Wireshark-bugs: [Wireshark-bugs] [Bug 10720] New: Buildbot crash output: fuzz-2014-11-21-7292.pc

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Fri, 21 Nov 2014 11:30:02 +0000
Bug ID 10720
Summary Buildbot crash output: fuzz-2014-11-21-7292.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2014-11-21-7292.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2014-11-21-7292.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/13224-bad_frame_1.pcap

Build host information:
Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=3066
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=cb090e81ec64012e1a3094670aeb8658cb550f1e

Return value:  0

Dissector bug:  0

Valgrind error count:  144



Git commit
commit cb090e81ec64012e1a3094670aeb8658cb550f1e
Author: Bill Meier <[email protected]>
Date:   Wed Nov 19 11:25:17 2014 -0500

    [pedantic] Replace usage of 'long' and 'long long'

    Change-Id: I78fc82c1a83eb04d78a11fc76710c92dfc916208
    Reviewed-on: https://code.wireshark.org/review/5395
    Reviewed-by: Bill Meier <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh -T

==26560== Memcheck, a memory error detector
==26560== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26560== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==26560== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-Vx -nr
/fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-11-21-7292.pcap
==26560== 
==26560== Invalid read of size 1
==26560==    at 0x6689DF0: ip6_to_str_buf_len (address_to_str.c:181)
==26560==    by 0x6E11A07: wccp_fmt_ipadddress (packet-wccp.c:645)
==26560==    by 0x66B091A: fill_label_number (proto.c:6254)
==26560==    by 0x66B9680: proto_item_fill_label (proto.c:5948)
==26560==    by 0x66AD1B5: proto_tree_print_node (print.c:186)
==26560==    by 0x66AEACB: proto_tree_children_foreach (proto.c:635)
==26560==    by 0x66AD076: proto_tree_print_node (print.c:241)
==26560==    by 0x66AEACB: proto_tree_children_foreach (proto.c:635)
==26560==    by 0x66AD076: proto_tree_print_node (print.c:241)
==26560==    by 0x66AEACB: proto_tree_children_foreach (proto.c:635)
==26560==    by 0x66AC305: proto_tree_print (print.c:153)
==26560==    by 0x4130A3: print_packet (tshark.c:3929)
==26560==  Address 0x11b14b70 is 0 bytes inside a block of size 64 free'd
==26560==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26560==    by 0x71CE23C: wmem_simple_free_all (wmem_allocator_simple.c:107)
==26560==    by 0x71CEEBB: wmem_leave_packet_scope (wmem_scopes.c:81)
==26560==    by 0x4136C3: process_packet (tshark.c:3527)
==26560==    by 0x40C837: main (tshark.c:3315)
==26560== 
==26560== Invalid read of size 1
==26560==    at 0x6689DF4: ip6_to_str_buf_len (address_to_str.c:180)
==26560==    by 0x6E11A07: wccp_fmt_ipadddress (packet-wccp.c:645)
==26560==    by 0x66B091A: fill_label_number (proto.c:6254)
==26560==    by 0x66B9680: proto_item_fill_label (proto.c:5948)
==26560==    by 0x66AD1B5: proto_tree_print_node (print.c:186)
==26560==    by 0x66AEACB: proto_tree_children_foreach (proto.c:635)
==26560==    by 0x66AD076: proto_tree_print_node (print.c:241)
==26560==    by 0x66AEACB: proto_tree_children_foreach (proto.c:635)
==26560==    by 0x66AD076: proto_tree_print_node (print.c:241)
==26560==    by 0x66AEACB: proto_tree_children_foreach (proto.c:635)
==26560==    by 0x66AC305: proto_tree_print (print.c:153)
==26560==    by 0x4130A3: print_packet (tshark.c:3929)
==26560==  Address 0x11b14b71 is 1 bytes inside a block of size 64 free'd
==26560==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26560==    by 0x71CE23C: wmem_simple_free_all (wmem_allocator_simple.c:107)
==26560==    by 0x71CEEBB: wmem_leave_packet_scope (wmem_scopes.c:81)
==26560==    by 0x4136C3: process_packet (tshark.c:3527)
==26560==    by 0x40C837: main (tshark.c:3315)
==26560== 
==26560== 
==26560== HEAP SUMMARY:
==26560==     in use at exit: 1,216,066 bytes in 29,635 blocks
==26560==   total heap usage: 224,155 allocs, 194,520 frees, 28,639,192 bytes
allocated
==26560== 
==26560== LEAK SUMMARY:
==26560==    definitely lost: 3,656 bytes in 156 blocks
==26560==    indirectly lost: 36,744 bytes in 51 blocks
==26560==      possibly lost: 0 bytes in 0 blocks
==26560==    still reachable: 1,175,666 bytes in 29,428 blocks
==26560==         suppressed: 0 bytes in 0 blocks
==26560== Rerun with --leak-check=full to see details of leaked memory
==26560== 
==26560== For counts of detected and suppressed errors, rerun with: -v
==26560== ERROR SUMMARY: 144 errors from 2 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:
  • You are watching all bug changes.