Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 11775] New: Buildbot crash output: fuzz-2015-11-25-24225.p

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 25 Nov 2015 15:50:04 +0000
Bug ID 11775
Summary Buildbot crash output: fuzz-2015-11-25-24225.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2015-11-25-24225.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2015-11-25-24225.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/1147-fuzz-2007-11-16-18765.pcap.gz

Build host information:
Linux wsbb04 3.13.0-66-generic #108-Ubuntu SMP Wed Oct 7 15:20:27 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.3 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=3403
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=cec0593ae6c3bca65eff65741c2a10f3de3e0afe

Return value:  139

Dissector bug:  0

Valgrind error count:  0



Git commit
commit cec0593ae6c3bca65eff65741c2a10f3de3e0afe
Author: Peter Wu <[email protected]>
Date:   Sun Nov 22 18:16:46 2015 +0100

    Fix buffer overrun in zlib decompression

    After updating next_in (to remove the gzip header), avail_in must also
    be updated. Failing to do makes zlib read past the input buffer. In
    theory this would resukt in a buffer overrun of at most double the input
    length, in practice zlib returns as soon as the compression fails (after
    reading a few bytes).

    Bug: 11548
    Change-Id: If71691a2846338f46d866964a77cc4e74a9b61dd
    Reviewed-on: https://code.wireshark.org/review/12038
    Petri-Dish: Peter Wu <[email protected]>
    Tested-by: Petri Dish Buildbot <[email protected]>
    Reviewed-by: Peter Wu <[email protected]>


Command and args:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nVxr


[ no debug trace ]

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube