Wireshark-bugs: [Wireshark-bugs] [Bug 12917] New: Buildbot crash output: fuzz-2016-09-17-13908.p
Date: Sat, 17 Sep 2016 19:00:05 +0000
Bug ID | 12917 |
---|---|
Summary | Buildbot crash output: fuzz-2016-09-17-13908.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-09-17-13908.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-09-17-13908.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/11007-packet-loss.pcap Build host information: Linux wsbb04 4.4.0-34-generic #53-Ubuntu SMP Wed Jul 27 16:06:39 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_WORKERNAME=clang-code-analysis BUILDBOT_BUILDNUMBER=3693 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_GOT_REVISION=983a9691a9ec18e29f045300dbb6d664c9da1635 Return value: 1 Dissector bug: 0 Valgrind error count: 0 Git commit commit 983a9691a9ec18e29f045300dbb6d664c9da1635 Author: Martin Kaiser <[email protected]> Date: Sat Sep 17 19:10:35 2016 +0200 eap: (trivial) reformat a comment Change-Id: I2c8a8066f1591004ace6362e24be57b6cec747d1 Reviewed-on: https://code.wireshark.org/review/17762 Reviewed-by: Martin Kaiser <[email protected]> ================================================================= ==19964==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffe14d852b1 at pc 0x000000440f03 bp 0x7ffe14d84fb0 sp 0x7ffe14d84760 READ of size 7 at 0x7ffe14d852b1 thread T0 #0 0x440f02 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x440f02) #1 0x7f96514ee4f2 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x684f2) #2 0x7f9659806dd3 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7a04dd3) #3 0x7f965973aba7 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7938ba7) #4 0x7f965973b0ea (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x79390ea) #5 0x7f9659c1b561 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e19561) #6 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #7 0x7f96596f36ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f16ac) #8 0x7f964a185882 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/wireshark/plugins/2.3.0/wimax.so+0x138882) #9 0x7f964a1720a3 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/wireshark/plugins/2.3.0/wimax.so+0x1250a3) #10 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #11 0x7f96596f5b08 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f3b08) #12 0x7f964a1664c4 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/wireshark/plugins/2.3.0/wimax.so+0x1194c4) #13 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #14 0x7f96596f36ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f16ac) #15 0x7f964a16496f (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/wireshark/plugins/2.3.0/wimax.so+0x11796f) #16 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #17 0x7f96596f36ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f16ac) #18 0x7f964a1621a2 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/wireshark/plugins/2.3.0/wimax.so+0x1151a2) #19 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #20 0x7f96596f36ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f16ac) #21 0x7f964a4ebac0 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/wireshark/plugins/2.3.0/m2m.so+0x6ac0) #22 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #23 0x7f96596f5b08 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f3b08) #24 0x7f9659c597c8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e577c8) #25 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #26 0x7f96596f36ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f16ac) #27 0x7f9659c57dd8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e55dd8) #28 0x7f9659c56700 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e54700) #29 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #30 0x7f96596f550a (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f350a) #31 0x7f9659ca173f (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e9f73f) #32 0x7f96596f583c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f383c) #33 0x7f96596f36ac (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f16ac) #34 0x7f96596f2e7a (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78f0e7a) #35 0x7f96596d906e (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78d706e) #36 0x50ea04 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x50ea04) #37 0x5090d5 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x5090d5) #38 0x7f964f6ba82f (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #39 0x423328 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x423328) Address 0x7ffe14d852b1 is located in stack of thread T0 at offset 49 in frame #0 0x7f9659c1ad3f (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7e18d3f) This frame has 3 object(s): [32, 33) 'eap_identity_prefix.i' [48, 49) 'eap_identity_prefix' <== Memory access at offset 49 overflows this variable [64, 72) 'frag_tree_item' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x440f02) Shadow bytes around the buggy address: 0x1000429a8a00: f1 f1 f1 f1 04 f2 04 f3 00 00 00 00 00 00 00 00 0x1000429a8a10: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 0x1000429a8a20: 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 0x1000429a8a30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1000429a8a40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x1000429a8a50: f1 f1 f1 f1 01 f2[01]f2 00 f3 f3 f3 00 00 00 00 0x1000429a8a60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1000429a8a70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1000429a8a80: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 0x1000429a8a90: 00 04 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 0x1000429a8aa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==19964==ABORTING [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12917] Buildbot crash output: fuzz-2016-09-17-13908.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12917] Buildbot crash output: fuzz-2016-09-17-13908.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12913] Buildbot crash output: fuzz-2016-09-17-2264.pcap
- Next by Date: [Wireshark-bugs] [Bug 12913] Buildbot crash output: fuzz-2016-09-17-2264.pcap
- Previous by thread: [Wireshark-bugs] [Bug 12916] Buildbot crash output: fuzz-2016-09-17-3735.pcap
- Next by thread: [Wireshark-bugs] [Bug 12917] Buildbot crash output: fuzz-2016-09-17-13908.pcap
- Index(es):