Wireshark-bugs: [Wireshark-bugs] [Bug 12953] New: Buildbot crash output: fuzz-2016-09-26-15740.p
Date: Mon, 26 Sep 2016 22:30:03 +0000
Bug ID | 12953 |
---|---|
Summary | Buildbot crash output: fuzz-2016-09-26-15740.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-09-26-15740.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-09-26-15740.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/12695-AllJoynSample2.pcapng Build host information: Linux wsbb04 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_WORKERNAME=fuzz-test BUILDBOT_BUILDNUMBER=95 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.2/ BUILDBOT_BUILDERNAME=Fuzz Test BUILDBOT_GOT_REVISION=8d95155048fdff8894a8ae6ff5f0edd81c8bbd4d Return value: 0 Dissector bug: 0 Valgrind error count: 1 Git commit commit 8d95155048fdff8894a8ae6ff5f0edd81c8bbd4d Author: Gerald Combs <[email protected]> Date: Wed Sep 21 15:38:16 2016 -0700 Check for ASAN when fuzzing. Try to determine if we passed -fsanitize=address to gcc or clang and adjust the ASAN variable fuzz-test.sh, randpkt-test.sh and test-captures.sh accordingly. Change-Id: I88a34828fb5875e1a74a3b180ffb3da37daac0bd Reviewed-on: https://code.wireshark.org/review/17848 Reviewed-by: Pascal Quantin <[email protected]> (cherry picked from commit 17546ad88378fbeaad25e571e0fa35e7a5bfa622) Reviewed-on: https://code.wireshark.org/review/17934 ==2919== Memcheck, a memory error detector ==2919== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==2919== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==2919== Command: /home/wireshark/builders/wireshark-2.2-fuzz/fuzztest/install/bin/tshark -nr /fuzz/buildbot/fuzztest/valgrind-fuzz-2.2/fuzz-2016-09-26-15740.pcap ==2919== ==2919== Invalid read of size 1 ==2919== at 0x69DF86E: handle_message_body_parameters (packet-alljoyn.c:1456) ==2919== by 0x69DF86E: handle_message_header_body (packet-alljoyn.c:1613) ==2919== by 0x69DF86E: dissect_AllJoyn_message (packet-alljoyn.c:1726) ==2919== by 0x694953E: call_dissector_through_handle (packet.c:648) ==2919== by 0x694953E: call_dissector_work (packet.c:723) ==2919== by 0x6949C68: dissector_try_uint_new (packet.c:1188) ==2919== by 0x710442C: decode_tcp_ports (packet-tcp.c:5026) ==2919== by 0x71046B4: process_tcp_payload (packet-tcp.c:5098) ==2919== by 0x7105053: desegment_tcp (packet-tcp.c:2700) ==2919== by 0x7105053: dissect_tcp_payload (packet-tcp.c:5165) ==2919== by 0x7106B88: dissect_tcp (packet-tcp.c:6036) ==2919== by 0x694953E: call_dissector_through_handle (packet.c:648) ==2919== by 0x694953E: call_dissector_work (packet.c:723) ==2919== by 0x6949C68: dissector_try_uint_new (packet.c:1188) ==2919== by 0x6D50C55: ip_try_dissect (packet-ip.c:1976) ==2919== by 0x6D51E24: dissect_ip_v4 (packet-ip.c:2438) ==2919== by 0x694953E: call_dissector_through_handle (packet.c:648) ==2919== by 0x694953E: call_dissector_work (packet.c:723) ==2919== Address 0x12b0d3a3 is 0 bytes after a block of size 3 alloc'd ==2919== at 0x4C2FD5F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2919== by 0xA31B7E7: g_realloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==2919== by 0x753C9EA: wmem_simple_realloc (wmem_allocator_simple.c:90) ==2919== by 0x753E12C: wmem_strbuf_finalize (wmem_strbuf.c:288) ==2919== by 0x695D9A9: get_stringzpad_value (proto.c:1631) ==2919== by 0x695D9A9: proto_tree_add_item_ret_string_and_length (proto.c:2414) ==2919== by 0x695DD3B: proto_tree_add_item_ret_string (proto.c:2442) ==2919== by 0x69DE7D1: parse_arg (packet-alljoyn.c:1004) ==2919== by 0x69DF76C: handle_message_field (packet-alljoyn.c:1358) ==2919== by 0x69DF76C: handle_message_header_fields (packet-alljoyn.c:1414) ==2919== by 0x69DF76C: handle_message_header_body (packet-alljoyn.c:1594) ==2919== by 0x69DF76C: dissect_AllJoyn_message (packet-alljoyn.c:1726) ==2919== by 0x694953E: call_dissector_through_handle (packet.c:648) ==2919== by 0x694953E: call_dissector_work (packet.c:723) ==2919== by 0x6949C68: dissector_try_uint_new (packet.c:1188) ==2919== by 0x710442C: decode_tcp_ports (packet-tcp.c:5026) ==2919== by 0x71046B4: process_tcp_payload (packet-tcp.c:5098) ==2919== ==2919== ==2919== HEAP SUMMARY: ==2919== in use at exit: 447,704 bytes in 9,617 blocks ==2919== total heap usage: 271,012 allocs, 261,395 frees, 33,185,517 bytes allocated ==2919== ==2919== LEAK SUMMARY: ==2919== definitely lost: 343 bytes in 20 blocks ==2919== indirectly lost: 362 bytes in 4 blocks ==2919== possibly lost: 0 bytes in 0 blocks ==2919== still reachable: 446,999 bytes in 9,593 blocks ==2919== suppressed: 0 bytes in 0 blocks ==2919== Rerun with --leak-check=full to see details of leaked memory ==2919== ==2919== For counts of detected and suppressed errors, rerun with: -v ==2919== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 1 from 1) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12953] Buildbot crash output: fuzz-2016-09-26-15740.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12953] Buildbot crash output: fuzz-2016-09-26-15740.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12953] Buildbot crash output: fuzz-2016-09-26-15740.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12953] Buildbot crash output: fuzz-2016-09-26-15740.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12952] [feature-request] Support for sshdump using tcpdump rather than dumpcap
- Next by Date: [Wireshark-bugs] [Bug 12952] [feature-request] Support for sshdump using tcpdump rather than dumpcap
- Previous by thread: [Wireshark-bugs] [Bug 12952] [feature-request] Support for sshdump using tcpdump rather than dumpcap
- Next by thread: [Wireshark-bugs] [Bug 12953] Buildbot crash output: fuzz-2016-09-26-15740.pcap
- Index(es):