Wireshark-bugs: [Wireshark-bugs] [Bug 10569] New: Buildbot crash output: fuzz-2014-10-13-1611.pc
Date: Tue, 14 Oct 2014 20:40:03 +0000
Bug ID | 10569 |
---|---|
Summary | Buildbot crash output: fuzz-2014-10-13-1611.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2014-10-13-1611.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2014-10-13-1611.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/8969-smb3_encryption-ntlmssp-A1b2C3d4.pcap.gz Build host information: Linux wsbb04 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.1 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_BUILDNUMBER=3002 BUILDBOT_URL=http://buildbot.wireshark.org/trunk/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=b3490c20ce1fe06fe1feec9d9a5c98e51c898908 Return value: 0 Dissector bug: 0 Valgrind error count: 256 Git commit commit b3490c20ce1fe06fe1feec9d9a5c98e51c898908 Author: Guy Harris <[email protected]> Date: Sat Oct 11 16:06:57 2014 -0700 Use the wtap_read_bytes{_or_eof}() routines. Change-Id: I4f707bc714b2643d0f6c568f3367e712ee635d8e Reviewed-on: https://code.wireshark.org/review/4612 Reviewed-by: Guy Harris <[email protected]> Command and args: ./tools/valgrind-wireshark.sh ==29504== Memcheck, a memory error detector ==29504== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==29504== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info ==29504== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-10-13-1611.pcap ==29504== ==29504== Use of uninitialised value of size 8 ==29504== at 0x4C30C09: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29504== by 0x6D3B052: dissect_smb2 (packet-smb2.c:6719) ==29504== by 0x6D3B716: dissect_smb2_heur (packet-smb2.c:7223) ==29504== by 0x6688859: dissector_try_heuristic (packet.c:2028) ==29504== by 0x6B85F9D: dissect_netbios_payload (packet-netbios.c:1076) ==29504== by 0x6B50627: dissect_nbss_packet (packet-nbns.c:1484) ==29504== by 0x6B507FD: dissect_nbss (packet-nbns.c:1804) ==29504== by 0x6686A4E: call_dissector_through_handle (packet.c:622) ==29504== by 0x6687334: call_dissector_work (packet.c:713) ==29504== by 0x66879EB: dissector_try_uint_new (packet.c:1145) ==29504== by 0x6D8229B: decode_tcp_ports (packet-tcp.c:4035) ==29504== by 0x6D8260E: process_tcp_payload (packet-tcp.c:4107) ==29504== ==29504== Conditional jump or move depends on uninitialised value(s) ==29504== at 0x4C30C11: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29504== by 0x6D3B052: dissect_smb2 (packet-smb2.c:6719) ==29504== by 0x6D3B716: dissect_smb2_heur (packet-smb2.c:7223) ==29504== by 0x6688859: dissector_try_heuristic (packet.c:2028) ==29504== by 0x6B85F9D: dissect_netbios_payload (packet-netbios.c:1076) ==29504== by 0x6B50627: dissect_nbss_packet (packet-nbns.c:1484) ==29504== by 0x6B507FD: dissect_nbss (packet-nbns.c:1804) ==29504== by 0x6686A4E: call_dissector_through_handle (packet.c:622) ==29504== by 0x6687334: call_dissector_work (packet.c:713) ==29504== by 0x66879EB: dissector_try_uint_new (packet.c:1145) ==29504== by 0x6D8229B: decode_tcp_ports (packet-tcp.c:4035) ==29504== by 0x6D8260E: process_tcp_payload (packet-tcp.c:4107) ==29504== ==29504== Use of uninitialised value of size 8 ==29504== at 0x4C30C20: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29504== by 0x6D3B052: dissect_smb2 (packet-smb2.c:6719) ==29504== by 0x6D3B716: dissect_smb2_heur (packet-smb2.c:7223) ==29504== by 0x6688859: dissector_try_heuristic (packet.c:2028) ==29504== by 0x6B85F9D: dissect_netbios_payload (packet-netbios.c:1076) ==29504== by 0x6B50627: dissect_nbss_packet (packet-nbns.c:1484) ==29504== by 0x6B507FD: dissect_nbss (packet-nbns.c:1804) ==29504== by 0x6686A4E: call_dissector_through_handle (packet.c:622) ==29504== by 0x6687334: call_dissector_work (packet.c:713) ==29504== by 0x66879EB: dissector_try_uint_new (packet.c:1145) ==29504== by 0x6D8229B: decode_tcp_ports (packet-tcp.c:4035) ==29504== by 0x6D8260E: process_tcp_payload (packet-tcp.c:4107) ==29504== ==29504== Conditional jump or move depends on uninitialised value(s) ==29504== at 0x4C30C32: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29504== by 0x6D3B052: dissect_smb2 (packet-smb2.c:6719) ==29504== by 0x6D3B716: dissect_smb2_heur (packet-smb2.c:7223) ==29504== by 0x6688859: dissector_try_heuristic (packet.c:2028) ==29504== by 0x6B85F9D: dissect_netbios_payload (packet-netbios.c:1076) ==29504== by 0x6B50627: dissect_nbss_packet (packet-nbns.c:1484) ==29504== by 0x6B507FD: dissect_nbss (packet-nbns.c:1804) ==29504== by 0x6686A4E: call_dissector_through_handle (packet.c:622) ==29504== by 0x6687334: call_dissector_work (packet.c:713) ==29504== by 0x66879EB: dissector_try_uint_new (packet.c:1145) ==29504== by 0x6D8229B: decode_tcp_ports (packet-tcp.c:4035) ==29504== by 0x6D8260E: process_tcp_payload (packet-tcp.c:4107) ==29504== ==29504== ==29504== HEAP SUMMARY: ==29504== in use at exit: 1,216,685 bytes in 29,628 blocks ==29504== total heap usage: 227,149 allocs, 197,521 frees, 28,795,723 bytes allocated ==29504== ==29504== LEAK SUMMARY: ==29504== definitely lost: 5,635 bytes in 169 blocks ==29504== indirectly lost: 36,856 bytes in 54 blocks ==29504== possibly lost: 0 bytes in 0 blocks ==29504== still reachable: 1,174,194 bytes in 29,405 blocks ==29504== suppressed: 0 bytes in 0 blocks ==29504== Rerun with --leak-check=full to see details of leaked memory ==29504== ==29504== For counts of detected and suppressed errors, rerun with: -v ==29504== Use --track-origins=yes to see where uninitialised values come from ==29504== ERROR SUMMARY: 256 errors from 4 contexts (suppressed: 0 from 0) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- Prev by Date: [Wireshark-bugs] [Bug 10534] Sample Captures for MCPE / RakNet
- Next by Date: [Wireshark-bugs] [Bug 10570] New: Buildbot crash output: fuzz-2014-10-10-4420.pcap
- Previous by thread: [Wireshark-bugs] [Bug 10568] Regression: Wireshark git master fails reading a capture file which is read properly with 1.12.1
- Next by thread: [Wireshark-bugs] [Bug 10569] Buildbot crash output: fuzz-2014-10-13-1611.pcap
- Index(es):