Bug ID |
12771
|
Summary |
Buildbot crash output: fuzz-2016-08-20-18156.pcap
|
Product |
Wireshark
|
Version |
unspecified
|
Hardware |
x86-64
|
URL |
https://www.wireshark.org/download/automated/captures/fuzz-2016-08-20-18156.pcap
|
OS |
Ubuntu
|
Status |
CONFIRMED
|
Severity |
Major
|
Priority |
High
|
Component |
Dissection engine (libwireshark)
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2016-08-20-18156.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/10263-coap12_00.pcap
Build host information:
Linux wsbb04 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:07:12 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 16.04.1 LTS
Release: 16.04
Codename: xenial
Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_WORKERNAME=fuzz-test
BUILDBOT_BUILDNUMBER=45
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.2/
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_GOT_REVISION=566e8719fa1066877b125df24f52ca74edfddfdb
Return value: 0
Dissector bug: 0
Valgrind error count: 2
Git commit
commit 566e8719fa1066877b125df24f52ca74edfddfdb
Author: Pascal Quantin <[email protected]>
Date: Fri Aug 19 18:00:36 2016 +0200
NLM: fix dissection of NLM_FREE_ALL message
The second parameter is the state, not the status as seen in C702 doc, page
159
Bug: 12764
Change-Id: I0a91a0e586c7663ace7c4c6b1044cafc1c0975ac
Reviewed-on: https://code.wireshark.org/review/17178
Reviewed-by: Pascal Quantin <[email protected]>
Petri-Dish: Pascal Quantin <[email protected]>
Tested-by: Petri Dish Buildbot <[email protected]>
Reviewed-by: Alexis La Goutte <[email protected]>
(cherry picked from commit 6cfb20da0dd5617c620e7f48f95e931c19a0dac4)
Reviewed-on: https://code.wireshark.org/review/17185
==9656== Memcheck, a memory error detector
==9656== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==9656== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==9656== Command:
/home/wireshark/builders/wireshark-2.2-fuzz/fuzztest/install/bin/tshark -nr
/fuzz/buildbot/fuzztest/valgrind-fuzz-2.2/fuzz-2016-08-20-18156.pcap
==9656==
==9656== Conditional jump or move depends on uninitialised value(s)
==9656== at 0x7533DC5: lookup_or_insert32_node (wmem_tree.c:322)
==9656== by 0x75343CF: lookup_or_insert32 (wmem_tree.c:365)
==9656== by 0x75343CF: wmem_tree_insert32_array (wmem_tree.c:597)
==9656== by 0x6B124B1: dissect_coap (packet-coap.c:947)
==9656== by 0x693BF6E: call_dissector_through_handle (packet.c:648)
==9656== by 0x693BF6E: call_dissector_work (packet.c:723)
==9656== by 0x693C698: dissector_try_uint_new (packet.c:1187)
==9656== by 0x693C6E0: dissector_try_uint (packet.c:1213)
==9656== by 0x71315C9: decode_udp_ports (packet-udp.c:578)
==9656== by 0x7131F18: dissect (packet-udp.c:1028)
==9656== by 0x713245D: dissect_udp (packet-udp.c:1034)
==9656== by 0x693BF6E: call_dissector_through_handle (packet.c:648)
==9656== by 0x693BF6E: call_dissector_work (packet.c:723)
==9656== by 0x693C698: dissector_try_uint_new (packet.c:1187)
==9656== by 0x6D437D5: ip_try_dissect (packet-ip.c:1976)
==9656==
==9656== Conditional jump or move depends on uninitialised value(s)
==9656== at 0x7533DC5: lookup_or_insert32_node (wmem_tree.c:322)
==9656== by 0x6B124B1: dissect_coap (packet-coap.c:947)
==9656== by 0x693BF6E: call_dissector_through_handle (packet.c:648)
==9656== by 0x693BF6E: call_dissector_work (packet.c:723)
==9656== by 0x693C698: dissector_try_uint_new (packet.c:1187)
==9656== by 0x693C6E0: dissector_try_uint (packet.c:1213)
==9656== by 0x71315C9: decode_udp_ports (packet-udp.c:578)
==9656== by 0x7131F18: dissect (packet-udp.c:1028)
==9656== by 0x713245D: dissect_udp (packet-udp.c:1034)
==9656== by 0x693BF6E: call_dissector_through_handle (packet.c:648)
==9656== by 0x693BF6E: call_dissector_work (packet.c:723)
==9656== by 0x693C698: dissector_try_uint_new (packet.c:1187)
==9656== by 0x6D437D5: ip_try_dissect (packet-ip.c:1976)
==9656== by 0x6D623DB: dissect_ipv6 (packet-ipv6.c:2198)
==9656==
==9656==
==9656== HEAP SUMMARY:
==9656== in use at exit: 457,907 bytes in 9,817 blocks
==9656== total heap usage: 262,910 allocs, 253,093 frees, 32,591,802 bytes
allocated
==9656==
==9656== LEAK SUMMARY:
==9656== definitely lost: 3,270 bytes in 147 blocks
==9656== indirectly lost: 9,112 bytes in 77 blocks
==9656== possibly lost: 0 bytes in 0 blocks
==9656== still reachable: 445,525 bytes in 9,593 blocks
==9656== suppressed: 0 bytes in 0 blocks
==9656== Rerun with --leak-check=full to see details of leaked memory
==9656==
==9656== For counts of detected and suppressed errors, rerun with: -v
==9656== Use --track-origins=yes to see where uninitialised values come from
==9656== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 1 from 1)
[ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.