Wireshark-bugs: [Wireshark-bugs] [Bug 12523] New: ASAN heap-use-after free in Conversations/Endp

Date: Tue, 14 Jun 2016 18:27:51 +0000
Bug ID 12523
Summary ASAN heap-use-after free in Conversations/Endpoints dialog after applying a filter
Product Wireshark
Version Git
Hardware All
OS All
Status UNCONFIRMED
Severity Major
Priority Low
Component Qt UI
Assignee [email protected]
Reporter [email protected]

Created attachment 14648 [details]
wireshark v2.1.1rc0-81-gda50994 ASAN trace

Build Information:
Wireshark 2.1.1-git (v2.1.1rc0-81-gda50994 from master)

Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.48.1, with zlib 1.2.8, without SMI, with c-ares
1.11.0, with Lua 5.2, with GnuTLS 3.4.13, with Gcrypt 1.7.0, with MIT Kerberos,
with GeoIP, with QtMultimedia, without AirPcap.

Running on Linux 4.6.2-1-ARCH, with locale C, with libpcap version 1.7.4, with
GnuTLS 3.4.13, with Gcrypt 1.7.0, with zlib 1.2.8.
Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz (with SSE4.2)

Built using gcc 6.1.1 20160602.

--
Steps to reproduce:

 1. Open a large capture file (e.g.
sharkfest16_packetchallenge/sf2016-e.pcapng)
 2. Open Conversations or Endpoints statistics dialog
 3. Wait for the dialog to fully load.
 4. Right-click one address and use "Apply as Filter" to create a new filter.
 5. Close the dialog while Wireshark is redissecting.

Expected result:
no crash.

Actual result:
use-after-free.

Other info:
the UAF does not occur when changing the display filter in the main dialog.


You are receiving this mail because:
  • You are watching all bug changes.