Wireshark-bugs: [Wireshark-bugs] [Bug 6491] Buildbot crash output: fuzz-2011-10-26-3561.pcap
Date: Wed, 26 Oct 2011 17:56:28 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6491

--- Comment #6 from Bill Meier <wmeier@xxxxxxxxxxx> 2011-10-26 20:56:27 EDT ---
(In reply to comment #2)
> Now that my tshark is working, this appears to not be the same as 6485:
> 
> <snip>

Yep: The crash is in the memcpy near line 3640 in packet-cip.c (obtained from a
gdb backtrace with a tshark built with -O0).

#0  0x00c4b553 in dissect_cip_generic_service_rsp (tvb=0x8c308c0,
pinfo=0xbff5d4a4, tree=0xb787e888) at packet-cip.c:3640


Totally garbage pointers in struct

(gdb) p    *preq_info
$13 = {dissector = 0xbaddcafe, bService = 254 '\376', IOILen = 3135097598, pIOI
= 0xbaddcafe, pData = 0xbaddcafe, ciaData = 0xbaddcafe}

   {
      memcpy(&req_data, preq_info->ciaData, sizeof(cip_simple_request_info_t));
   }

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.