Wireshark-bugs: [Wireshark-bugs] [Bug 9952] Buildbot crash output: fuzz-2014-04-02-7762.pcap
Date: Fri, 11 Apr 2014 02:43:13 +0000

changed bug 9952

What Removed Added
CC   [email protected]

Comment # 1 on bug 9952 from
Valgrind says:

~~~
==9984== Invalid read of size 8
==9984==    at 0x63708B7: except_pop (except.c:260)
==9984==    by 0x65E63AE: dissect_ethertype (packet-ethertype.c:327)
==9984==    by 0x637842E: call_dissector_through_handle (packet.c:591)
==9984==    by 0x6378CE4: call_dissector_work (packet.c:682)
==9984==    by 0x637A811: call_dissector_with_data (packet.c:2260)
==9984==    by 0x69AF69A: dissect_sll (packet-sll.c:310)
==9984==    by 0x63783F3: call_dissector_through_handle (packet.c:595)
==9984==    by 0x6378CE4: call_dissector_work (packet.c:682)
==9984==    by 0x637939B: dissector_try_uint_new (packet.c:1113)
==9984==    by 0x63793F6: dissector_try_uint (packet.c:1139)
==9984==    by 0x6619DD2: dissect_frame (packet-frame.c:488)
==9984==    by 0x63783F3: call_dissector_through_handle (packet.c:595)
==9984==  Address 0x7feffe000 is not stack'd, malloc'd or (recently) free'd
==9984== 
==9984== Invalid read of size 8
==9984==    at 0x63708B7: except_pop (except.c:260)
==9984==    by 0x6618E3E: dissect_frame (packet-frame.c:525)
==9984==    by 0x63783F3: call_dissector_through_handle (packet.c:595)
==9984==    by 0x6378CE4: call_dissector_work (packet.c:682)
==9984==    by 0x637A811: call_dissector_with_data (packet.c:2260)
==9984==    by 0x637AB72: dissect_packet (packet.c:468)
==9984==    by 0x637025D: epan_dissect_run_with_taps (epan.c:348)
==9984==    by 0x41360F: process_packet (tshark.c:3533)
==9984==    by 0x40BB21: main (tshark.c:3323)
==9984==  Address 0x7feffe000 is not stack'd, malloc'd or (recently) free'd
==9984== 
==9984== Invalid read of size 8
==9984==    at 0x63708B7: except_pop (except.c:260)
==9984==    by 0x637AA6B: dissect_packet (packet.c:478)
==9984==    by 0x637025D: epan_dissect_run_with_taps (epan.c:348)
==9984==    by 0x41360F: process_packet (tshark.c:3533)
==9984==    by 0x40BB21: main (tshark.c:3323)
==9984==  Address 0x7feffe000 is not stack'd, malloc'd or (recently) free'd
==9984== 
==9984== Invalid read of size 8
==9984==    at 0x63708B7: except_pop (except.c:260)
==9984==    by 0x40BCEB: main (tshark.c:2085)
==9984==  Address 0x7feffe000 is not stack'd, malloc'd or (recently) free'd
~~~

git bisect eventually leads to:

~~~
a6ae13dee97af192794a604f348a31b505926d47 is the first bad commit
commit a6ae13dee97af192794a604f348a31b505926d47
Author: Pascal Quantin <[email protected]>
Date:   Sun Sep 8 21:10:36 2013 +0000

    Slightly different fix for
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9117 :
    Check that tvb returned by dissect_per_bit_string is not null before trying
to use it

    svn path=/trunk/; revision=51846
~~~

though honestly I don't understand what that commit has to do with those
Valgrind errors.


You are receiving this mail because:
  • You are watching all bug changes.