Wireshark-bugs: [Wireshark-bugs] [Bug 12238] New: Buildbot crash output: fuzz-2016-03-04-6424.pc

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Fri, 04 Mar 2016 16:50:03 +0000
Bug ID 12238
Summary Buildbot crash output: fuzz-2016-03-04-6424.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2016-03-04-6424.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-03-04-6424.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/03-13_los_altos.pcap

Build host information:
Linux wsbb04 3.13.0-77-generic #121-Ubuntu SMP Wed Jan 20 10:50:42 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.4 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=103
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.0/
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_SLAVENAME=fuzz-test
BUILDBOT_GOT_REVISION=41d1aa990e8e6b081a41a64a2804121e053b1770

Return value:  0

Dissector bug:  0

Valgrind error count:  2326



Git commit
commit 41d1aa990e8e6b081a41a64a2804121e053b1770
Author: Alexis La Goutte <[email protected]>
Date:   Wed Mar 2 20:59:05 2016 +0100

    802.11: fix Length error shown for IE BSS AC Access Delay/WAPI Parameter
Set (68)

    Issue reported by Ted Wards

    Bug:12223
    Change-Id: I38adba8ee3d48788afce20d969d708c7635c8703
    Reviewed-on: https://code.wireshark.org/review/14302
    Reviewed-by: Michael Mann <[email protected]>
    (cherry picked from commit 77a51512e2715b923fbc32b9e68edb990bf287e7)
    Reviewed-on: https://code.wireshark.org/review/14306
    Petri-Dish: Michael Mann <[email protected]>
    Tested-by: Petri Dish Buildbot <[email protected]>
    Reviewed-by: Anders Broman <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh 

==8421== Memcheck, a memory error detector
==8421== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==8421== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==8421== Command:
/home/wireshark/builders/wireshark-2.0-fuzz/fuzztest/install/bin/tshark -nr
/fuzz/buildbot/fuzztest/valgrind-fuzz-2.0/fuzz-2016-03-04-6424.pcap
==8421== 
==8421== Conditional jump or move depends on uninitialised value(s)
==8421==    at 0x68662AA: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:148)
==8421==    by 0x6BC1D9F: dissect_http_message (packet-http.c:810)
==8421==    by 0x6BC420E: dissect_http (packet-http.c:2958)
==8421==    by 0x68423CE: call_dissector_through_handle (packet.c:618)
==8421==    by 0x6842D64: call_dissector_work (packet.c:706)
==8421==    by 0x684355B: dissector_try_uint_new (packet.c:1163)
==8421==    by 0x6F8D12B: decode_tcp_ports (packet-tcp.c:4608)
==8421==    by 0x6F8D4AE: process_tcp_payload (packet-tcp.c:4680)
==8421==    by 0x6F8DA95: desegment_tcp (packet-tcp.c:2270)
==8421==    by 0x6F8DA95: dissect_tcp_payload (packet-tcp.c:4747)
==8421==    by 0x6F8F8FB: dissect_tcp (packet-tcp.c:5653)
==8421==    by 0x6842393: call_dissector_through_handle (packet.c:620)
==8421==    by 0x6842D64: call_dissector_work (packet.c:706)
==8421== 
==8421== Conditional jump or move depends on uninitialised value(s)
==8421==    at 0x686634F: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:228)
==8421==    by 0x6BC1D9F: dissect_http_message (packet-http.c:810)
==8421==    by 0x6BC420E: dissect_http (packet-http.c:2958)
==8421==    by 0x68423CE: call_dissector_through_handle (packet.c:618)
==8421==    by 0x6842D64: call_dissector_work (packet.c:706)
==8421==    by 0x684355B: dissector_try_uint_new (packet.c:1163)
==8421==    by 0x6F8D12B: decode_tcp_ports (packet-tcp.c:4608)
==8421==    by 0x6F8D4AE: process_tcp_payload (packet-tcp.c:4680)
==8421==    by 0x6F8DA95: desegment_tcp (packet-tcp.c:2270)
==8421==    by 0x6F8DA95: dissect_tcp_payload (packet-tcp.c:4747)
==8421==    by 0x6F8F8FB: dissect_tcp (packet-tcp.c:5653)
==8421==    by 0x6842393: call_dissector_through_handle (packet.c:620)
==8421==    by 0x6842D64: call_dissector_work (packet.c:706)
==8421== 
==8421== Conditional jump or move depends on uninitialised value(s)
==8421==    at 0x68662AA: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:148)
==8421==    by 0x6BC1D9F: dissect_http_message (packet-http.c:810)
==8421==    by 0x6BC420E: dissect_http (packet-http.c:2958)
==8421==    by 0x6BC4627: dissect_http_heur_tcp (packet-http.c:2997)
==8421==    by 0x6844669: dissector_try_heuristic (packet.c:2177)
==8421==    by 0x6F8D006: decode_tcp_ports (packet-tcp.c:4634)
==8421==    by 0x6F8D4AE: process_tcp_payload (packet-tcp.c:4680)
==8421==    by 0x6F8DA95: desegment_tcp (packet-tcp.c:2270)
==8421==    by 0x6F8DA95: dissect_tcp_payload (packet-tcp.c:4747)
==8421==    by 0x6F8F8FB: dissect_tcp (packet-tcp.c:5653)
==8421==    by 0x6842393: call_dissector_through_handle (packet.c:620)
==8421==    by 0x6842D64: call_dissector_work (packet.c:706)
==8421==    by 0x684355B: dissector_try_uint_new (packet.c:1163)
==8421== 
==8421== Conditional jump or move depends on uninitialised value(s)
==8421==    at 0x686634F: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:228)
==8421==    by 0x6BC1D9F: dissect_http_message (packet-http.c:810)
==8421==    by 0x6BC420E: dissect_http (packet-http.c:2958)
==8421==    by 0x6BC4627: dissect_http_heur_tcp (packet-http.c:2997)
==8421==    by 0x6844669: dissector_try_heuristic (packet.c:2177)
==8421==    by 0x6F8D006: decode_tcp_ports (packet-tcp.c:4634)
==8421==    by 0x6F8D4AE: process_tcp_payload (packet-tcp.c:4680)
==8421==    by 0x6F8DA95: desegment_tcp (packet-tcp.c:2270)
==8421==    by 0x6F8DA95: dissect_tcp_payload (packet-tcp.c:4747)
==8421==    by 0x6F8F8FB: dissect_tcp (packet-tcp.c:5653)
==8421==    by 0x6842393: call_dissector_through_handle (packet.c:620)
==8421==    by 0x6842D64: call_dissector_work (packet.c:706)
==8421==    by 0x684355B: dissector_try_uint_new (packet.c:1163)
==8421== 

** (process:8421): WARNING **: Dissector bug, protocol LDAP, in packet 16641:
tvbuff.c:636: failed assertion "tvb && tvb->initialized"
==8421== 
==8421== HEAP SUMMARY:
==8421==     in use at exit: 1,060,477 bytes in 29,671 blocks
==8421==   total heap usage: 1,189,645 allocs, 1,159,974 frees, 92,488,991
bytes allocated
==8421== 
==8421== LEAK SUMMARY:
==8421==    definitely lost: 8,959 bytes in 1,397 blocks
==8421==    indirectly lost: 37,072 bytes in 87 blocks
==8421==      possibly lost: 0 bytes in 0 blocks
==8421==    still reachable: 1,014,446 bytes in 28,187 blocks
==8421==         suppressed: 0 bytes in 0 blocks
==8421== Rerun with --leak-check=full to see details of leaked memory
==8421== 
==8421== For counts of detected and suppressed errors, rerun with: -v
==8421== Use --track-origins=yes to see where uninitialised values come from
==8421== ERROR SUMMARY: 2326 errors from 4 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:
  • You are watching all bug changes.