Wireshark-bugs: [Wireshark-bugs] [Bug 10714] Crash while analyze rtp streams
Date: Thu, 19 Feb 2015 16:49:50 +0000
Comment # 13
on bug 10714
from Pascal Quantin
Here is a more complete backtrace when running this version: Wireshark 1.99.3 (v1.99.3rc0-218-g2bc71d3 from master) Copyright 1998-2015 Gerald Combs <[email protected]> and contributors. License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (64-bit) with GTK+ 3.12.2, with Cairo 1.13.1, with Pango 1.36.6, with libpcap, without POSIX capabilities, without libnl, with libz 1.2.8, with GLib 2.42.1, without SMI, without c-ares, without ADNS, without Lua, without GnuTLS, without Gcrypt, without Kerberos, without GeoIP, without PortAudio, with AirPcap. Running on Linux 3.16.0-30-generic, with locale LC_CTYPE=en_US.UTF-8;LC_NUMERIC=fr_FR.UTF-8;LC_TIME=fr_FR.UTF-8;LC_COLLATE=en_US.UTF-8;LC_MONETARY=fr_FR.UTF-8;LC_MESSAGES=en_US.UTF-8;LC_PAPER=fr_FR.UTF-8;LC_NAME=fr_FR.UTF-8;LC_ADDRESS=fr_FR.UTF-8;LC_TELEPHONE=fr_FR.UTF-8;LC_MEASUREMENT=fr_FR.UTF-8;LC_IDENTIFICATION=fr_FR.UTF-8, with libpcap version 1.6.2, with libz 1.2.8, without AirPcap. Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Built using gcc 4.9.1. ERROR:address_types.c:916:address_to_str_buf: assertion failed: (addr->type < MAX_ADDR_TYPE_VALUE) Program received signal SIGABRT, Aborted. 0x00007ffff078be37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 0x00007ffff078be37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #1 0x00007ffff078d528 in __GI_abort () at abort.c:89 #2 0x00007ffff12c6b25 in g_assertion_message () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff12c6bba in g_assertion_message_expr () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #4 0x00007ffff478892d in address_to_str_buf (addr=<optimized out>, buf=<optimized out>, buf_len=<optimized out>) at address_types.c:916 #5 0x00007ffff4786ed6 in address_to_display (allocator=<optimized out>, addr=0x2009568) at addr_resolv.c:2962 #6 0x000000000049f4a9 in rtpstream_view_selection_func (selection=0xcd6, model=0x7fffdc01ee90, path=0x22d0850, path_currently_selected=1, userdata=0x0) at rtp_stream_dlg.c:638 #7 0x00007ffff26b5882 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #8 0x00007ffff26b5913 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #9 0x00007ffff26b62f6 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #10 0x00007ffff26cb124 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #11 0x00007ffff26cd156 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #12 0x00007ffff1576245 in g_closure_invoke () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 #13 0x00007ffff1587f3c in ?? () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 #14 0x00007ffff1590748 in g_signal_emit_valist () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 #15 0x00007ffff15909af in g_signal_emit () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 #16 0x00007ffff25a5c45 in gtk_list_store_remove () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #17 0x00007ffff25a63af in gtk_list_store_clear () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #18 0x000000000049fbaa in rtpstream_dlg_update (list_lcl=0x21e9a20) at rtp_stream_dlg.c:1091 #19 0x00007ffff47c455e in draw_tap_listeners (draw_all=draw_all@entry=0) at tap.c:415 #20 0x000000000044017b in tap_update_cb (data="" out>) at main.c:1307 #21 0x00007ffff12a1613 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #22 0x00007ffff12a0b6d in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #23 0x00007ffff12a0f48 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #24 0x00007ffff12a1272 in g_main_loop_run () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #25 0x00007ffff25a9045 in gtk_main () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 #26 0x0000000000423d32 in main (argc=0, argv=0x7fffffffde10) at main.c:3247 So it looks like a refresh of the tap and a call to gtk_list_store_clear() triggers a call to rtpstream_view_selection_func(), leading to an invalid memory access. To reproduce it, I'm opening the trace, clicking on Telephony -> RTP -> Show All Streams -> selecting first row -> clicking on Analyze button.
You are receiving this mail because:
- You are watching all bug changes.
- Prev by Date: [Wireshark-bugs] [Bug 10980] New: Crash on the first packet after restarting capture
- Next by Date: [Wireshark-bugs] [Bug 10973] Error compiling on ubuntu lib ws_mempbrk.lo
- Previous by thread: [Wireshark-bugs] [Bug 10714] Crash while analyze rtp streams
- Next by thread: [Wireshark-bugs] [Bug 10936] New: Kerberos packet's attribute "Encryption type " show the wrong thring
- Index(es):