Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10844] Buildbot crash output: fuzz-2015-01-09-27534.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 10844] Buildbot crash output: fuzz-2015-01-09-27534.pcap

Date: Sun, 11 Jan 2015 22:49:05 +0000

What	Removed	Added
CC		[email protected]

Comment # 1 on bug 10844 from Evan Huus

All these have the same root cause: src_buf (packet-wcp.c:479) is only being
partially initialized (packet-wcp.c:499) depending on the amount of data
available. There appear to be *some* validity checks in place but they are
clearly not sufficient, as we are ending up running past the end of the
initialized data in frame 28 of the fuzzed capture.

It's not immediately obvious to me (not knowing the format) where the logic bug
is.

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 10844] New: Buildbot crash output: fuzz-2015-01-09-27534.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10847] Need a way to open a file for appending packets
Next by Date: [Wireshark-bugs] [Bug 10848] New: Buildbot crash output: fuzz-2015-01-11-780.pcap
Previous by thread: [Wireshark-bugs] [Bug 10844] New: Buildbot crash output: fuzz-2015-01-09-27534.pcap
Next by thread: [Wireshark-bugs] [Bug 10844] Buildbot crash output: fuzz-2015-01-09-27534.pcap
Index(es):
- Date
- Thread