[bugzilla-daemon@xxxxxxxxxxxxx]

Bug ID	12125
Summary	Buildbot crash output: fuzz-2016-02-14-17535.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2016-02-14-17535.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-02-14-17535.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/13920-crash3.pcap

Build host information:
Linux wsbb04 3.13.0-74-generic #118-Ubuntu SMP Thu Dec 17 22:52:10 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.3 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3502
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=c3d8ac6d9bfaf4fdfb3aaeb9481bdd80185a5c66

Return value:  1

Dissector bug:  0

Valgrind error count:  0



Git commit
commit c3d8ac6d9bfaf4fdfb3aaeb9481bdd80185a5c66
Author: Guy Harris <guy@alum.mit.edu>
Date:   Sat Feb 13 15:59:36 2016 -0800

    Register Q.931 in the osinl.incl dissector table.

    Have the Frame Relay dissector first check the fr.osinl table and then
    the osinl.incl table, so that it finds Q.933 rather than Q.931 for an
    NLPID of 0x08.

    Change-Id: I1582482003c2ff96100f6c3e1eb77917ab04c9ee
    Reviewed-on: https://code.wireshark.org/review/13929
    Reviewed-by: Guy Harris <guy@alum.mit.edu>


Command and args:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nVxr

=================================================================
==26070==ERROR: AddressSanitizer: global-buffer-overflow on address
0x7fbda36a1fc7 at pc 0x7fbda137c96b bp 0x7fffa70bee30 sp 0x7fffa70bee28
READ of size 1 at 0x7fbda36a1fc7 thread T0
    #0 0x7fbda137c96a 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x804796a)
    #1 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #2 0x7fbda06415f3 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x730c5f3)
    #3 0x7fbda13691c3 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x80341c3)
    #4 0x7fbda136d7e0 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x80387e0)
    #5 0x7fbda136a88d 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x803588d)
    #6 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #7 0x7fbda066c60a 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x733760a)
    #8 0x7fbda0d30d23 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x79fbd23)
    #9 0x7fbda0d33d31 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x79fed31)
    #10 0x7fbda0d311a5 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x79fc1a5)
    #11 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #12 0x7fbda066a95c 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x733595c)
    #13 0x7fbda0ec4594 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7b8f594)
    #14 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #15 0x7fbda066cc18 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337c18)
    #16 0x7fbda0b55471 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7820471)
    #17 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #18 0x7fbda066a95c 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x733595c)
    #19 0x7fbda0b53d31 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x781ed31)
    #20 0x7fbda0b52b10 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x781db10)
    #21 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #22 0x7fbda066c60a 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x733760a)
    #23 0x7fbda0b9e29b 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x786929b)
    #24 0x7fbda066c971 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7337971)
    #25 0x7fbda066a95c 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x733595c)
    #26 0x7fbda066a0dd 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73350dd)
    #27 0x7fbda064a6fe 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73156fe)
    #28 0x501335 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x501335)
    #29 0x4fbab0 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4fbab0)
    #30 0x7fbd95f73ec4  (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)
    #31 0x43fc86 
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x43fc86)

0x7fbda36a1fc7 is located 57 bytes to the left of global variable
'hsdsch_macdflow_id_mac_content_map' defined in 'packet-umts_fp.c:495:21'
(0x7fbda36a2000) of size 8
0x7fbda36a1fc7 is located 1 bytes to the right of global variable
'fake_lchid_macd_flow' defined in 'packet-umts_fp.c:507:21' (0x7fbda36a1fc0) of
size 6
Shadow bytes around the buggy address:
  0x0ff8346cc3a0: 00 00 03 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9
  0x0ff8346cc3b0: 00 00 02 f9 f9 f9 f9 f9 06 f9 f9 f9 f9 f9 f9 f9
  0x0ff8346cc3c0: 00 03 f9 f9 f9 f9 f9 f9 00 00 06 f9 f9 f9 f9 f9
  0x0ff8346cc3d0: 00 00 01 f9 f9 f9 f9 f9 00 00 00 07 f9 f9 f9 f9
  0x0ff8346cc3e0: 00 00 00 02 f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9
=>0x0ff8346cc3f0: 00 00 06 f9 f9 f9 f9 f9[06]f9 f9 f9 f9 f9 f9 f9
  0x0ff8346cc400: 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 06 f9 f9 f9
  0x0ff8346cc410: f9 f9 f9 f9 00 05 f9 f9 f9 f9 f9 f9 00 00 f9 f9
  0x0ff8346cc420: f9 f9 f9 f9 00 00 00 01 f9 f9 f9 f9 00 02 f9 f9
  0x0ff8346cc430: f9 f9 f9 f9 00 00 05 f9 f9 f9 f9 f9 00 05 f9 f9
  0x0ff8346cc440: f9 f9 f9 f9 00 00 05 f9 f9 f9 f9 f9 00 06 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==26070==ABORTING

[ no debug trace ]

---

      You are receiving this mail because:

• You are watching all bug changes.