ethernet packet generator

Tracker: Bugs

5 Fragmentation entry field is incorrectly updated in dialog - ID: 2562213

Last Update: Settings changed ( jemcek )

Details:

The OK button handler for the fragmentation settings dialog box incorrectly
updates the fragmentation entry box. On the win32 version, this results in
the machine beeping. gtk_entry_set_text() expects a null-terminated string
but the code in callbacks.c, function ob_button79_clicked is shown below
(lines numbered).

Line 6 defines "tmp" as a "gchar". Lines 12, 15, 18 and 21 set the value of
tmp to a character value depending on which radio buttons were selected in
the dialog. Line 24 calls gtk_entry_set_text() passing in the address of
"tmp" as the second parameter (type "gchar *"). gtk_entry_set_text()
expects this to be a null-terminated string, so works its way through
memory until it finds a zero byte since the code below hasn't provided a
null-terminator explicitly.

The changes to the code are:

Line 6:

gchar tmp; ---> gchar tmp[2];
bzero(tmp, 2);

Line 12:

tmp = '3'; ---> tmp[0] = '3';

Line 15:

tmp = '2'; ---> tmp[0] = '2';

Line 18:

tmp = '1'; ---> tmp[0] = '1';

Line 21:

tmp = '0'; ---> tmp[0] = '0';

Line 24:

gtk_entry_set_text(GTK_ENTRY(entry_field_fragment),&tmp); --->
gtk_entry_set_text(GTK_ENTRY(entry_field_fragment), tmp);

================ INCORRECT CODE BELOW ================
1: void
2: on_button79_clicked (GtkButton *button,
3: gpointer user_data)
4: {
5: GtkWidget *w1, *w2;
6: gchar tmp;
7:
8: w1 = lookup_widget(GTK_WIDGET(button), "radiobutton55");
9: w2 = lookup_widget(GTK_WIDGET(button), "radiobutton57");
10:
11: if ( (GTK_TOGGLE_BUTTON(w1)->active) &&
(GTK_TOGGLE_BUTTON(w2)->active) )
12: tmp = '3';
13:
14: else if ( (GTK_TOGGLE_BUTTON(w1)->active) &&
!(GTK_TOGGLE_BUTTON(w2)->active) )
15: tmp = '2';
16:
17: else if ( !(GTK_TOGGLE_BUTTON(w1)->active) &&
(GTK_TOGGLE_BUTTON(w2)->active) )
18: tmp = '1';
19:
20: else
21: tmp = '0';
22:
23: gtk_entry_set_max_length(GTK_ENTRY(entry_field_fragment),1);
24: gtk_entry_set_text(GTK_ENTRY(entry_field_fragment),&tmp);
25:
26: gtk_grab_remove(gtk_widget_get_toplevel(GTK_WIDGET(button)));
27: gtk_widget_destroy(gtk_widget_get_toplevel(GTK_WIDGET(button)));
28:}

Submitted:

John McCabe ( john_g_mccabe ) - 2009-02-03 21:54

Priority:

Status:

Closed

Resolution:

None

Assigned:

Nobody/Anonymous

Category:

None

Group:

None

Visibility:

Public

Comments ( 2 )

Date: 2009-10-26 09:38 Sender: jemcek Solved in 1.6.3
Date: 2009-02-03 22:11 Sender: john_g_mccabe Alternatively, instead of using bzero(tmp, 2); you could use memset(tmp, 0, 2);

Attached File

Changes ( 3 )

Field	Old Value	Date	By
status_id	Open	2009-10-26 09:38	jemcek
allow_comments	1	2009-10-26 09:38	jemcek
close_date	-	2009-10-26 09:38	jemcek

ethernet packet generator

Tracker: Bugs

Comments ( 2 )

Attached File

No Files Currently Attached

Changes ( 3 )

About SourceForge

Find Software

Develop Software

Community

Help