Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 7960] Buildbot crash output: fuzz-2012-11-06-1334.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 7960] Buildbot crash output: fuzz-2012-11-06-1334.pcap

Date: Sun, 18 Nov 2012 11:17:49 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7960

--- Comment #2 from Martin Kaiser <wireshark@xxxxxxxxx> 2012-11-18 11:17:48 PST ---
interestingly, it makes a difference if I change

SET_ADDRESS (&pinfo->dst, AT_FC, 3, tvb_get_ptr(tvb,offset+1,3));

to

const guint8 *p;
p = tvb_get_ptr(tvb,offset+1,3);
SET_ADDRESS (&pinfo->dst, AT_FC, 3, p);

The latter case results in a ReportedBoundsError exception which is correctly
caught by dissect_frame().

However, the former version seems to end up in
ensure_contiguous_no_exception(), DISSECTOR_ASSERT_NOT_REACHED (at least when I
run in gdb). The backtrace shows an invalid tvb value that's passed to
tvb_get_ptr()....

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 7960] New: Buildbot crash output: fuzz-2012-11-06-1334.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 6645] Patch to add support for Friendly Names for interfaces on Windows
Next by Date: [Wireshark-bugs] [Bug 7982] Buildbot crash output: fuzz-2012-11-16-11736.pcap
Previous by thread: [Wireshark-bugs] [Bug 7960] Buildbot crash output: fuzz-2012-11-06-1334.pcap
Next by thread: [Wireshark-bugs] [Bug 7961] New: why port names are edited?
Index(es):
- Date
- Thread