Wireshark-bugs: [Wireshark-bugs] [Bug 7561] Capture file that crashes wireshark in emem.c

Date: Fri, 3 Aug 2012 07:17:10 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7561

Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jeff.morriss.ws@xxxxxxxxx

--- Comment #1 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> 2012-08-03 07:17:10 PDT ---
Valgrind output:

~~~
==19432== Invalid write of size 1
==19432==    at 0x61F3D00: csnStreamDissector (packet-csn1.c:239)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x634C63E: dissect_gsm_rlcmac_downlink
(packet-gsm_rlcmac.c:6440)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6073F70: call_dissector (packet.c:2000)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==  Address 0xcb41364 is 0 bytes after a block of size 67,340 alloc'd
==19432==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
==19432==    by 0x31A223FF82: g_malloc (in /lib64/libglib-2.0.so.0.1800.4)
==19432==    by 0x6069CE4: emem_alloc_glib (emem.c:838)
==19432==    by 0x6069146: emem_alloc (emem.c:853)
==19432==    by 0x634C0B0: dissect_gsm_rlcmac_downlink
(packet-gsm_rlcmac.c:6325)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6073F70: call_dissector (packet.c:2000)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6074F31: dissector_try_uint_new (packet.c:935)
==19432==    by 0x66C44F6: decode_udp_ports (packet-udp.c:272)
==19432== 
==19432== Invalid write of size 1
==19432==    at 0x61F3D36: csnStreamDissector (packet-csn1.c:1141)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x634C63E: dissect_gsm_rlcmac_downlink
(packet-gsm_rlcmac.c:6440)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6073F70: call_dissector (packet.c:2000)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==  Address 0xcb41365 is 1 bytes after a block of size 67,340 alloc'd
==19432==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
==19432==    by 0x31A223FF82: g_malloc (in /lib64/libglib-2.0.so.0.1800.4)
==19432==    by 0x6069CE4: emem_alloc_glib (emem.c:838)
==19432==    by 0x6069146: emem_alloc (emem.c:853)
==19432==    by 0x634C0B0: dissect_gsm_rlcmac_downlink
(packet-gsm_rlcmac.c:6325)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6073F70: call_dissector (packet.c:2000)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6074F31: dissector_try_uint_new (packet.c:935)
==19432==    by 0x66C44F6: decode_udp_ports (packet-udp.c:272)
==19432== 
==19432== Invalid write of size 1
==19432==    at 0x61F1FDD: csnStreamDissector (packet-csn1.c:1141)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x61F2B6D: csnStreamDissector (packet-csn1.c:569)
==19432==    by 0x634C63E: dissect_gsm_rlcmac_downlink
(packet-gsm_rlcmac.c:6440)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6073F70: call_dissector (packet.c:2000)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==  Address 0xcb41368 is 4 bytes after a block of size 67,340 alloc'd
==19432==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
==19432==    by 0x31A223FF82: g_malloc (in /lib64/libglib-2.0.so.0.1800.4)
==19432==    by 0x6069CE4: emem_alloc_glib (emem.c:838)
==19432==    by 0x6069146: emem_alloc (emem.c:853)
==19432==    by 0x634C0B0: dissect_gsm_rlcmac_downlink
(packet-gsm_rlcmac.c:6325)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6073F70: call_dissector (packet.c:2000)
==19432==    by 0x6073620: call_dissector_through_handle (packet.c:419)
==19432==    by 0x6073E0E: call_dissector_work (packet.c:510)
==19432==    by 0x6074F31: dissector_try_uint_new (packet.c:935)
==19432==    by 0x66C44F6: decode_udp_ports (packet-udp.c:272)
~~~

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.