Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9727] New: Capture file causes dissector overflow, outright crash

Wireshark-bugs: [Wireshark-bugs] [Bug 9727] New: Capture file causes dissector overflow, outrigh

Date: Wed, 05 Feb 2014 17:23:15 +0000

Bug ID	9727
Summary	Capture file causes dissector overflow, outright crash
Classification	Unclassified
Product	Wireshark
Version	1.10.5
Hardware	x86-64
OS	Mac OS X 10.9
Status	UNCONFIRMED
Severity	Major
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Created attachment 12539 [details]
Induces Wireshark crash

Build Information:
Version 1.10.5 (SVNRev 54262 from /trunk-1.10)

Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.17, with Cairo 1.10.2, with Pango 1.30.1, with
GLib 2.36.0, with libpcap, with libz 1.2.3, without POSIX capabilities, without
libnl, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.1, without
Python, with GnuTLS 2.12.19, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP,
with PortAudio V19-devel (built Jul 16 2013 19:05:52), with AirPcap.

Running on Mac OS X 10.9.1, build 13B42 (Darwin 13.0.0), with locale .UTF-8,
with libpcap version 1.3.0 - Apple version 41, with libz 1.2.5, GnuTLS 2.12.19,
Gcrypt 1.5.0, without AirPcap.
      Intel(R) Core(TM) i7-3720QM CPU @ 2.60GHz

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build
2336.9.00).

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
I have tested this with the included build information on Mac OS X as well as
Windows XP with the same version number/SVN rev

The capture file will load successfully on Windows but frame number 35 shows
STATUS_STACK_OVERFLOW. Clicking on it crashes Wireshark. Scrolling further
through the capture it will eventually crash as well trying to show a frame
after number 63

On Mac OS X it will crash before being able to display frame number 35

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 9727] Capture file causes dissector overflow, outright crash
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9727] Capture file causes dissector overflow, outright crash
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9727] Capture file causes dissector overflow, outright crash
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9727] Capture file causes dissector overflow, outright crash
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9721] profinet write doesn't decode the value Type correct
Next by Date: [Wireshark-bugs] [Bug 9727] Capture file causes dissector overflow, outright crash
Previous by thread: [Wireshark-bugs] [Bug 9726] Dissector assert in packet-nbap.c
Next by thread: [Wireshark-bugs] [Bug 9727] Capture file causes dissector overflow, outright crash
Index(es):
- Date
- Thread