Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9828] Buildbot crash output: fuzz-2014-03-02-5984.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 9828] Buildbot crash output: fuzz-2014-03-02-5984.pcap

Date: Sat, 08 Mar 2014 17:30:51 +0000

What	Removed	Added
CC		[email protected]

Comment # 1 on bug 9828 from Evan Huus

Top of crash backtrace is:

#0  fp_set_per_packet_inf_from_conv (p_conv_data=p_conv_data@entry=0x347ed54,
tvb=tvb@entry=0x343d5e0, pinfo=pinfo@entry=0x34082c8, tree=0x3560554)
    at packet-umts_fp.c:4056
#1  0x00007f1eac9712a8 in dissect_fp (tvb=0x343d5e0, pinfo=0x34082c8,
tree=<optimized out>) at packet-umts_fp.c:4217
#2  0x00007f1eac2aa7e4 in call_dissector_through_handle
(handle=handle@entry=0x2265f54, tvb=tvb@entry=0x343d5e0,
pinfo=pinfo@entry=0x34082c8, 
    tree=tree@entry=0x338a380, data="" at packet.c:595

Valgrind errors are many, mostly very similar to

==28088== Invalid write of size 1
==28088==    at 0x6C03E92: fp_set_per_packet_inf_from_conv.isra.4
(packet-umts_fp.c:3990)
==28088==    by 0x6C082A7: dissect_fp (packet-umts_fp.c:4217)
==28088==    by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088==    by 0x65420D4: call_dissector_work (packet.c:682)
==28088==    by 0x6534EE6: try_conversation_dissector (conversation.c:1266)
==28088==    by 0x6BFE8FB: decode_udp_ports (packet-udp.c:368)
==28088==    by 0x6BFF319: dissect (packet-udp.c:750)
==28088==    by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088==    by 0x65420D4: call_dissector_work (packet.c:682)
==28088==    by 0x654278B: dissector_try_uint_new (packet.c:1113)
==28088==    by 0x68CF622: dissect_ip (packet-ip.c:2400)
==28088==    by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088==  Address 0x14cb8014 is 0 bytes after a block of size 772 alloc'd
==28088==    at 0x4C2A420: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28088==    by 0x9707610: g_malloc (gmem.c:97)
==28088==    by 0x6FF140F: wmem_simple_alloc (wmem_allocator_simple.c:50)
==28088==    by 0x6FF00CD: wmem_alloc0 (wmem_core.c:62)
==28088==    by 0x6C03D33: fp_set_per_packet_inf_from_conv.isra.4
(packet-umts_fp.c:3967)
==28088==    by 0x6C082A7: dissect_fp (packet-umts_fp.c:4217)
==28088==    by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088==    by 0x65420D4: call_dissector_work (packet.c:682)
==28088==    by 0x6534EE6: try_conversation_dissector (conversation.c:1266)
==28088==    by 0x6BFE8FB: decode_udp_ports (packet-udp.c:368)
==28088==    by 0x6BFF319: dissect (packet-udp.c:750)
==28088==    by 0x65417E3: call_dissector_through_handle (packet.c:595)

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 9828] New: Buildbot crash output: fuzz-2014-03-02-5984.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9852] Buildbot crash output: fuzz-2014-03-07-11435.pcap
Next by Date: [Wireshark-bugs] [Bug 9531] IE chosen channel on Lb interface decoded incorrectly
Previous by thread: [Wireshark-bugs] [Bug 9828] Buildbot crash output: fuzz-2014-03-02-5984.pcap
Next by thread: [Wireshark-bugs] [Bug 9828] Buildbot crash output: fuzz-2014-03-02-5984.pcap
Index(es):
- Date
- Thread