| Bug ID |
10912
|
| Summary |
Buildbot crash output: fuzz-2015-02-01-5614.pcap
|
| Product |
Wireshark
|
| Version |
unspecified
|
| Hardware |
x86-64
|
| URL |
https://www.wireshark.org/download/automated/captures/fuzz-2015-02-01-5614.pcap
|
| OS |
Ubuntu
|
| Status |
CONFIRMED
|
| Severity |
Major
|
| Priority |
High
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2015-02-01-5614.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/12028-dump2_pber.cgi
Build host information:
Linux wsbb04 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:22:43 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty
Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=3127
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=6284040623f87d7a4b8323b51538fa4baa1d57a3
Return value: 0
Dissector bug: 0
Valgrind error count: 1
Git commit
commit 6284040623f87d7a4b8323b51538fa4baa1d57a3
Author: Peter Wu <[email protected]>
Date: Sat Jan 31 02:26:57 2015 +0100
README.dissector: fixed p_add_proto_data params
frame_data has long been gone. struct _packet_info is the same as
packet_info, just use that for brevity.
Change-Id: Ieb02bf6b642d728a7f80087f5cd750b9691e34e9
Reviewed-on: https://code.wireshark.org/review/6865
Reviewed-by: Alexis La Goutte <[email protected]>
Command and args: ./tools/valgrind-wireshark.sh
==13416== Memcheck, a memory error detector
==13416== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==13416== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==13416== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2015-02-01-5614.pcap
==13416==
==13416== Invalid read of size 4
==13416== at 0x7239891: jsmn_parse (jsmn.c:266)
==13416== by 0x6B08FD9: dissect_json_heur (packet-json.c:585)
==13416== by 0x66F9EB9: dissector_try_heuristic (packet.c:2059)
==13416== by 0x68BB1F1: dissect_db_lsp_disc (packet-db-lsp.c:182)
==13416== by 0x66F7E73: call_dissector_through_handle (packet.c:630)
==13416== by 0x66F8904: call_dissector_work (packet.c:717)
==13416== by 0x66F904B: dissector_try_uint_new (packet.c:1149)
==13416== by 0x66F9096: dissector_try_uint (packet.c:1175)
==13416== by 0x6E42F19: decode_udp_ports (packet-udp.c:532)
==13416== by 0x6E43762: dissect (packet-udp.c:878)
==13416== by 0x66F7E73: call_dissector_through_handle (packet.c:630)
==13416== by 0x66F8904: call_dissector_work (packet.c:717)
==13416== Address 0x133ded80 is 16 bytes before a block of size 16,384 alloc'd
==13416== at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==13416== by 0x9BD7610: g_malloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==13416== by 0x723EA3B: wmem_simple_alloc (wmem_allocator_simple.c:55)
==13416== by 0x6B08FB3: dissect_json_heur (packet-json.c:582)
==13416== by 0x66F9EB9: dissector_try_heuristic (packet.c:2059)
==13416== by 0x68BB1F1: dissect_db_lsp_disc (packet-db-lsp.c:182)
==13416== by 0x66F7E73: call_dissector_through_handle (packet.c:630)
==13416== by 0x66F8904: call_dissector_work (packet.c:717)
==13416== by 0x66F904B: dissector_try_uint_new (packet.c:1149)
==13416== by 0x66F9096: dissector_try_uint (packet.c:1175)
==13416== by 0x6E42F19: decode_udp_ports (packet-udp.c:532)
==13416== by 0x6E43762: dissect (packet-udp.c:878)
==13416==
==13416==
==13416== HEAP SUMMARY:
==13416== in use at exit: 1,229,569 bytes in 29,804 blocks
==13416== total heap usage: 445,833 allocs, 416,029 frees, 36,308,283 bytes
allocated
==13416==
==13416== LEAK SUMMARY:
==13416== definitely lost: 3,720 bytes in 160 blocks
==13416== indirectly lost: 36,968 bytes in 51 blocks
==13416== possibly lost: 0 bytes in 0 blocks
==13416== still reachable: 1,188,881 bytes in 29,593 blocks
==13416== suppressed: 0 bytes in 0 blocks
==13416== Rerun with --leak-check=full to see details of leaked memory
==13416==
==13416== For counts of detected and suppressed errors, rerun with: -v
==13416== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
[ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
