Wireshark-bugs: [Wireshark-bugs] [Bug 12106] New: Buildbot crash output: fuzz-2016-02-09-3681.pc
Date: Wed, 10 Feb 2016 14:00:02 +0000
Bug ID | 12106 |
---|---|
Summary | Buildbot crash output: fuzz-2016-02-09-3681.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-02-09-3681.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-02-09-3681.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/892-detail-M3UA.cap Build host information: Linux wsbb04 3.13.0-74-generic #118-Ubuntu SMP Thu Dec 17 22:52:10 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_BUILDNUMBER=3497 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=093514eb49a7b2780f49cccae905c7d963301180 Return value: 1 Dissector bug: 0 Valgrind error count: 0 Git commit commit 093514eb49a7b2780f49cccae905c7d963301180 Author: Stig Bjørlykke <[email protected]> Date: Tue Feb 9 00:02:33 2016 +0100 Lua: Check out-of-bounds before tvb_strsize() Add a check for out-of-bounds before calling tvb_strsize() because this will THROW an exception if not finding a terminating NUL. Unhandled exceptions will mess up Lua luaL_error() handling and will end up in a crash. Change-Id: Ieafef59a3858656e0d8c79904828b631657b4cbc Reviewed-on: https://code.wireshark.org/review/13842 Petri-Dish: Stig Bjørlykke <[email protected]> Tested-by: Petri Dish Buildbot <[email protected]> Reviewed-by: Anders Broman <[email protected]> Command and args: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nVxr ================================================================= ==31975==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f351a4b76b8 at pc 0x7f35172fe395 bp 0x7ffd86e647f0 sp 0x7ffd86e647e8 READ of size 8 at 0x7f351a4b76b8 thread T0 #0 0x7f35172fe394 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x753a394) #1 0x7f351800a9bf (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x82469bf) #2 0x7f35172febcc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x753abcc) #3 0x7f351800a941 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x8246941) #4 0x7f35172fbefb (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7537efb) #5 0x7f351800a89f (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x824689f) #6 0x7f35172febcc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x753abcc) #7 0x7f351800a7a1 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x82467a1) #8 0x7f3517300f05 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x753cf05) #9 0x7f3517301765 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x753d765) #10 0x7f351800a75f (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x824675f) #11 0x7f35172f40cb (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75300cb) #12 0x7f351800a71d (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x824671d) #13 0x7f35172fbefb (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7537efb) #14 0x7f3518009924 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x8245924) #15 0x7f35172febcc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x753abcc) #16 0x7f35180097ad (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x82457ad) #17 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #18 0x7f35170f36fc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732f6fc) #19 0x7f3518377025 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x85b3025) #20 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #21 0x7f35170f52ba (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73312ba) #22 0x7f3517be33b9 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e1f3b9) #23 0x7f3517be2977 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e1e977) #24 0x7f3517be2dbd (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e1edbd) #25 0x7f3517bdf6b2 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e1b6b2) #26 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #27 0x7f35170f58c8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73318c8) #28 0x7f35178d1fcd (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7b0dfcd) #29 0x7f35178ce480 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7b0a480) #30 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #31 0x7f35170f52ba (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73312ba) #32 0x7f3517c1b566 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e57566) #33 0x7f3517c14057 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e50057) #34 0x7f3517c10de1 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e4cde1) #35 0x7f3517c101a5 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e4c1a5) #36 0x7f3517c0dceb (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e49ceb) #37 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #38 0x7f35170f52ba (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73312ba) #39 0x7f35177b5933 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x79f1933) #40 0x7f35177b8941 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x79f4941) #41 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #42 0x7f35170f58c8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73318c8) #43 0x7f35175db9c9 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78179c9) #44 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #45 0x7f35170f36fc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732f6fc) #46 0x7f35175da441 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7816441) #47 0x7f35175d9220 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7815220) #48 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #49 0x7f35170f52ba (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73312ba) #50 0x7f3517623c25 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x785fc25) #51 0x7f35170f5621 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7331621) #52 0x7f35170f36fc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732f6fc) #53 0x7f35170f2f18 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732ef18) #54 0x7f35170d367e (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x730f67e) #55 0x501145 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x501145) #56 0x4fb96b (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4fb96b) #57 0x7f350ca02ec4 (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4) #58 0x43fc26 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x43fc26) 0x7f351a4b76b8 is located 8 bytes to the left of global variable 'T_paramSequence_sequence' defined in '../../asn1/ansi_tcap/ansi_tcap.cnf:170:29' (0x7f351a4b76c0) of size 32 0x7f351a4b76b8 is located 24 bytes to the right of global variable 'T_paramSet_set' defined in '../../asn1/ansi_tcap/ansi_tcap.cnf:183:29' (0x7f351a4b7680) of size 32 Shadow bytes around the buggy address: 0x0fe72348ee80: f9 f9 f9 f9 00 00 05 f9 f9 f9 f9 f9 00 00 00 03 0x0fe72348ee90: f9 f9 f9 f9 00 00 06 f9 f9 f9 f9 f9 00 00 00 00 0x0fe72348eea0: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x0fe72348eeb0: 00 04 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 0x0fe72348eec0: 07 f9 f9 f9 f9 f9 f9 f9 00 00 00 01 f9 f9 f9 f9 =>0x0fe72348eed0: 00 00 00 00 f9 f9 f9[f9]00 00 00 00 f9 f9 f9 f9 0x0fe72348eee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe72348eef0: 00 00 00 05 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x0fe72348ef00: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 03 f9 f9 f9 0x0fe72348ef10: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 0x0fe72348ef20: f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9 00 03 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==31975==ABORTING [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12105] Export dissection dialog opens at / on Mac OS X
- Next by Date: [Wireshark-bugs] [Bug 12105] Export dissection dialog opens at / on Mac OS X
- Previous by thread: [Wireshark-bugs] [Bug 12105] Export dissection dialog opens at / on Mac OS X
- Next by thread: [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
- Index(es):