Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10113] Test case assertion in wiretap dumper

Wireshark-bugs: [Wireshark-bugs] [Bug 10113] Test case assertion in wiretap dumper

Date: Sat, 17 May 2014 15:36:49 +0000

Comment # 2 on bug 10113 from Peter Wu

OK, I confirmed that the ASAN crash is unrelated to that commit.

For reference, here is the ASAN crash with your tshark command and the commit
beefore 3aee917.

==8945==ERROR: AddressSanitizer: global-buffer-overflow on address
0x7ffff6a222bf at pc 0x7fffee4bef34 bp 0x7fffffffd020 sp 0x7fffffffd018
READ of size 1 at 0x7ffff6a222bf thread T0
    #0 0x7fffee4bef33 in File_read_line epan/wslua/wslua_file.c:195
    #1 0x7fffee4bf461 in File_read epan/wslua/wslua_file.c:297
    #2 0x7fffe7658d5c (/usr/lib/liblua.so.5.2+0xcd5c)
    #3 0x7fffe7664123 (/usr/lib/liblua.so.5.2+0x18123)
    #4 0x7fffe76590c8 (/usr/lib/liblua.so.5.2+0xd0c8)
    #5 0x7fffe76586bb (/usr/lib/liblua.so.5.2+0xc6bb)
    #6 0x7fffe7659300 (/usr/lib/liblua.so.5.2+0xd300)
    #7 0x7fffe765539c in lua_pcallk (/usr/lib/liblua.so.5.2+0x939c)
    #8 0x7fffee4c8ca4 in wslua_filehandler_read epan/wslua/wslua_file.c:1738
    #9 0x7fffe93b3ece in wtap_read wiretap/wtap.c:994
    #10 0x418e8f in load_cap_file tshark.c:3324
    #11 0x414979 in main tshark.c:2072
    #12 0x7fffe89d9fff in __libc_start_main (/usr/lib/libc.so.6+0x1ffff)
    #13 0x409b68 (run/tshark+0x409b68)

0x7ffff6a222bf is located 59 bytes to the right of global variable 'in_routine'
from 'epan/wslua/wslua_file.c' (0x7ffff6a22280) of size 4
0x7ffff6a222bf is located 1 bytes to the left of global variable 'linebuff'
from 'epan/wslua/wslua_file.c' (0x7ffff6a222c0) of size 65536
SUMMARY: AddressSanitizer: global-buffer-overflow epan/wslua/wslua_file.c:195
File_read_line
Shadow bytes around the buggy address:
  0x10007ed3c400: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
  0x10007ed3c410: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
  0x10007ed3c420: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
  0x10007ed3c430: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
  0x10007ed3c440: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9
=>0x10007ed3c450: 04 f9 f9 f9 f9 f9 f9[f9]00 00 00 00 00 00 00 00
  0x10007ed3c460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007ed3c470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007ed3c480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007ed3c490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007ed3c4a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Contiguous container OOB:fc
  ASan internal:           fe
==8945==ABORTING

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 10113] New: Test case assertion in wiretap dumper
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10113] Test case assertion in wiretap dumper
Next by Date: [Wireshark-bugs] [Bug 10113] Test case assertion in wiretap dumper
Previous by thread: [Wireshark-bugs] [Bug 10113] Test case assertion in wiretap dumper
Next by thread: [Wireshark-bugs] [Bug 10113] Test case assertion in wiretap dumper
Index(es):
- Date
- Thread