Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12253] New: Buildbot crash output: fuzz-2016-03-11-13630.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 12253] New: Buildbot crash output: fuzz-2016-03-11-13630.p

Date: Fri, 11 Mar 2016 14:00:03 +0000

Bug ID	12253
Summary	Buildbot crash output: fuzz-2016-03-11-13630.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2016-03-11-13630.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-03-11-13630.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/001349.cap

Build host information:
Linux wsbb04 3.13.0-79-generic #123-Ubuntu SMP Fri Feb 19 14:27:58 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.4 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=108
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.0/
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_SLAVENAME=fuzz-test
BUILDBOT_GOT_REVISION=e9fe789e0b647b84723c89e333470b2731ff6693

Return value:  0

Dissector bug:  0

Valgrind error count:  11



Git commit
commit e9fe789e0b647b84723c89e333470b2731ff6693
Author: Stig Bjørlykke <[email protected]>
Date:   Thu Mar 10 09:02:28 2016 +0100

    Qt: Check for selected interface in filterEdited()

    Add a check for selected filters in filterEdited() to avoid a
    out-of-bounds index into ui->interfaceTree->selectedItems().

    Bug: 12241
    Bug: 12245
    Change-Id: Ie18fc34a17427dd5330a5a617051cbc061555e0c
    Reviewed-on: https://code.wireshark.org/review/14404
    Reviewed-by: Stig Bjørlykke <[email protected]>
    (cherry picked from commit e13976339be6fa8ee06177b85268d29c81dc7995)
    Reviewed-on: https://code.wireshark.org/review/14405


Command and args: ./tools/valgrind-wireshark.sh 

==15122== Memcheck, a memory error detector
==15122== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==15122== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==15122== Command:
/home/wireshark/builders/wireshark-2.0-fuzz/fuzztest/install/bin/tshark -nr
/fuzz/buildbot/fuzztest/valgrind-fuzz-2.0/fuzz-2016-03-11-13630.pcap
==15122== 
==15122== Conditional jump or move depends on uninitialised value(s)
==15122==    at 0x68665BA: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:148)
==15122==    by 0x6BC20BF: dissect_http_message (packet-http.c:810)
==15122==    by 0x6BC452E: dissect_http (packet-http.c:2958)
==15122==    by 0x68426DE: call_dissector_through_handle (packet.c:618)
==15122==    by 0x6843074: call_dissector_work (packet.c:706)
==15122==    by 0x684386B: dissector_try_uint_new (packet.c:1163)
==15122==    by 0x6F8D415: decode_tcp_ports (packet-tcp.c:4622)
==15122==    by 0x6F8D7CE: process_tcp_payload (packet-tcp.c:4680)
==15122==    by 0x6F8DDB5: desegment_tcp (packet-tcp.c:2270)
==15122==    by 0x6F8DDB5: dissect_tcp_payload (packet-tcp.c:4747)
==15122==    by 0x6F8FC1B: dissect_tcp (packet-tcp.c:5653)
==15122==    by 0x68426A3: call_dissector_through_handle (packet.c:620)
==15122==    by 0x6843074: call_dissector_work (packet.c:706)
==15122== 
==15122== Conditional jump or move depends on uninitialised value(s)
==15122==    at 0x686665F: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:228)
==15122==    by 0x6BC20BF: dissect_http_message (packet-http.c:810)
==15122==    by 0x6BC452E: dissect_http (packet-http.c:2958)
==15122==    by 0x68426DE: call_dissector_through_handle (packet.c:618)
==15122==    by 0x6843074: call_dissector_work (packet.c:706)
==15122==    by 0x684386B: dissector_try_uint_new (packet.c:1163)
==15122==    by 0x6F8D415: decode_tcp_ports (packet-tcp.c:4622)
==15122==    by 0x6F8D7CE: process_tcp_payload (packet-tcp.c:4680)
==15122==    by 0x6F8DDB5: desegment_tcp (packet-tcp.c:2270)
==15122==    by 0x6F8DDB5: dissect_tcp_payload (packet-tcp.c:4747)
==15122==    by 0x6F8FC1B: dissect_tcp (packet-tcp.c:5653)
==15122==    by 0x68426A3: call_dissector_through_handle (packet.c:620)
==15122==    by 0x6843074: call_dissector_work (packet.c:706)
==15122== 
==15122== 
==15122== HEAP SUMMARY:
==15122==     in use at exit: 1,039,809 bytes in 28,334 blocks
==15122==   total heap usage: 238,581 allocs, 210,247 frees, 31,134,024 bytes
allocated
==15122== 
==15122== LEAK SUMMARY:
==15122==    definitely lost: 2,908 bytes in 125 blocks
==15122==    indirectly lost: 36,448 bytes in 48 blocks
==15122==      possibly lost: 0 bytes in 0 blocks
==15122==    still reachable: 1,000,453 bytes in 28,161 blocks
==15122==         suppressed: 0 bytes in 0 blocks
==15122== Rerun with --leak-check=full to see details of leaked memory
==15122== 
==15122== For counts of detected and suppressed errors, rerun with: -v
==15122== Use --track-origins=yes to see where uninitialised values come from
==15122== ERROR SUMMARY: 11 errors from 2 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12253] Buildbot crash output: fuzz-2016-03-11-13630.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12252] DCP-ETSI dissector always declares malformed packet
Next by Date: [Wireshark-bugs] [Bug 12254] New: VoIP calls does not show IAX2 calls
Previous by thread: [Wireshark-bugs] [Bug 12252] DCP-ETSI dissector always declares malformed packet
Next by thread: [Wireshark-bugs] [Bug 12253] Buildbot crash output: fuzz-2016-03-11-13630.pcap
Index(es):
- Date
- Thread