Wireshark-bugs: [Wireshark-bugs] [Bug 10874] New: Buildbot crash output: fuzz-2015-01-19-13166.p

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 20 Jan 2015 01:00:03 +0000
Bug ID 10874
Summary Buildbot crash output: fuzz-2015-01-19-13166.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2015-01-19-13166.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2015-01-19-13166.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/10933-saber.pcapng

Build host information:
Linux wsbb04 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:22:43 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=3115
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=12d17d2ceaad8ea12171bfbf97c8483063430788

Return value:  0

Dissector bug:  0

Valgrind error count:  12



Git commit
commit 12d17d2ceaad8ea12171bfbf97c8483063430788
Author: Pascal Quantin <[email protected]>
Date:   Sun Jan 18 13:35:20 2015 +0100

    Update libwireshark0.symbols

    Change-Id: I694448a998d3a1b74b19d2f1dfd6bb2be5bbce39
    Reviewed-on: https://code.wireshark.org/review/6616
    Reviewed-by: Pascal Quantin <[email protected]>
    Tested-by: Pascal Quantin <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh 

==16303== Memcheck, a memory error detector
==16303== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==16303== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==16303== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2015-01-19-13166.pcap
==16303== 
==16303== Conditional jump or move depends on uninitialised value(s)
==16303==    at 0x6A5FE88: dissect_http_message (packet-http.c:2547)
==16303==    by 0x6A60D18: dissect_http (packet-http.c:2907)
==16303==    by 0x66F14DE: call_dissector_through_handle (packet.c:632)
==16303==    by 0x66F1F34: call_dissector_work (packet.c:723)
==16303==    by 0x66F267B: dissector_try_uint_new (packet.c:1155)
==16303==    by 0x6E060B5: decode_tcp_ports (packet-tcp.c:4141)
==16303==    by 0x6E0645E: process_tcp_payload (packet-tcp.c:4199)
==16303==    by 0x6E06A45: dissect_tcp_payload (packet-tcp.c:1997)
==16303==    by 0x6E086E3: dissect_tcp (packet-tcp.c:5087)
==16303==    by 0x66F14A3: call_dissector_through_handle (packet.c:636)
==16303==    by 0x66F1F34: call_dissector_work (packet.c:723)
==16303==    by 0x66F267B: dissector_try_uint_new (packet.c:1155)
==16303== 
==16303== Use of uninitialised value of size 8
==16303==    at 0x6A5FE8A: dissect_http_message (packet-http.c:2547)
==16303==    by 0x6A60D18: dissect_http (packet-http.c:2907)
==16303==    by 0x66F14DE: call_dissector_through_handle (packet.c:632)
==16303==    by 0x66F1F34: call_dissector_work (packet.c:723)
==16303==    by 0x66F267B: dissector_try_uint_new (packet.c:1155)
==16303==    by 0x6E060B5: decode_tcp_ports (packet-tcp.c:4141)
==16303==    by 0x6E0645E: process_tcp_payload (packet-tcp.c:4199)
==16303==    by 0x6E06A45: dissect_tcp_payload (packet-tcp.c:1997)
==16303==    by 0x6E086E3: dissect_tcp (packet-tcp.c:5087)
==16303==    by 0x66F14A3: call_dissector_through_handle (packet.c:636)
==16303==    by 0x66F1F34: call_dissector_work (packet.c:723)
==16303==    by 0x66F267B: dissector_try_uint_new (packet.c:1155)
==16303== 
==16303== Use of uninitialised value of size 8
==16303==    at 0x9BDA51E: g_ascii_tolower (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==16303==    by 0x6A5FEA8: dissect_http_message (packet-http.c:2561)
==16303==    by 0x6A60D18: dissect_http (packet-http.c:2907)
==16303==    by 0x66F14DE: call_dissector_through_handle (packet.c:632)
==16303==    by 0x66F1F34: call_dissector_work (packet.c:723)
==16303==    by 0x66F267B: dissector_try_uint_new (packet.c:1155)
==16303==    by 0x6E060B5: decode_tcp_ports (packet-tcp.c:4141)
==16303==    by 0x6E0645E: process_tcp_payload (packet-tcp.c:4199)
==16303==    by 0x6E06A45: dissect_tcp_payload (packet-tcp.c:1997)
==16303==    by 0x6E086E3: dissect_tcp (packet-tcp.c:5087)
==16303==    by 0x66F14A3: call_dissector_through_handle (packet.c:636)
==16303==    by 0x66F1F34: call_dissector_work (packet.c:723)
==16303== 
==16303== 
==16303== HEAP SUMMARY:
==16303==     in use at exit: 1,219,106 bytes in 29,763 blocks
==16303==   total heap usage: 462,637 allocs, 432,874 frees, 37,812,233 bytes
allocated
==16303== 
==16303== LEAK SUMMARY:
==16303==    definitely lost: 4,312 bytes in 197 blocks
==16303==    indirectly lost: 36,760 bytes in 52 blocks
==16303==      possibly lost: 0 bytes in 0 blocks
==16303==    still reachable: 1,178,034 bytes in 29,514 blocks
==16303==         suppressed: 0 bytes in 0 blocks
==16303== Rerun with --leak-check=full to see details of leaked memory
==16303== 
==16303== For counts of detected and suppressed errors, rerun with: -v
==16303== Use --track-origins=yes to see where uninitialised values come from
==16303== ERROR SUMMARY: 12 errors from 3 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:
  • You are watching all bug changes.