Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 13187] New: Buildbot crash output: fuzz-2016-11-30-31444.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 13187] New: Buildbot crash output: fuzz-2016-11-30-31444.p

Date: Wed, 30 Nov 2016 09:40:03 +0000

Bug ID	13187
Summary	Buildbot crash output: fuzz-2016-11-30-31444.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2016-11-30-31444.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-11-30-31444.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/11275-cops-fuzz-test.pcap

Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:    16.04
Codename:    xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3800
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=7fe45cc0ec4e8bc1c3d5cd27c98feb8ecbb2b1b4

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 7fe45cc0ec4e8bc1c3d5cd27c98feb8ecbb2b1b4
Author: Peter Wu <[email protected]>
Date:   Wed Nov 23 16:28:34 2016 +0100

    Qt: fix GoToPacket when Voip Calls dialog is closed

    After opening the Call Flows dialog from the Voip Calls dialog, followed
    by closing the Voip Calls dialog, the Go To Packet functionality in the
    Call Flows dialog is broken. That happens because the signal is not
    proxied anymore.

    Just remove all these indirections via signals and directly update the
    selected packet.

    Change-Id: I9c6d519dbe800e4dfdf0407d832f17819b344e46
    Reviewed-on: https://code.wireshark.org/review/18933
    Petri-Dish: Peter Wu <[email protected]>
    Tested-by: Petri Dish Buildbot <[email protected]>
    Reviewed-by: Gerald Combs <[email protected]>


==16247== Memcheck, a memory error detector
==16247== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==16247== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==16247== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-11-30-31444.pcap
==16247== 
==16247== Conditional jump or move depends on uninitialised value(s)
==16247==    at 0x6B9C8F4: dissect_cops_pdu (packet-cops.c:1102)
==16247==    by 0x718E655: tcp_dissect_pdus (packet-tcp.c:3468)
==16247==    by 0x6B9B2C1: dissect_cops (packet-cops.c:1134)
==16247==    by 0x69ACDB5: call_dissector_through_handle (packet.c:650)
==16247==    by 0x69ACDB5: call_dissector_work (packet.c:725)
==16247==    by 0x69ACC7E: dissector_try_uint_new (packet.c:1290)
==16247==    by 0x718EB6F: decode_tcp_ports (packet-tcp.c:5420)
==16247==    by 0x718FE8F: process_tcp_payload (packet-tcp.c:5483)
==16247==    by 0x718F3E8: desegment_tcp (packet-tcp.c:2990)
==16247==    by 0x718F3E8: dissect_tcp_payload (packet-tcp.c:5550)
==16247==    by 0x7193E57: dissect_tcp (packet-tcp.c:6434)
==16247==    by 0x69ACDB5: call_dissector_through_handle (packet.c:650)
==16247==    by 0x69ACDB5: call_dissector_work (packet.c:725)
==16247==    by 0x69ACC7E: dissector_try_uint_new (packet.c:1290)
==16247==    by 0x6DDD922: ip_try_dissect (packet-ip.c:1978)
==16247==    by 0x6DDD922: dissect_ip_v4 (packet-ip.c:2441)
==16247== 
==16247== 
==16247== HEAP SUMMARY:
==16247==     in use at exit: 6,085,520 bytes in 9,731 blocks
==16247==   total heap usage: 266,061 allocs, 256,330 frees, 37,344,896 bytes
allocated
==16247== 
==16247== LEAK SUMMARY:
==16247==    definitely lost: 456 bytes in 90 blocks
==16247==    indirectly lost: 384 bytes in 3 blocks
==16247==      possibly lost: 0 bytes in 0 blocks
==16247==    still reachable: 6,084,680 bytes in 9,638 blocks
==16247==         suppressed: 0 bytes in 0 blocks
==16247== Rerun with --leak-check=full to see details of leaked memory
==16247== 
==16247== For counts of detected and suppressed errors, rerun with: -v
==16247== Use --track-origins=yes to see where uninitialised values come from
==16247== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Prev by Date: [Wireshark-bugs] [Bug 13186] New: Buildbot crash output: fuzz-2016-11-28-2043.pcap
Next by Date: [Wireshark-bugs] [Bug 13188] New: bcp_bpdu size reports not header size, but all data underneath and its header size in UI
Previous by thread: [Wireshark-bugs] [Bug 13186] New: Buildbot crash output: fuzz-2016-11-28-2043.pcap
Next by thread: [Wireshark-bugs] [Bug 13188] New: bcp_bpdu size reports not header size, but all data underneath and its header size in UI
Index(es):
- Date
- Thread