Wireshark-bugs: [Wireshark-bugs] [Bug 9120] New: Buildbot crash output: fuzz-2013-09-08-32595.pc

Date: Mon, 09 Sep 2013 00:50:07 +0000
Bug ID 9120
Summary Buildbot crash output: fuzz-2013-09-08-32595.pcap
Classification Unclassified
Product Wireshark
Version unspecified
Hardware x86-64
URL http://www.wireshark.org/download/automated/captures/fuzz-2013-09-08-32595.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Problems have been found with the following capture file:

http://www.wireshark.org/download/automated/captures/fuzz-2013-09-08-32595.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/10129-trc_00004_20130227111552

Build host information:
Linux wsbb04 3.2.0-49-generic #75-Ubuntu SMP Tue Jun 18 17:39:32 UTC 2013
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 12.04.2 LTS
Release:    12.04
Codename:    precise

Buildbot information:
BUILDBOT_REPOSITORY=http://code.wireshark.org/git/wireshark
BUILDBOT_BUILDNUMBER=2091
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang-Code-Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=2dca89e7a333698bf4418d6f4d3a51b95baebe3f

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 2dca89e7a333698bf4418d6f4d3a51b95baebe3f
Author: Gerald Combs <[email protected]>
Date:   Sat Sep 7 03:51:27 2013 +0000

    Only add data points to the throughput graph if our time window has
    advanced. Add a reset button.

    svn path=/trunk/; revision=51811


Command and args: ./tools/valgrind-wireshark.sh 

==9188== Memcheck, a memory error detector
==9188== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==9188== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==9188== Command:
/home/wireshark/builders/trunk-clang-ca/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2013-09-08-32595.pcap
==9188== 

** (process:9188): WARNING **: Dissector bug, protocol RPC_NETLOGON, in packet
8186: packet-dcerpc.c:2294: failed assertion "id <= ((guint32) 0xffffffff)"

** (process:9188): WARNING **: Dissector bug, protocol RPC_NETLOGON, in packet
8273: packet-dcerpc.c:2294: failed assertion "id <= ((guint32) 0xffffffff)"

** (process:9188): WARNING **: Dissector bug, protocol RPC_NETLOGON, in packet
8280: packet-dcerpc.c:2294: failed assertion "id <= ((guint32) 0xffffffff)"

** (process:9188): WARNING **: Dissector bug, protocol RPC_NETLOGON, in packet
9162: packet-dcerpc.c:2294: failed assertion "id <= ((guint32) 0xffffffff)"

** (process:9188): WARNING **: Dissector bug, protocol RPC_NETLOGON, in packet
9178: packet-dcerpc.c:2294: failed assertion "id <= ((guint32) 0xffffffff)"

** (process:9188): WARNING **: Dissector bug, protocol RPC_NETLOGON, in packet
10736: packet-dcerpc.c:2294: failed assertion "id <= ((guint32) 0xffffffff)"
==9188== Conditional jump or move depends on uninitialised value(s)
==9188==    at 0x6A4D382: get_unicode_or_ascii_string (packet-smb-common.c:240)
==9188==    by 0x6A6D99F: dissect_get_dfs_request_data (packet-smb.c:10946)
==9188==    by 0x6A7F245: dissect_smb2_ioctl_data (packet-smb2.c:4625)
==9188==    by 0x6A7DD9C: dissect_smb2_ioctl_request (packet-smb2.c:4737)
==9188==    by 0x6A7CF00: dissect_smb2 (packet-smb2.c:6637)
==9188==    by 0x6A7D7E7: dissect_smb2_heur (packet-smb2.c:7074)
==9188==    by 0x644DF40: dissector_try_heuristic (packet.c:1828)
==9188==    by 0x68E6183: dissect_netbios_payload (packet-netbios.c:1055)
==9188==    by 0x68B2882: dissect_nbss_packet (packet-nbns.c:1612)
==9188==    by 0x68B2A4A: dissect_nbss (packet-nbns.c:1816)
==9188==    by 0x644BF07: call_dissector_through_handle (packet.c:492)
==9188==    by 0x644C814: call_dissector_work (packet.c:586)
==9188== 
==9188== 
==9188== HEAP SUMMARY:
==9188==     in use at exit: 1,669,705 bytes in 33,948 blocks
==9188==   total heap usage: 1,100,178 allocs, 1,066,230 frees, 62,243,556
bytes allocated
==9188== 
==9188== LEAK SUMMARY:
==9188==    definitely lost: 258,763 bytes in 3,479 blocks
==9188==    indirectly lost: 260,292 bytes in 5,580 blocks
==9188==      possibly lost: 0 bytes in 0 blocks
==9188==    still reachable: 1,150,650 bytes in 24,889 blocks
==9188==         suppressed: 0 bytes in 0 blocks
==9188== Rerun with --leak-check=full to see details of leaked memory
==9188== 
==9188== For counts of detected and suppressed errors, rerun with: -v
==9188== Use --track-origins=yes to see where uninitialised values come from
==9188== ERROR SUMMARY: 3 errors from 1 contexts (suppressed: 3 from 3)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.