Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 13158] New: Buildbot crash output: fuzz-2016-11-19-26937.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 13158] New: Buildbot crash output: fuzz-2016-11-19-26937.p

Date: Sat, 19 Nov 2016 21:30:03 +0000

Bug ID	13158
Summary	Buildbot crash output: fuzz-2016-11-19-26937.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2016-11-19-26937.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-11-19-26937.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/11275-cops-fuzz-test.pcap

Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:    16.04
Codename:    xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3785
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=231ad4f6ff1dc675947739a107bd639a67b7cd35

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 231ad4f6ff1dc675947739a107bd639a67b7cd35
Author: Dario Lombardo <[email protected]>
Date:   Thu Nov 10 10:35:56 2016 +0100

    cpack: improve source tarball generation by adding the "dist" target.

    The source package must not contain compiled objects. If the build dir
    is under the source tree, it is included too. By excluding /build/ we
    avoid to add every build dir, but if the build dir doesn't contain
    build the problem still persist.

    Change-Id: I75021565c058c1a93945f43b9b49cb3d04c960d4
    Reviewed-on: https://code.wireshark.org/review/18729
    Reviewed-by: Peter Wu <[email protected]>
    Reviewed-by: Dario Lombardo <[email protected]>


==19229== Memcheck, a memory error detector
==19229== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==19229== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==19229== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-11-19-26937.pcap
==19229== 
==19229== Conditional jump or move depends on uninitialised value(s)
==19229==    at 0x6B99BE4: dissect_cops_pdu (packet-cops.c:1102)
==19229==    by 0x7189535: tcp_dissect_pdus (packet-tcp.c:3468)
==19229==    by 0x6B985B1: dissect_cops (packet-cops.c:1134)
==19229==    by 0x69AA215: call_dissector_through_handle (packet.c:650)
==19229==    by 0x69AA215: call_dissector_work (packet.c:725)
==19229==    by 0x69AA0DE: dissector_try_uint_new (packet.c:1290)
==19229==    by 0x7189A4F: decode_tcp_ports (packet-tcp.c:5420)
==19229==    by 0x718AD6F: process_tcp_payload (packet-tcp.c:5483)
==19229==    by 0x718A2C8: desegment_tcp (packet-tcp.c:2990)
==19229==    by 0x718A2C8: dissect_tcp_payload (packet-tcp.c:5550)
==19229==    by 0x718EE9C: dissect_tcp (packet-tcp.c:6434)
==19229==    by 0x69AA215: call_dissector_through_handle (packet.c:650)
==19229==    by 0x69AA215: call_dissector_work (packet.c:725)
==19229==    by 0x69AA0DE: dissector_try_uint_new (packet.c:1290)
==19229==    by 0x6DDAA72: ip_try_dissect (packet-ip.c:1978)
==19229==    by 0x6DDAA72: dissect_ip_v4 (packet-ip.c:2441)
==19229== 
==19229== 
==19229== HEAP SUMMARY:
==19229==     in use at exit: 6,085,744 bytes in 9,729 blocks
==19229==   total heap usage: 265,963 allocs, 256,234 frees, 37,348,348 bytes
allocated
==19229== 
==19229== LEAK SUMMARY:
==19229==    definitely lost: 504 bytes in 91 blocks
==19229==    indirectly lost: 640 bytes in 5 blocks
==19229==      possibly lost: 0 bytes in 0 blocks
==19229==    still reachable: 6,084,600 bytes in 9,633 blocks
==19229==         suppressed: 0 bytes in 0 blocks
==19229== Rerun with --leak-check=full to see details of leaked memory
==19229== 
==19229== For counts of detected and suppressed errors, rerun with: -v
==19229== Use --track-origins=yes to see where uninitialised values come from
==19229== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 13158] Buildbot crash output: fuzz-2016-11-19-26937.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 13157] New: Buildbot crash output: fuzz-2016-11-19-6636.pcap
Next by Date: [Wireshark-bugs] [Bug 13100] Buildbot crash output: fuzz-2016-11-06-14396.pcap
Previous by thread: [Wireshark-bugs] [Bug 13157] Buildbot crash output: fuzz-2016-11-19-6636.pcap
Next by thread: [Wireshark-bugs] [Bug 13158] Buildbot crash output: fuzz-2016-11-19-26937.pcap
Index(es):
- Date
- Thread