Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 6369] Buildbot crash output: fuzz-2011-09-21-28149.pcap

Date: Thu, 22 Sep 2011 11:54:13 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6369

--- Comment #2 from Bill Meier <wmeier@xxxxxxxxxxx> 2011-09-22 14:54:11 EDT ---
Created an attachment (id=7073)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7073)
Frame 15 from the original fuzz'd file causes a crash.

The attached file fuzz-2011-09-21-28149-crash-frame.pcap contains 1 (libpcap
format) frame and will fairly consistently cause a crash when read 
via 'tshark -nVxr ...'

The crash appears to be somehow caused by the rdp dissector messing up memory.

When the crash occurs the actual crash in tshark happens when epan_init() is
called upon just before program-exit to free up memory (and not when executing
the dissection code).

If the rdp dissector is disabled, then the crash does not occur.

valgrind doesn't report anything interesting.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.