Wireshark-bugs: [Wireshark-bugs] [Bug 10160] Buildbot crash output: fuzz-2014-06-03-26748.pcap

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 05 Jun 2014 20:25:09 +0000

changed bug 10160

What Removed Added
CC   [email protected]

Comment # 1 on bug 10160 from 
Valgrind reports that:
==6718== Conditional jump or move depends on uninitialised value(s)
==6718==    at 0x9872BF8: g_hash_table_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==6718==    by 0x65B696A: conversation_cleanup (conversation.c:500)
==6718==    by 0x65C2CD8: cleanup_dissection (packet.c:259)
==6718==    by 0x65B9AFD: epan_free (epan.c:206)
==6718==    by 0x40BE12: main (tshark.c:2209)
==6718==  Uninitialised value was created by a heap allocation
==6718==    at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==6718==    by 0x9888610: g_malloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==6718==    by 0x70AFA7B: wmem_simple_alloc (wmem_allocator_simple.c:55)
==6718==    by 0x6716196: dissect_btl2cap (packet-btl2cap.c:1780)
==6718==    by 0x65C221E: call_dissector_through_handle (packet.c:622)
==6718==    by 0x65C2B04: call_dissector_work (packet.c:713)
==6718==    by 0x65C4671: call_dissector_with_data (packet.c:2295)
==6718==    by 0x66FF02B: dissect_bthci_acl (packet-bthci_acl.c:342)
==6718==    by 0x65C221E: call_dissector_through_handle (packet.c:622)
==6718==    by 0x65C2B04: call_dissector_work (packet.c:713)
==6718==    by 0x65C31BB: dissector_try_uint_new (packet.c:1144)
==6718==    by 0x68FDF07: dissect_hci_h4 (packet-hci_h4.c:129)

Applying the following patch removes the error:
diff --git a/epan/dissectors/packet-btl2cap.c
b/epan/dissectors/packet-btl2cap.c
index f3895c3..518bf8d 100644
--- a/epan/dissectors/packet-btl2cap.c
+++ b/epan/dissectors/packet-btl2cap.c
@@ -1777,7 +1777,7 @@ dissect_btl2cap(tvbuff_t *tvb, packet_info *pinfo,
proto_t
     }
     offset += 2;

-    l2cap_data = wmem_new(wmem_packet_scope(), btl2cap_data_t);
+    l2cap_data = wmem_new0(wmem_packet_scope(), btl2cap_data_t);

     if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID)
         l2cap_data->interface_id = pinfo->phdr->interface_id;

But I do not understand why Valgrind complains as all the members of the
structure seem initialized.

You are receiving this mail because:
  • You are watching all bug changes.