Wireshark-bugs: [Wireshark-bugs] [Bug 7916] Buildbot crash output: fuzz-2012-10-26-28605.pcap

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Sun, 28 Oct 2012 19:46:08 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7916

Michael Mann <mmann78@xxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mmann78@xxxxxxxxxxxx

--- Comment #9 from Michael Mann <mmann78@xxxxxxxxxxxx> 2012-10-28 19:46:07 PDT ---
(In reply to comment #8)
> (In reply to comment #7)
> > Created attachment 9439 [details]
> > 1 frame extract which causes crash
> > 
> > 1 frame frame extract from the fuzz'd file which causes a crash in 
> > file.c: cf_read() in the ENDTRY statement (with SVN #45821).
> I'm not seeing a crash with SVN #45823, and the crash I was seeing with SVN
> #45821 was a null-pointer in mip6 (since fixed). The exception code is pretty
> mature at this point, so I'm not sure why it would suddenly be causing
> problems.

Yea, all I see at this point (rev 45823) is a "length field" that is bigger
than the tvb, so the while("length field" > 0) eventually throws an exception
causing a malformed packet (which should be normal)

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.