Wireshark-bugs: [Wireshark-bugs] [Bug 12059] New: Buildbot crash output: fuzz-2016-01-30-3354.pc

Date: Sat, 30 Jan 2016 21:10:02 +0000
Bug ID 12059
Summary Buildbot crash output: fuzz-2016-01-30-3354.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2016-01-30-3354.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-01-30-3354.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/100-sdr__TransactionResponseAck_Typo_.cap

Build host information:
Linux wsbb04 3.13.0-74-generic #118-Ubuntu SMP Thu Dec 17 22:52:10 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.3 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=3478
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=0450cfa50f7c43e873ee3fe96a437960510c696b

Return value:  0

Dissector bug:  0

Valgrind error count:  8



Git commit
commit 0450cfa50f7c43e873ee3fe96a437960510c696b
Author: João Valverde <[email protected]>
Date:   Fri Jan 29 00:25:48 2016 +0000

    Try to fix 'make distcheck'

    Change-Id: I1656ca8e86e506f39ef7f7600bd9d5a21670ad1e
    Reviewed-on: https://code.wireshark.org/review/13589
    Reviewed-by: João Valverde <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh 

==29848== Memcheck, a memory error detector
==29848== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==29848== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==29848== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-01-30-3354.pcap
==29848== 
==29848== Conditional jump or move depends on uninitialised value(s)
==29848==    at 0xA32B7D4: g_ascii_strncasecmp (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==29848==    by 0x6D66773: dissect_megaco_text (packet-megaco.c:617)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68823D9: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x68823D9: dissector_try_uint (packet.c:1186)
==29848==    by 0x704D704: decode_udp_ports (packet-udp.c:583)
==29848==    by 0x704F1DF: dissect (packet-udp.c:1081)
==29848==    by 0x704DE3D: dissect_udp (packet-udp.c:1087)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68821BE: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x6C8F4FF: ip_try_dissect (packet-ip.c:1978)
==29848==    by 0x6C91285: dissect_ip_v4 (packet-ip.c:2470)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848== 
==29848== Conditional jump or move depends on uninitialised value(s)
==29848==    at 0xA32B820: g_ascii_strncasecmp (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==29848==    by 0x6D66773: dissect_megaco_text (packet-megaco.c:617)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68823D9: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x68823D9: dissector_try_uint (packet.c:1186)
==29848==    by 0x704D704: decode_udp_ports (packet-udp.c:583)
==29848==    by 0x704F1DF: dissect (packet-udp.c:1081)
==29848==    by 0x704DE3D: dissect_udp (packet-udp.c:1087)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68821BE: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x6C8F4FF: ip_try_dissect (packet-ip.c:1978)
==29848==    by 0x6C91285: dissect_ip_v4 (packet-ip.c:2470)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848== 
==29848== Conditional jump or move depends on uninitialised value(s)
==29848==    at 0xA32B840: g_ascii_strncasecmp (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==29848==    by 0x6D66773: dissect_megaco_text (packet-megaco.c:617)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68823D9: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x68823D9: dissector_try_uint (packet.c:1186)
==29848==    by 0x704D704: decode_udp_ports (packet-udp.c:583)
==29848==    by 0x704F1DF: dissect (packet-udp.c:1081)
==29848==    by 0x704DE3D: dissect_udp (packet-udp.c:1087)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68821BE: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x6C8F4FF: ip_try_dissect (packet-ip.c:1978)
==29848==    by 0x6C91285: dissect_ip_v4 (packet-ip.c:2470)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848== 
==29848== Conditional jump or move depends on uninitialised value(s)
==29848==    at 0x6D66776: dissect_megaco_text (packet-megaco.c:617)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68823D9: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x68823D9: dissector_try_uint (packet.c:1186)
==29848==    by 0x704D704: decode_udp_ports (packet-udp.c:583)
==29848==    by 0x704F1DF: dissect (packet-udp.c:1081)
==29848==    by 0x704DE3D: dissect_udp (packet-udp.c:1087)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68821BE: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x6C8F4FF: ip_try_dissect (packet-ip.c:1978)
==29848==    by 0x6C91285: dissect_ip_v4 (packet-ip.c:2470)
==29848==    by 0x6882314: call_dissector_through_handle (packet.c:626)
==29848==    by 0x6882314: call_dissector_work (packet.c:701)
==29848==    by 0x68823D9: dissector_try_uint_new (packet.c:1160)
==29848==    by 0x68823D9: dissector_try_uint (packet.c:1186)
==29848== 
==29848== 
==29848== HEAP SUMMARY:
==29848==     in use at exit: 1,053,093 bytes in 28,812 blocks
==29848==   total heap usage: 241,125 allocs, 212,313 frees, 31,576,112 bytes
allocated
==29848== 
==29848== LEAK SUMMARY:
==29848==    definitely lost: 3,268 bytes in 140 blocks
==29848==    indirectly lost: 38,888 bytes in 139 blocks
==29848==      possibly lost: 0 bytes in 0 blocks
==29848==    still reachable: 1,010,937 bytes in 28,533 blocks
==29848==         suppressed: 0 bytes in 0 blocks
==29848== Rerun with --leak-check=full to see details of leaked memory
==29848== 
==29848== For counts of detected and suppressed errors, rerun with: -v
==29848== Use --track-origins=yes to see where uninitialised values come from
==29848== ERROR SUMMARY: 8 errors from 4 contexts (suppressed: 0 from 0)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.