Wireshark-bugs: [Wireshark-bugs] [Bug 12191] New: Buildbot crash output: fuzz-2016-02-24-26818.p
Date: Sun, 28 Feb 2016 01:50:04 +0000
| Bug ID | 12191 |
|---|---|
| Summary | Buildbot crash output: fuzz-2016-02-24-26818.pcap |
| Product | Wireshark |
| Version | unspecified |
| Hardware | x86-64 |
| URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-02-24-26818.pcap |
| OS | Ubuntu |
| Status | CONFIRMED |
| Severity | Major |
| Priority | High |
| Component | Dissection engine (libwireshark) |
| Assignee | [email protected] |
| Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-02-24-26818.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/video_call_1.pcap Build host information: Linux wsbb04 3.13.0-77-generic #121-Ubuntu SMP Wed Jan 20 10:50:42 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_BUILDNUMBER=3516 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=c2f85b6925365365926d3654e01dc53a95c80d37 Return value: 1 Dissector bug: 0 Valgrind error count: 0 Git commit commit c2f85b6925365365926d3654e01dc53a95c80d37 Author: Peter Wu <[email protected]> Date: Mon Feb 22 00:54:50 2016 +0100 Extend reassembly documentation Documentation changes only (comments and docbook). Update WSDG with the fragment_add_seq_check API that was introduced in Wireshark 1.10. Fix typos and clarify the many functions we have for adding reassembling fragments. Change-Id: I38715a8f58e9cf1fe3e34ee4b1a4ae339630282b Reviewed-on: https://code.wireshark.org/review/14066 Petri-Dish: Peter Wu <[email protected]> Tested-by: Petri Dish Buildbot <[email protected]> Reviewed-by: Anders Broman <[email protected]> Command and args: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nVxr ================================================================= ==28116==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f3eb2e6b870 at pc 0x7f3eaaa3cfc3 bp 0x7ffe50b14ef0 sp 0x7ffe50b14ee8 READ of size 1 at 0x7f3eb2e6b870 thread T0 #0 0x7f3eaaa3cfc2 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x8064fc2) #1 0x7f3eaaa311d5 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x80591d5) #2 0x7f3ea9d29861 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351861) #3 0x7f3ea9cfe4e3 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73264e3) #4 0x7f3eaaa265c3 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x804e5c3) #5 0x7f3eaaa2abe0 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x8052be0) #6 0x7f3eaaa27c8d (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x804fc8d) #7 0x7f3ea9d29861 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351861) #8 0x7f3ea9d294fa (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73514fa) #9 0x7f3eaa3ee8f3 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7a168f3) #10 0x7f3eaa3f1901 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7a19901) #11 0x7f3ea9d29861 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351861) #12 0x7f3ea9d29b08 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351b08) #13 0x7f3eaa212541 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x783a541) #14 0x7f3ea9d29861 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351861) #15 0x7f3ea9d2784c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x734f84c) #16 0x7f3eaa210e01 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7838e01) #17 0x7f3eaa20fbe0 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7837be0) #18 0x7f3ea9d29861 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351861) #19 0x7f3ea9d294fa (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73514fa) #20 0x7f3eaa25b36b (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x788336b) #21 0x7f3ea9d29861 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7351861) #22 0x7f3ea9d2784c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x734f84c) #23 0x7f3ea9d26fcd (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x734efcd) #24 0x7f3ea9d075ee (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732f5ee) #25 0x500f9c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x500f9c) #26 0x4fbba8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4fbba8) #27 0x7f3e9fc7fec4 (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4) #28 0x4402c6 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4402c6) 0x7f3eb2e6b870 is located 48 bytes to the left of global variable 'lchId_rlc_map' defined in '../../asn1/nbap/packet-nbap-template.c:243:8' (0x7f3eb2e6b8a0) of size 16 0x7f3eb2e6b870 is located 0 bytes to the right of global variable 'lchId_type_table' defined in '../../asn1/nbap/packet-nbap-template.c:223:8' (0x7f3eb2e6b860) of size 16 Shadow bytes around the buggy address: 0x0fe8565c56b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe8565c56c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe8565c56d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe8565c56e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe8565c56f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0fe8565c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00[f9]f9 0x0fe8565c5710: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 0x0fe8565c5720: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 0x0fe8565c5730: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 0x0fe8565c5740: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 0x0fe8565c5750: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==28116==ABORTING [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Prev by Date: [Wireshark-bugs] [Bug 12165] LLDP 802.3 TLV Subtype 5 - Energy Efficient Ethernet
- Next by Date: [Wireshark-bugs] [Bug 12192] New: Buildbot crash output: fuzz-2016-02-28-6248.pcap
- Previous by thread: [Wireshark-bugs] [Bug 12190] When saving packets to .pcap format missing Reassembled TCP Segments information
- Next by thread: [Wireshark-bugs] [Bug 12192] New: Buildbot crash output: fuzz-2016-02-28-6248.pcap
- Index(es):