Evan Huus
changed
bug 8213
What |
Removed |
Added |
Status |
UNCONFIRMED
|
CONFIRMED
|
CC |
|
[email protected]
|
Ever confirmed |
|
1
|
Comment # 1
on bug 8213
from Evan Huus
Finally one I can reproduce :)
This looks like corruption of the emem internals via a bug in DCP-ETSI.
==20385== Invalid write of size 4
==20385== at 0x655D4B7: dissect_pft (packet-dcp-etsi.c:296)
==20385== by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385== by 0x636E9AC: call_dissector_work (packet.c:549)
==20385== by 0x636F4DE: dissector_try_string (packet.c:1228)
==20385== by 0x655CA8C: dissect_dcp_etsi (packet-dcp-etsi.c:199)
==20385== by 0x636FFDF: dissector_try_heuristic (packet.c:1807)
==20385== by 0x69D636D: decode_udp_ports (packet-udp.c:279)
==20385== by 0x69D69CF: dissect (packet-udp.c:593)
==20385== by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385== by 0x636E9AC: call_dissector_work (packet.c:549)
==20385== by 0x636F1EF: dissector_try_uint_new (packet.c:969)
==20385== by 0x636F246: dissector_try_uint (packet.c:995)
==20385== Address 0x1230bd78 is 0 bytes after a block of size 232 alloc'd
==20385== at 0x4C2CD7B: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==20385== by 0x922E6C0: g_malloc (gmem.c:159)
==20385== by 0x6361B65: emem_alloc_glib (emem.c:852)
==20385== by 0x6361F3D: emem_alloc (emem.c:867)
==20385== by 0x655D473: dissect_pft (packet-dcp-etsi.c:290)
==20385== by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385== by 0x636E9AC: call_dissector_work (packet.c:549)
==20385== by 0x636F4DE: dissector_try_string (packet.c:1228)
==20385== by 0x655CA8C: dissect_dcp_etsi (packet-dcp-etsi.c:199)
==20385== by 0x636FFDF: dissector_try_heuristic (packet.c:1807)
==20385== by 0x69D636D: decode_udp_ports (packet-udp.c:279)
==20385== by 0x69D69CF: dissect (packet-udp.c:593)
==20385==
==20385== Invalid write of size 4
==20385== at 0x655D4D0: dissect_pft (packet-dcp-etsi.c:300)
==20385== by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385== by 0x636E9AC: call_dissector_work (packet.c:549)
==20385== by 0x636F4DE: dissector_try_string (packet.c:1228)
==20385== by 0x655CA8C: dissect_dcp_etsi (packet-dcp-etsi.c:199)
==20385== by 0x636FFDF: dissector_try_heuristic (packet.c:1807)
==20385== by 0x69D636D: decode_udp_ports (packet-udp.c:279)
==20385== by 0x69D69CF: dissect (packet-udp.c:593)
==20385== by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385== by 0x636E9AC: call_dissector_work (packet.c:549)
==20385== by 0x636F1EF: dissector_try_uint_new (packet.c:969)
==20385== by 0x636F246: dissector_try_uint (packet.c:995)
==20385== Address 0x1230bdd4 is not stack'd, malloc'd or (recently) free'd
You are receiving this mail because:
- You are watching all bug changes.