Wireshark-bugs: [Wireshark-bugs] [Bug 12575] New: Buildbot crash output: fuzz-2016-06-30-19295.p
Date: Thu, 30 Jun 2016 23:50:04 +0000
| Bug ID | 12575 |
|---|---|
| Summary | Buildbot crash output: fuzz-2016-06-30-19295.pcap |
| Product | Wireshark |
| Version | unspecified |
| Hardware | x86-64 |
| URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-06-30-19295.pcap |
| OS | Ubuntu |
| Status | CONFIRMED |
| Severity | Major |
| Priority | High |
| Component | Dissection engine (libwireshark) |
| Assignee | [email protected] |
| Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-06-30-19295.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/13863-test_decript1.pcapng Build host information: Linux wsbb04 3.13.0-86-generic #131-Ubuntu SMP Thu May 12 23:33:13 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_BUILDNUMBER=3610 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=cd1ddf6ef5c794cf135d8b36916dbdc7aae9ca57 Return value: 1 Dissector bug: 0 Valgrind error count: 0 Git commit commit cd1ddf6ef5c794cf135d8b36916dbdc7aae9ca57 Author: Gerald Combs <[email protected]> Date: Wed Jun 29 16:51:37 2016 -0700 Speed up print_line_text. isatty adds a small delay, at least on OS X. Call it only when we allocate a stream. Do the same for our codeset check. Change-Id: Id3a20059dbc9cf7d5db16d8d238d038b9de0ebf2 Reviewed-on: https://code.wireshark.org/review/16222 Petri-Dish: Gerald Combs <[email protected]> Tested-by: Petri Dish Buildbot <[email protected]> Reviewed-by: Gerald Combs <[email protected]> ================================================================= ==13638==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f339a0d5b08 at pc 0x7f33982fee4e bp 0x7fff17164e70 sp 0x7fff17164e68 READ of size 4 at 0x7f339a0d5b08 thread T0 #0 0x7f33982fee4d (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7cb3e4d) #1 0x7f33982fc6d8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7cb16d8) #2 0x7f3397c2b271 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75e0271) #3 0x7f3397c292ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75de2ac) #4 0x7f3398304e40 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7cb9e40) #5 0x7f3397c2b271 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75e0271) #6 0x7f3397c2af0a (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75dff0a) #7 0x7f33981c5d62 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7b7ad62) #8 0x7f3397c2b271 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75e0271) #9 0x7f3397c292ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75de2ac) #10 0x7f3397c28a99 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75dda99) #11 0x7f3397c0e40e (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x75c340e) #12 0x500fd9 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x500fd9) #13 0x4fbb47 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4fbb47) #14 0x7f338d8f5f44 (/lib/x86_64-linux-gnu/libc.so.6+0x21f44) #15 0x440916 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x440916) 0x7f339a0d5b08 is located 24 bytes to the left of global variable '<string literal>' defined in 'packet-ieee80211-radio.c:606:44' (0x7f339a0d5b20) of size 9 '<string literal>' is ascii string ' (%s %s)' 0x7f339a0d5b08 is located 29 bytes to the right of global variable '<string literal>' defined in 'packet-ieee80211-radio.c:604:44' (0x7f339a0d5ae0) of size 11 '<string literal>' is ascii string ' (invalid)' Shadow bytes around the buggy address: 0x0fe6f3412b10: 00 03 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 0x0fe6f3412b20: 00 03 f9 f9 f9 f9 f9 f9 06 f9 f9 f9 f9 f9 f9 f9 0x0fe6f3412b30: 07 f9 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 0x0fe6f3412b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 0x0fe6f3412b50: f9 f9 f9 f9 00 04 f9 f9 f9 f9 f9 f9 00 03 f9 f9 =>0x0fe6f3412b60: f9[f9]f9 f9 00 01 f9 f9 f9 f9 f9 f9 00 00 00 00 0x0fe6f3412b70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe6f3412b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe6f3412b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe6f3412ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe6f3412bb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==13638==ABORTING [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.