {
switch(GetExceptionCode()) {
case(STATUS_ACCESS_VIOLATION):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address");
break;
case(STATUS_INTEGER_DIVIDE_BY_ZERO):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero");
break;
case(STATUS_STACK_OVERFLOW):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)");
/* XXX - this will have probably corrupted the stack,
which makes problems later in the exception code */
break;
/* XXX - add other hardware exception codes as required */
default:
show_exception(tvb, pinfo, parent_tree, DissectorError,
g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode()));
}
}
#endif
(12 Feb ‘14, 17:02) metamatrix

What are you trying to do on Linux with tshark?

(12 Feb ‘14, 17:04) Kurt Knochner ♦

One Answer:

0

You'd have to catch SIGSEGV, SIGBUS, SIGFPE (which, in practice, many UN*Xes use for integer division), and SIGABRT (which is what abort() delivers; that's what tends to be used for at least some assertions) in, for example, dissect_frame() in epan/dissectors/packet-frame.c and, in the handler, somehow manage to handle those conditions.

UN*X systems don't have Windows-style structured exception handling for errors such as those, so that's going to be harder to do.

answered 12 Feb '14, 16:52

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

edited 17 Feb '14, 01:20