Wireshark-bugs: [Wireshark-bugs] [Bug 13215] New: Buildbot crash output: fuzz-2016-12-07-6687.pc
Date: Wed, 07 Dec 2016 08:40:03 +0000
| Bug ID | 13215 |
|---|---|
| Summary | Buildbot crash output: fuzz-2016-12-07-6687.pcap |
| Product | Wireshark |
| Version | unspecified |
| Hardware | x86-64 |
| URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-12-07-6687.pcap |
| OS | Ubuntu |
| Status | CONFIRMED |
| Severity | Major |
| Priority | High |
| Component | Dissection engine (libwireshark) |
| Assignee | [email protected] |
| Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-12-07-6687.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/11275-cops-fuzz-test.pcap Build host information: Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_WORKERNAME=clang-code-analysis BUILDBOT_BUILDNUMBER=3808 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_GOT_REVISION=199756b43db99217f37629611a511ec48caf49a3 Return value: 0 Dissector bug: 0 Valgrind error count: 1 Git commit commit 199756b43db99217f37629611a511ec48caf49a3 Author: Michael Mann <[email protected]> Date: Mon Dec 5 07:39:06 2016 -0500 SMB: Limit Export object files to 32 bits. Most of the file offset fields are 32-bit, but the algorithms use gsize variables, which can vary between 32 and 64 bit builds. The 64-bit builds are the ones with the problem with "garbage" data comes from (effectively) invalid 32-bit offsets. Bug: 11133 Change-Id: Icb5d31ae732f9177f3a117dfae39bf1cc983d603 Reviewed-on: https://code.wireshark.org/review/19091 Petri-Dish: Michael Mann <[email protected]> Reviewed-by: Michael Mann <[email protected]> Command and args: ./tools/valgrind-wireshark.sh ==25217== Memcheck, a memory error detector ==25217== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==25217== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==25217== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-12-07-6687.pcap ==25217== ==25217== Conditional jump or move depends on uninitialised value(s) ==25217== at 0x69FC604: dissect_cops_pdu (packet-cops.c:1103) ==25217== by 0x6F7AA5D: tcp_dissect_pdus (packet-tcp.c:2750) ==25217== by 0x69FAFB1: dissect_cops (packet-cops.c:1135) ==25217== by 0x682BF38: call_dissector_through_handle (packet.c:618) ==25217== by 0x682BF38: call_dissector_work (packet.c:706) ==25217== by 0x682BDFE: dissector_try_uint_new (packet.c:1163) ==25217== by 0x6F7AD55: decode_tcp_ports (packet-tcp.c:4629) ==25217== by 0x6F7BE60: process_tcp_payload (packet-tcp.c:4682) ==25217== by 0x6F7B32A: desegment_tcp (packet-tcp.c:2270) ==25217== by 0x6F7B32A: dissect_tcp_payload (packet-tcp.c:4749) ==25217== by 0x6F7FBA6: dissect_tcp (packet-tcp.c:5656) ==25217== by 0x682BF69: call_dissector_through_handle (packet.c:620) ==25217== by 0x682BF69: call_dissector_work (packet.c:706) ==25217== by 0x682BDFE: dissector_try_uint_new (packet.c:1163) ==25217== by 0x6C1397F: ip_try_dissect (packet-ip.c:2000) ==25217== ==25217== ==25217== HEAP SUMMARY: ==25217== in use at exit: 1,034,856 bytes in 28,346 blocks ==25217== total heap usage: 243,815 allocs, 215,469 frees, 31,539,004 bytes allocated ==25217== ==25217== LEAK SUMMARY: ==25217== definitely lost: 2,972 bytes in 127 blocks ==25217== indirectly lost: 36,704 bytes in 50 blocks ==25217== possibly lost: 0 bytes in 0 blocks ==25217== still reachable: 995,180 bytes in 28,169 blocks ==25217== suppressed: 0 bytes in 0 blocks ==25217== Rerun with --leak-check=full to see details of leaked memory ==25217== ==25217== For counts of detected and suppressed errors, rerun with: -v ==25217== Use --track-origins=yes to see where uninitialised values come from ==25217== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 13215] Buildbot crash output: fuzz-2016-12-07-6687.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13215] Buildbot crash output: fuzz-2016-12-07-6687.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13215] Buildbot crash output: fuzz-2016-12-07-6687.pcap
- Prev by Date: [Wireshark-bugs] [Bug 13212] Wireshark shows "MS Video Source Request" in a RTCP packet as "Malformed"
- Next by Date: [Wireshark-bugs] [Bug 12882] TCP packets sometimes are incorrectly parsed as TDS (or other corruptions)
- Previous by thread: [Wireshark-bugs] [Bug 5619] G.722 and G.726 VoIP codecs
- Next by thread: [Wireshark-bugs] [Bug 13215] Buildbot crash output: fuzz-2016-12-07-6687.pcap
- Index(es):