Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10236] New: Buildbot crash output: fuzz-2014-06-27-29031.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 10236] New: Buildbot crash output: fuzz-2014-06-27-29031.p

Date: Fri, 27 Jun 2014 09:40:04 +0000

Bug ID	10236
Summary	Buildbot crash output: fuzz-2014-06-27-29031.pcap
Classification	Unclassified
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	http://www.wireshark.org/download/automated/captures/fuzz-2014-06-27-29031.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

http://www.wireshark.org/download/automated/captures/fuzz-2014-06-27-29031.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/10065-example_logs_mcap.btsnoop

Build host information:
Linux wsbb04 3.2.0-64-generic #97-Ubuntu SMP Wed Jun 4 22:04:21 UTC 2014 x86_64
x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 12.04.4 LTS
Release:    12.04
Codename:    precise

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=2832
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=c63cd9f8690e93b8f28785801763ee5ed4effe8a

Return value:  0

Dissector bug:  0

Valgrind error count:  2



Git commit
commit c63cd9f8690e93b8f28785801763ee5ed4effe8a
Author: Basil <[email protected]>
Date:   Tue Jun 24 18:08:17 2014 +0400

    New HP DTD dictionary file

    Bug: 10206
    Change-Id: Ibe056ed37d3619aabfb17d3c2c5e85e67deae4e5
    Reviewed-on: https://code.wireshark.org/review/2617
    Reviewed-by: Jeff Morriss <[email protected]>
    Reviewed-by: Evan Huus <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh 

==11274== Memcheck, a memory error detector
==11274== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==11274== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==11274== Command:
/home/wireshark/builders/trunk-clang-ca/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-06-27-29031.pcap
==11274== 
==11274== Conditional jump or move depends on uninitialised value(s)
==11274==    at 0x71430FE: wmem_tree_lookup32 (wmem_tree.c:379)
==11274==    by 0x6753553:
dissect_bthci_evt_disconn_complete.isra.56.constprop.81
(packet-bthci_evt.c:1086)
==11274==    by 0x6753D62: dissect_bthci_evt (packet-bthci_evt.c:3420)
==11274==    by 0x660621E: call_dissector_through_handle (packet.c:622)
==11274==    by 0x6606C5D: call_dissector_work (packet.c:713)
==11274==    by 0x6607482: dissector_try_uint_new (packet.c:1145)
==11274==    by 0x695A422: dissect_hci_h4 (packet-hci_h4.c:135)
==11274==    by 0x660621E: call_dissector_through_handle (packet.c:622)
==11274==    by 0x6606C5D: call_dissector_work (packet.c:713)
==11274==    by 0x6607482: dissector_try_uint_new (packet.c:1145)
==11274==    by 0x66074D6: dissector_try_uint (packet.c:1171)
==11274==    by 0x68C077A: dissect_frame (packet-frame.c:508)
==11274== 
==11274== Conditional jump or move depends on uninitialised value(s)
==11274==    at 0x7143102: wmem_tree_lookup32 (wmem_tree.c:382)
==11274==    by 0x6753553:
dissect_bthci_evt_disconn_complete.isra.56.constprop.81
(packet-bthci_evt.c:1086)
==11274==    by 0x6753D62: dissect_bthci_evt (packet-bthci_evt.c:3420)
==11274==    by 0x660621E: call_dissector_through_handle (packet.c:622)
==11274==    by 0x6606C5D: call_dissector_work (packet.c:713)
==11274==    by 0x6607482: dissector_try_uint_new (packet.c:1145)
==11274==    by 0x695A422: dissect_hci_h4 (packet-hci_h4.c:135)
==11274==    by 0x660621E: call_dissector_through_handle (packet.c:622)
==11274==    by 0x6606C5D: call_dissector_work (packet.c:713)
==11274==    by 0x6607482: dissector_try_uint_new (packet.c:1145)
==11274==    by 0x66074D6: dissector_try_uint (packet.c:1171)
==11274==    by 0x68C077A: dissect_frame (packet-frame.c:508)
==11274== 
==11274== 
==11274== HEAP SUMMARY:
==11274==     in use at exit: 1,207,095 bytes in 29,301 blocks
==11274==   total heap usage: 222,222 allocs, 192,921 frees, 28,491,671 bytes
allocated
==11274== 
==11274== LEAK SUMMARY:
==11274==    definitely lost: 5,384 bytes in 165 blocks
==11274==    indirectly lost: 36,648 bytes in 49 blocks
==11274==      possibly lost: 0 bytes in 0 blocks
==11274==    still reachable: 1,165,063 bytes in 29,087 blocks
==11274==         suppressed: 0 bytes in 0 blocks
==11274== Rerun with --leak-check=full to see details of leaked memory
==11274== 
==11274== For counts of detected and suppressed errors, rerun with: -v
==11274== Use --track-origins=yes to see where uninitialised values come from
==11274== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 3 from 3)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 10236] Buildbot crash output: fuzz-2014-06-27-29031.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9696] Display filter performance is not O(n)
Next by Date: [Wireshark-bugs] [Bug 10236] Buildbot crash output: fuzz-2014-06-27-29031.pcap
Previous by thread: [Wireshark-bugs] [Bug 10235] Encrypted TLS handshake detected heuristic broken by AESGCM nonce when counter is used
Next by thread: [Wireshark-bugs] [Bug 10236] Buildbot crash output: fuzz-2014-06-27-29031.pcap
Index(es):
- Date
- Thread