Wireshark-bugs: [Wireshark-bugs] [Bug 9247] New: Crash in TCP reassemble

Date: Mon, 07 Oct 2013 23:16:16 +0000
Bug ID 9247
Summary Crash in TCP reassemble
Classification Unclassified
Product Wireshark
Version SVN
Hardware x86
OS Linux (other)
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Created attachment 11733 [details]
gdb backtrace

Build Information:
Compiled (64-bit) with GLib 2.38.0, with libpcap, with libz 1.2.8, with POSIX
capabilities (Linux), with libnl 3, without SMI, without c-ares, without ADNS,
with Lua 5.2, without Python, with GnuTLS 3.2.4, with Gcrypt 1.5.3, with MIT
Kerberos, with GeoIP.

Built from SVN (master 52424)
--
I got a IEEE 802.11 capture containing fragmented TCP packets (with HTTP). When
applying a read filter which would result in an empty match, wireshark/tshark
segfault.

This problem occurs with the current SVN sources. Wireshark 1.10.2 is not
affected.

Commands (assuming no smtp traffic):

    tshark -r cap.pcapng -2 -R smtp
    wireshark -r cap.pcapng -R smtp

Bisection leads to:

Author: Guy Harris <[email protected]>
Date:   Sun Jul 14 22:38:03 2013 +0000

    All routines taking an offset and length that want to access the data in
    the backing tvbuff must add the subset tvbuff's offset to the offset
    argument, to skip to the subset.

    svn path=/trunk/; revision=50591

gdb backtrace is attached.

I cannot share the capture file here as the contents are encrypted, but will
try to get some text output from tshark. (mail me if you really want to get the
capture).


You are receiving this mail because:
  • You are watching all bug changes.