Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9692] New: Buildbot crash output: fuzz-2014-01-23-4263.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 9692] New: Buildbot crash output: fuzz-2014-01-23-4263.pca

Date: Fri, 24 Jan 2014 03:50:10 +0000

Bug ID	9692
Summary	Buildbot crash output: fuzz-2014-01-23-4263.pcap
Classification	Unclassified
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	http://www.wireshark.org/download/automated/captures/fuzz-2014-01-23-4263.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

http://www.wireshark.org/download/automated/captures/fuzz-2014-01-23-4263.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/111111

Build host information:
Linux wsbb04 3.2.0-58-generic #88-Ubuntu SMP Tue Dec 3 17:37:58 UTC 2013 x86_64
x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 12.04.4 LTS
Release:    12.04
Codename:    precise

Buildbot information:
BUILDBOT_REPOSITORY=https://code.wireshark.org/review/wireshark
BUILDBOT_BUILDNUMBER=2532
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang-Code-Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=90d7c5f59b574e254bc1bb70aaaf12372fe97cc3

Return value:  152

Dissector bug:  0

Valgrind error count:  0



Git commit
commit 90d7c5f59b574e254bc1bb70aaaf12372fe97cc3
Author: Guy Harris <[email protected]>
Date:   Wed Jan 22 00:26:36 2014 +0000

    Don't write out packets that have a "captured length" bigger than we're
    willing to read or that's bigger than will fit in the file format;
    instead, report an error.

    For the "I can't write a packet of that type in that file type" error,
    report the file type in question.

    svn path=/trunk/; revision=54882


Command and args: ./tools/valgrind-wireshark.sh -T

==20845== Memcheck, a memory error detector
==20845== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==20845== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==20845== Command:
/home/wireshark/builders/trunk-clang-ca/clangcodeanalysis/install/bin/tshark
-Vx -nr
/fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-01-23-4263.pcap
==20845== 
==20845== 
==20845== Process terminating with default action of signal 24 (SIGXCPU):
dumping core
==20845==    at 0x96A2284: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
==20845==    by 0x96A25DA: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
==20845==    by 0x96A2979: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
==20845==    by 0x7008258: wmem_simple_alloc (wmem_allocator_simple.c:54)
==20845==    by 0x6537388: new_field_info.isra.2 (proto.c:3656)
==20845==    by 0x6538261: proto_tree_add_pi (proto.c:3685)
==20845==    by 0x653A666: proto_tree_add_bytes (proto.c:2035)
==20845==    by 0x653A815: proto_tree_add_bytes_format (proto.c:2082)
==20845==    by 0x6BDBB3F: dissect_tcp_payload (packet-tcp.c:2081)
==20845==    by 0x6BDD19F: dissect_tcp (packet-tcp.c:4831)
==20845==    by 0x6529A97: call_dissector_through_handle (packet.c:582)
==20845==    by 0x652A5BD: call_dissector_work (packet.c:669)
==20845== 
==20845== HEAP SUMMARY:
==20845==     in use at exit: 50,762,896 bytes in 835,029 blocks
==20845==   total heap usage: 26,310,846 allocs, 25,475,817 frees,
2,494,876,798 bytes allocated
==20845== 
==20845== LEAK SUMMARY:
==20845==    definitely lost: 2,348 bytes in 20 blocks
==20845==    indirectly lost: 8 bytes in 1 blocks
==20845==      possibly lost: 19 bytes in 1 blocks
==20845==    still reachable: 50,760,521 bytes in 835,007 blocks
==20845==         suppressed: 0 bytes in 0 blocks
==20845== Rerun with --leak-check=full to see details of leaked memory
==20845== 
==20845== For counts of detected and suppressed errors, rerun with: -v
==20845== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 39 from 5)
./tools/valgrind-wireshark.sh: line 109: 20845 CPU time limit exceeded (core
dumped) $LIBTOOL valgrind --suppressions=`dirname $0`/vg-suppressions
--tool=$TOOL $CALLGRIND_OUT_FILE $VERBOSE $LEAK_CHECK $REACHABLE $TRACK_ORIGINS
$COMMAND $COMMAND_ARGS $PCAP $COMMAND_ARGS2 > /dev/null

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 9692] Buildbot crash output: fuzz-2014-01-23-4263.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9519] RSVP dissector does not decode Session Object (1) C-type (13) message
Next by Date: [Wireshark-bugs] [Bug 9693] New: "Apply as Column" unstable when used on frame.coloring_rule.name
Previous by thread: [Wireshark-bugs] [Bug 9519] RSVP dissector does not decode Session Object (1) C-type (13) message
Next by thread: [Wireshark-bugs] [Bug 9692] Buildbot crash output: fuzz-2014-01-23-4263.pcap
Index(es):
- Date
- Thread