diff options
author | Jeff Morriss <jeff.morriss@ulticom.com> | 2010-09-02 18:02:06 +0000 |
---|---|---|
committer | Jeff Morriss <jeff.morriss@ulticom.com> | 2010-09-02 18:02:06 +0000 |
commit | 7d20440ff0f5c8fc1510198eda81761b273e2a67 (patch) | |
tree | ae3163d422effdd1ba05613492f197e462c37369 /doc | |
parent | 8ffbb8ade834c899790c808e479cb471680c16b5 (diff) |
Introduce 2 new environment variables: WIRESHARK_EP_VERIFY_POINTERS and
WIRESHARK_SE_VERIFY_POINTERS that control whether or not we verify if a given
pointer is ep_ or se_ allocated, respectively.
Turn the behavior off by default for speed reasons (the speed difference isn't
huge, but...).
Turn the behavior on when fuzz testing.
Document these two new variables in the man pages.
svn path=/trunk/; revision=34046
Diffstat (limited to 'doc')
-rw-r--r-- | doc/rawshark.pod | 16 | ||||
-rw-r--r-- | doc/tshark.pod | 44 | ||||
-rw-r--r-- | doc/wireshark.pod.template | 14 |
3 files changed, 58 insertions, 16 deletions
diff --git a/doc/rawshark.pod b/doc/rawshark.pod index 6981fc172a..1a3b9db210 100644 --- a/doc/rawshark.pod +++ b/doc/rawshark.pod @@ -436,10 +436,24 @@ when a dissector bug is encountered. abort(3) will cause the program to exit abnormally; if you are running B<Rawshark> in a debugger, it should halt in the debugger and allow inspection of the process, and, if you are not running it in a debugger, it will, on some OSes, assuming -your environment is configured correctly, generate a core dump file. +your environment is configured correctly, generate a core dump file. This can be useful to developers attempting to troubleshoot a problem with a protocol dissector. +=item WIRESHARK_EP_VERIFY_POINTERS + +This environment variable, if exported, causes certain uses of pointers to be +audited to ensure they do not point to memory that is deallocated after each +packet has been fully dissected. This can be useful to developers writing or +auditing code. + +=item WIRESHARK_SE_VERIFY_POINTERS + +This environment variable, if exported, causes certain uses of pointers to be +audited to ensure they do not point to memory that is deallocated after when +a capture file is closed. This can be useful to developers writing or +auditing code. + =back =head1 SEE ALSO diff --git a/doc/tshark.pod b/doc/tshark.pod index 9ad9eb93c3..c205800857 100644 --- a/doc/tshark.pod +++ b/doc/tshark.pod @@ -129,7 +129,7 @@ arguments, it's a capture filter if a capture is being done (i.e., if no B<-r> option was specified) and a read filter if a capture file is being read (i.e., if a B<-r> option was specified). -The B<-G> option is a special mode that simply causes B<Tshark> +The B<-G> option is a special mode that simply causes B<Tshark> to dump one of several types of internal glossaries and then exit. =head1 OPTIONS @@ -291,7 +291,7 @@ the last occurrence will be used and if B<a> all occurrences will be used B<aggregator=,|/s|>E<lt>characterE<gt> Set the aggregator character to use for fields that have multiple occurences. If B<,> a comma will be used -(this is the default), if B</s>, a single space will be used. Otherwise +(this is the default), if B</s>, a single space will be used. Otherwise any character that can be accepted by the command line as part of the option may be used. @@ -311,16 +311,16 @@ without a value will list the available formats. =item -G [fields|fields2|fields3|protocols|values|decodes|defaultprefs|currentprefs] -The B<-G> option will cause B<Tshark> to dump one of several types of glossaries -and then exit. If no specfic glossary type if specified then the B<fields> report -will be generated by default. +The B<-G> option will cause B<Tshark> to dump one of several types of glossaries +and then exit. If no specfic glossary type if specified then the B<fields> report +will be generated by default. The available report types include: -B<fields> Dumps the contents of the registration database to -stdout. An independent program can take this output and format it into nice -tables or HTML or whatever. There is one record per line. Each record is -either a protocol or a header field, differentiated by the first field. +B<fields> Dumps the contents of the registration database to +stdout. An independent program can take this output and format it into nice +tables or HTML or whatever. There is one record per line. Each record is +either a protocol or a header field, differentiated by the first field. The fields are tab-delimited. * Protocols @@ -348,17 +348,17 @@ B<fields3> Same as the B<fields> report but includes two additional columns. * Field 7 = base for display (for integer types); "parent bitfield width" for FT_BOOLEAN * Field 8 = bitmask: format: hex: 0x.... -B<protocols> Dumps the protocols in the registration database to stdout. -An independent program can take this output and format it into nice tables +B<protocols> Dumps the protocols in the registration database to stdout. +An independent program can take this output and format it into nice tables or HTML or whatever. There is one record per line. The fields are tab-delimited. * Field 1 = protocol name * Field 2 = protocol short name * Field 3 = protocol filter name -B<values> Dumps the value_strings, range_strings or true/false strings -for fields that have them. There is one record per line. Fields are -tab-delimited. There are three types of records: Value String, Range +B<values> Dumps the value_strings, range_strings or true/false strings +for fields that have them. There is one record per line. Fields are +tab-delimited. There are three types of records: Value String, Range String and True/False String. The first field, 'V', 'R' or 'T', indicates the type of record. @@ -384,7 +384,7 @@ the type of record. * Field 3 = True String * Field 4 = False String -B<decodes> Dumps the "layer type"/"decode as" associations to stdout. +B<decodes> Dumps the "layer type"/"decode as" associations to stdout. There is one record per line. The fields are tab-delimited. * Field 1 = layer type, e.g. "tcp.port" @@ -1224,6 +1224,20 @@ your environment is configured correctly, generate a core dump file. This can be useful to developers attempting to troubleshoot a problem with a protocol dissector. +=item WIRESHARK_EP_VERIFY_POINTERS + +This environment variable, if exported, causes certain uses of pointers to be +audited to ensure they do not point to memory that is deallocated after each +packet has been fully dissected. This can be useful to developers writing or +auditing code. + +=item WIRESHARK_SE_VERIFY_POINTERS + +This environment variable, if exported, causes certain uses of pointers to be +audited to ensure they do not point to memory that is deallocated after when +a capture file is closed. This can be useful to developers writing or +auditing code. + =back =head1 SEE ALSO diff --git a/doc/wireshark.pod.template b/doc/wireshark.pod.template index 9707311cd7..c0cefb3f42 100644 --- a/doc/wireshark.pod.template +++ b/doc/wireshark.pod.template @@ -2674,6 +2674,20 @@ your environment is configured correctly, generate a core dump file. This can be useful to developers attempting to troubleshoot a problem with a protocol dissector. +=item WIRESHARK_EP_VERIFY_POINTERS + +This environment variable, if exported, causes certain uses of pointers to be +audited to ensure they do not point to memory that is deallocated after each +packet has been fully dissected. This can be useful to developers writing or +auditing code. + +=item WIRESHARK_SE_VERIFY_POINTERS + +This environment variable, if exported, causes certain uses of pointers to be +audited to ensure they do not point to memory that is deallocated after when +a capture file is closed. This can be useful to developers writing or +auditing code. + =back =head1 SEE ALSO |