This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to handle exceptions on Linux

0

Tshark handles exceptions/assertion failures on Windows, but on Linux, it will crash on exceptions/assertion failures, how to do?

asked 11 Feb '14, 23:28

metamatrix's gravatar image

metamatrix
56161619
accept rate: 100%

can you please show an example where tshark on Windows fails 'in a better/different way' than on Linux?

(12 Feb '14, 00:39) Kurt Knochner ♦

e.g. packet-frame.c ln 491

        /* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions
           like memory access violations.
           (a running debugger will be called before the except part below) */
                /* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling)
                   stack in an inconsistent state thus causing a crash at some point in the
                   handling of the exception.*/
    TRY {
#ifdef _MSC_VER
        __try {
#endif
...

#ifdef _MSC_VER } #endif

#ifdef _MSC_VER } __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) { switch(GetExceptionCode()) { case(STATUS_ACCESS_VIOLATION): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address"); break; case(STATUS_INTEGER_DIVIDE_BY_ZERO): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero"); break; case(STATUS_STACK_OVERFLOW): show_exception(tvb, pinfo, parent_tree, DissectorError, "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)"); /* XXX - this will have probably corrupted the stack, which makes problems later in the exception code */ break; /* XXX - add other hardware exception codes as required */ default: show_exception(tvb, pinfo, parent_tree, DissectorError, g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode())); } } #endif

(12 Feb ‘14, 17:02) metamatrix

What are you trying to do on Linux with tshark?

(12 Feb ‘14, 17:04) Kurt Knochner ♦


One Answer:

0

You'd have to catch SIGSEGV, SIGBUS, SIGFPE (which, in practice, many UN*Xes use for integer division), and SIGABRT (which is what abort() delivers; that's what tends to be used for at least some assertions) in, for example, dissect_frame() in epan/dissectors/packet-frame.c and, in the handler, somehow manage to handle those conditions.

UN*X systems don't have Windows-style structured exception handling for errors such as those, so that's going to be harder to do.

answered 12 Feb '14, 16:52

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

edited 17 Feb '14, 01:20