Bug ID |
13231
|
Summary |
Buildbot crash output: fuzz-2016-12-09-20162.pcap
|
Product |
Wireshark
|
Version |
unspecified
|
Hardware |
x86-64
|
URL |
https://www.wireshark.org/download/automated/captures/fuzz-2016-12-09-20162.pcap
|
OS |
Ubuntu
|
Status |
CONFIRMED
|
Severity |
Major
|
Priority |
High
|
Component |
Dissection engine (libwireshark)
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2016-12-09-20162.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/before.pcap
Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 16.04.1 LTS
Release: 16.04
Codename: xenial
Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3815
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=f60ec2581ae825f89e669ca4b4f14917a2aab561
Return value: 0
Dissector bug: 0
Valgrind error count: 1
Git commit
commit f60ec2581ae825f89e669ca4b4f14917a2aab561
Author: Michael Mann <[email protected]>
Date: Thu Dec 8 21:41:58 2016 -0500
[ICMP] use abs() in detecting timestamp heuristics
The code was making the assumption that the ICMP data time will always
be greater than or equal to the frame time, but not earlier, but that
is not always the case and the heuristics can fail.
Bug: 13161
Change-Id: I4bc7bd8d22d717d3b1f08afdd651f8a70cb7aef2
Reviewed-on: https://code.wireshark.org/review/19157
Petri-Dish: Michael Mann <[email protected]>
Tested-by: Petri Dish Buildbot <[email protected]>
Reviewed-by: Michael Mann <[email protected]>
==6426== Memcheck, a memory error detector
==6426== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==6426== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==6426== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-12-09-20162.pcap
==6426==
==6426== Conditional jump or move depends on uninitialised value(s)
==6426== at 0x69DC9E6: fragment_add_seq_work (reassemble.c:1686)
==6426== by 0x69DC9E6: fragment_add_seq_common (reassemble.c:1956)
==6426== by 0x69DCD97: fragment_add_seq_check_work (reassemble.c:2037)
==6426== by 0x69DCD2B: fragment_add_seq_check (reassemble.c:2074)
==6426== by 0x6FCEBF8: dissect_p_mul (packet-p_mul.c:1290)
==6426== by 0x69B1F75: call_dissector_through_handle (packet.c:650)
==6426== by 0x69B1F75: call_dissector_work (packet.c:725)
==6426== by 0x69B2059: dissector_try_uint_new (packet.c:1290)
==6426== by 0x69B2059: dissector_try_uint (packet.c:1316)
==6426== by 0x70A34DD: dissect_s5066_common (packet-s5066sis.c:1054)
==6426== by 0x7198C15: tcp_dissect_pdus (packet-tcp.c:3468)
==6426== by 0x70A1D48: dissect_s5066_tcp (packet-s5066sis.c:980)
==6426== by 0x69B1F75: call_dissector_through_handle (packet.c:650)
==6426== by 0x69B1F75: call_dissector_work (packet.c:725)
==6426== by 0x69B1E3E: dissector_try_uint_new (packet.c:1290)
==6426== by 0x71990D7: decode_tcp_ports (packet-tcp.c:5414)
==6426==
==6426==
==6426== HEAP SUMMARY:
==6426== in use at exit: 6,083,455 bytes in 9,745 blocks
==6426== total heap usage: 265,761 allocs, 256,016 frees, 37,349,154 bytes
allocated
==6426==
==6426== LEAK SUMMARY:
==6426== definitely lost: 520 bytes in 88 blocks
==6426== indirectly lost: 256 bytes in 5 blocks
==6426== possibly lost: 0 bytes in 0 blocks
==6426== still reachable: 6,082,679 bytes in 9,652 blocks
==6426== suppressed: 0 bytes in 0 blocks
==6426== Rerun with --leak-check=full to see details of leaked memory
==6426==
==6426== For counts of detected and suppressed errors, rerun with: -v
==6426== Use --track-origins=yes to see where uninitialised values come from
==6426== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
[ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.