Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10912] New: Buildbot crash output: fuzz-2015-02-01-5614.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 10912] New: Buildbot crash output: fuzz-2015-02-01-5614.pc

Date: Mon, 02 Feb 2015 01:10:02 +0000

Bug ID	10912
Summary	Buildbot crash output: fuzz-2015-02-01-5614.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2015-02-01-5614.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2015-02-01-5614.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/12028-dump2_pber.cgi

Build host information:
Linux wsbb04 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:22:43 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=3127
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=6284040623f87d7a4b8323b51538fa4baa1d57a3

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 6284040623f87d7a4b8323b51538fa4baa1d57a3
Author: Peter Wu <[email protected]>
Date:   Sat Jan 31 02:26:57 2015 +0100

    README.dissector: fixed p_add_proto_data params

    frame_data has long been gone. struct _packet_info is the same as
    packet_info, just use that for brevity.

    Change-Id: Ieb02bf6b642d728a7f80087f5cd750b9691e34e9
    Reviewed-on: https://code.wireshark.org/review/6865
    Reviewed-by: Alexis La Goutte <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh 

==13416== Memcheck, a memory error detector
==13416== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==13416== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==13416== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2015-02-01-5614.pcap
==13416== 
==13416== Invalid read of size 4
==13416==    at 0x7239891: jsmn_parse (jsmn.c:266)
==13416==    by 0x6B08FD9: dissect_json_heur (packet-json.c:585)
==13416==    by 0x66F9EB9: dissector_try_heuristic (packet.c:2059)
==13416==    by 0x68BB1F1: dissect_db_lsp_disc (packet-db-lsp.c:182)
==13416==    by 0x66F7E73: call_dissector_through_handle (packet.c:630)
==13416==    by 0x66F8904: call_dissector_work (packet.c:717)
==13416==    by 0x66F904B: dissector_try_uint_new (packet.c:1149)
==13416==    by 0x66F9096: dissector_try_uint (packet.c:1175)
==13416==    by 0x6E42F19: decode_udp_ports (packet-udp.c:532)
==13416==    by 0x6E43762: dissect (packet-udp.c:878)
==13416==    by 0x66F7E73: call_dissector_through_handle (packet.c:630)
==13416==    by 0x66F8904: call_dissector_work (packet.c:717)
==13416==  Address 0x133ded80 is 16 bytes before a block of size 16,384 alloc'd
==13416==    at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==13416==    by 0x9BD7610: g_malloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==13416==    by 0x723EA3B: wmem_simple_alloc (wmem_allocator_simple.c:55)
==13416==    by 0x6B08FB3: dissect_json_heur (packet-json.c:582)
==13416==    by 0x66F9EB9: dissector_try_heuristic (packet.c:2059)
==13416==    by 0x68BB1F1: dissect_db_lsp_disc (packet-db-lsp.c:182)
==13416==    by 0x66F7E73: call_dissector_through_handle (packet.c:630)
==13416==    by 0x66F8904: call_dissector_work (packet.c:717)
==13416==    by 0x66F904B: dissector_try_uint_new (packet.c:1149)
==13416==    by 0x66F9096: dissector_try_uint (packet.c:1175)
==13416==    by 0x6E42F19: decode_udp_ports (packet-udp.c:532)
==13416==    by 0x6E43762: dissect (packet-udp.c:878)
==13416== 
==13416== 
==13416== HEAP SUMMARY:
==13416==     in use at exit: 1,229,569 bytes in 29,804 blocks
==13416==   total heap usage: 445,833 allocs, 416,029 frees, 36,308,283 bytes
allocated
==13416== 
==13416== LEAK SUMMARY:
==13416==    definitely lost: 3,720 bytes in 160 blocks
==13416==    indirectly lost: 36,968 bytes in 51 blocks
==13416==      possibly lost: 0 bytes in 0 blocks
==13416==    still reachable: 1,188,881 bytes in 29,593 blocks
==13416==         suppressed: 0 bytes in 0 blocks
==13416== Rerun with --leak-check=full to see details of leaked memory
==13416== 
==13416== For counts of detected and suppressed errors, rerun with: -v
==13416== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 10912] Buildbot crash output: fuzz-2015-02-01-5614.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10911] Can't open Wireshark (lt-wireshark: Fatal IO error 11 (Resource temporarily unavailable) on X server :55.) - packaged Wireshark works
Next by Date: [Wireshark-bugs] [Bug 10912] Buildbot crash output: fuzz-2015-02-01-5614.pcap
Previous by thread: [Wireshark-bugs] [Bug 10798] HTTP Requests are only partially dissected (data is "thrown away")
Next by thread: [Wireshark-bugs] [Bug 10912] Buildbot crash output: fuzz-2015-02-01-5614.pcap
Index(es):
- Date
- Thread