Wireshark-bugs: [Wireshark-bugs] [Bug 5793] Buildbot crash output: fuzz-2011-03-29-4806.pcap

Date: Wed, 6 Apr 2011 19:06:29 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793

Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jeff.morriss.ws@xxxxxxxxx

--- Comment #1 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> 2011-04-06 19:06:27 PDT ---
Valgrind reports:

==31874== Invalid write of size 1
==31874==    at 0x31C005C127: g_strlcat (in /lib64/libglib-2.0.so.0.2400.1)
==31874==    by 0x64AFDBF: dissect_x509if_RelativeDistinguishedName
(x509if.cnf:348)
==31874==    by 0x5E9E888: dissect_ber_choice (packet-ber.c:3110)
==31874==    by 0x6415C3F: dissect_acse_ASO_qualifier (acse.cnf:175)
==31874==    by 0x5EA563A: dissect_ber_sequence (packet-ber.c:2046)
==31874==    by 0x64160CF: dissect_acse_AARE_apdu_U (acse.cnf:249)
==31874==    by 0x5E9ECD6: dissect_ber_tagged_type (packet-ber.c:531)
==31874==    by 0x6416C36: dissect_acse_AARE_apdu (acse.cnf:101)
==31874==    by 0x5E9E888: dissect_ber_choice (packet-ber.c:3110)
==31874==    by 0x6415942: dissect_acse (acse.cnf:130)
==31874==    by 0x5DB41EF: call_dissector_through_handle (packet.c:395)
==31874==    by 0x5DB491C: call_dissector_work (packet.c:486)
==31874==  Address 0x8e19b09 is 201 bytes inside a block of size 1,280 free'd
==31874==    at 0x4A04D72: free (vg_replace_malloc.c:325)
==31874==    by 0x5DAAD67: emem_free_all (emem.c:1146)
==31874==    by 0x5DAC79D: epan_dissect_run (epan.c:199)
==31874==    by 0x420C07: process_packet (tshark.c:2890)
==31874==    by 0x4239DD: main (tshark.c:2712)


So this is basically the same as bug 5754, except it's a different variable
this time.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.