Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 8518] New: glibc detected /usr/bin/tshark: double free or corruption when usin

Wireshark-bugs: [Wireshark-bugs] [Bug 8518] New: glibc detected /usr/bin/tshark: double free or

Date: Sun, 24 Mar 2013 22:57:54 +0000

Bug ID	8518
Summary	glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
Classification	Unclassified
Product	Wireshark
Version	SVN
Hardware	x86-64
OS	Mac OS X 10.8
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	TShark
Assignee	[email protected]
Reporter	[email protected]

Created attachment 10450 [details]
The capture that causes the crash.

Build Information:
Latest version from the git repo (assuming it's the same as SVN trunk)

Also on both latest OS X and Debian.
--
Certain capture files trigger this segfault where it only happens when the
capture file is being streamed into tshark. e.g.:

# ./tshark -r ~/Downloads/net-2009-12-04-11_47.dmp
  1   0.000000 SmcNetwo_81:db:10 -> LLDP_Multicast LLDP 118 Chassis Id =
00:22:2d:81:db:10 Port Id = 1 TTL = 120

# cat ~/Downloads/net-2009-12-04-11_47.dmp | ./tshark -r -
tshark(35000) malloc: *** error for object 0x7fd0923475f0: pointer being freed
was not allocated
Abort trap: 6

Steps to debug:

# mkfifo capture
# cat ~/Downloads/net-2009-12-04-11_47.dmp > capture &
# gdb ./tshark
(gdb) run -r - <capture

Backtrace:

Program received signal SIGABRT, Aborted.
0x00007fff8bdafd46 in __kill ()
(gdb) bt
#0  0x00007fff8bdafd46 in __kill ()
#1  0x00007fff8bc9fdf0 in abort ()
#2  0x00007fff8bc739b9 in free ()
#3  0x0000000100090d6f in wtap_close ()
#4  0x000000010006fe26 in wtap_open_offline ()
#5  0x00000001000106d5 in cf_open (cf=0x100039900, fname=0x1065be320 "-",
is_tempfile=0, err=0x7fff5fbfe764) at tshark.c:3647
#6  0x000000010000f188 in main (argc=1606413808, argv=0x7fff5fbfedf0) at
tshark.c:1848

>From my initial debugging it happens at around file_access.c:366 where it is
failing on the seek:

if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
            /* I/O error - give up */
            wtap_close(wth);
            return NULL;
        }

Unfortunately my budget with tshark has run out at this stage, so I didn't have
time to find the problem and make a patch. Hopefully this report is useful.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 7310] Initial support for the GlusterFS RPC-protocol
Next by Date: [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
Previous by thread: [Wireshark-bugs] [Bug 8279] Add support for Android Logcat logs, text files and binary files
Next by thread: [Wireshark-bugs] [Bug 8518] glibc detected /usr/bin/tshark: double free or corruption when using "-r -"
Index(es):
- Date
- Thread