Wireshark-bugs: [Wireshark-bugs] [Bug 2410] Buildbot crash output: fuzz-2008-04-05-428.pcap
Date: Thu, 10 Apr 2008 15:46:13 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2410 --- Comment #1 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> 2008-04-10 15:46:11 GMT --- I could reproduce this on Linux. Here's the backtrace: #0 dissect_nbss (tvb=0xeb6f18, pinfo=0xe81110, tree=0xeb8f50) at packet-nbns.c:1678 1678 if (!tcpinfo->is_reassembled) { (gdb) bt #0 dissect_nbss (tvb=0xeb6f18, pinfo=0xe81110, tree=0xeb8f50) at packet-nbns.c:1678 #1 0x0000002a961ec25c in call_dissector_through_handle (handle=0xbc3790, tvb=0xeb6f18, pinfo=0xe81110, tree=0xeb8f50) at packet.c:396 #2 0x0000002a961ec8a1 in call_dissector_work (handle=0xbc3790, tvb=0xeb6f18, pinfo_arg=0xe81110, tree=0xeb8f50) at packet.c:485 #3 0x0000002a961ecd29 in dissector_try_port (sub_dissectors=Variable "sub_dissectors" is not available. ) at packet.c:870 #4 0x0000002a965ccf87 in decode_tcp_ports (tvb=Variable "tvb" is not available. ) at packet-tcp.c:2392 #5 0x0000002a965cd283 in process_tcp_payload (tvb=0xe881a0, offset=916, pinfo=0xe81110, tree=0xeb8f50, tcp_tree=0xeb9100, src_port=17581, dst_port=445, seq=0, nxtseq=0, is_tcp_segment=0, tcpd=0xec5210) at packet-tcp.c:2451 #6 0x0000002a965cd906 in dissect_tcp_payload (tvb=0xe881a0, pinfo=0xe81110, offset=Variable "offset" is not available. ) at packet-tcp.c:1511 #7 0x0000002a965cf5ae in dissect_tcp (tvb=0xe881a0, pinfo=0xe81110, tree=0xeb8f50) at packet-tcp.c:3178 #8 0x0000002a961ec25c in call_dissector_through_handle (handle=0xc0f6e0, tvb=0xe881a0, pinfo=0xe81110, tree=0xeb8f50) at packet.c:396 #9 0x0000002a961ec8a1 in call_dissector_work (handle=0xc0f6e0, tvb=0xe881a0, pinfo_arg=0xe81110, tree=0xeb8f50) at packet.c:485 #10 0x0000002a961ecd29 in dissector_try_port (sub_dissectors=Variable "sub_dissectors" is not available. ) at packet.c:870 #11 0x0000002a964187e8 in dissect_ip (tvb=0xe88148, pinfo=0xe81110, parent_tree=0xeb8f50) at packet-ip.c:1564 #12 0x0000002a961ec25c in call_dissector_through_handle (handle=0x79bd10, tvb=0xe88148, pinfo=0xe81110, tree=0xeb8f50) at packet.c:396 #13 0x0000002a961ec8a1 in call_dissector_work (handle=0x79bd10, tvb=0xe88148, pinfo_arg=0xe81110, tree=0xeb8f50) at packet.c:485 #14 0x0000002a961ecd29 in dissector_try_port (sub_dissectors=Variable "sub_dissectors" is not available. ) at packet.c:870 #15 0x0000002a96373706 in ethertype (etype=2048, tvb=0xe881f8, offset_after_etype=14, pinfo=0xe81110, tree=0xeb8f50, fh_tree=0xebcd90, etype_id=13830, trailer_id=13832, fcs_len=-1) at packet-ethertype.c:215 #16 0x0000002a96370fe7 in dissect_eth_common (tvb=0xe881f8, pinfo=0xe81110, parent_tree=0xeb8f50, fcs_len=-1) at packet-eth.c:338 #17 0x0000002a961ec25c in call_dissector_through_handle (handle=0xb7e1c0, tvb=0xe881f8, pinfo=0xe81110, tree=0xeb8f50) at packet.c:396 #18 0x0000002a961ec8a1 in call_dissector_work (handle=0xb7e1c0, tvb=0xe881f8, pinfo_arg=0xe81110, tree=0xeb8f50) at packet.c:485 #19 0x0000002a961ecd29 in dissector_try_port (sub_dissectors=Variable "sub_dissectors" is not available. ) at packet.c:870 #20 0x0000002a963a98f9 in dissect_frame (tvb=0xe881f8, pinfo=0xe81110, parent_tree=0xeb8f50) at packet-frame.c:305 #21 0x0000002a961ec25c in call_dissector_through_handle (handle=0x6ef700, tvb=0xe881f8, pinfo=0xe81110, tree=0xeb8f50) at packet.c:396 #22 0x0000002a961ec8a1 in call_dissector_work (handle=0x6ef700, tvb=0xe881f8, pinfo_arg=0xe81110, tree=0xeb8f50) at packet.c:485 #23 0x0000002a961ee281 in call_dissector (handle=Variable "handle" is not available. ) at packet.c:1787 #24 0x0000002a961ee7ea in dissect_packet (edt=0xe81100, pseudo_header=Variable "pseudo_header" is not available. ) at packet.c:332 #25 0x000000000041b744 in process_packet (cf=0x531c20, offset=Variable "offset" is not available. ) at tshark.c:2458 #26 0x000000000041d5bb in main (argc=Variable "argc" is not available. ) at tshark.c:2250 (gdb) print tcpinfo $1 = (struct tcpinfo *) 0x0 (gdb) print pinfo->private_data $2 = (void *) 0x0 (gdb) frame 7 #7 0x0000002a965cf5ae in dissect_tcp (tvb=0xe881a0, pinfo=0xe81110, tree=0xeb8f50) at packet-tcp.c:3178 3178 dissect_tcp_payload(tvb, pinfo, offset, tcph->th_seq, nxtseq, (gdb) print &tcpinfo $3 = (struct tcpinfo *) 0x7fbfffe890 I'm not sure why/where private_data is getting reset between dissect_tcp() and dissect_nbss(). -- Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
- References:
- [Wireshark-bugs] [Bug 2410] New: Buildbot crash output: fuzz-2008-04-05-428.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2410] New: Buildbot crash output: fuzz-2008-04-05-428.pcap
- Prev by Date: [Wireshark-bugs] [Bug 2325] "Type-ahead search" accepts only one character (eg: in ' Edit Preferences -> Protocols' )
- Next by Date: [Wireshark-bugs] [Bug 2442] some SNMP trap packets parse error
- Previous by thread: [Wireshark-bugs] [Bug 2410] New: Buildbot crash output: fuzz-2008-04-05-428.pcap
- Next by thread: [Wireshark-bugs] [Bug 2410] Buildbot crash output: fuzz-2008-04-05-428.pcap
- Index(es):