Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 8456] Buildbot crash output: fuzz-2013-03-10-3098.pcap

[bugzilla-daemon@xxxxxxxxxxxxx]

Evan Huus changed bug 8456

What	Removed	Added
CC		eapache@gmail.com

Comment # 1 on bug 8456 from Evan Huus

Valgrind gives the following:

==4703== Invalid read of size 4
==4703==    at 0x697EAB4: dissect_create_file_response (packet-smb.c:3868)
==4703==    by 0x697770E: dissect_smb_command (packet-smb.c:17310)
==4703==    by 0x69783D7: dissect_smb (packet-smb.c:18418)
==4703==    by 0x6978AA3: dissect_smb_heur (packet-smb.c:18467)
==4703==    by 0x6380B2F: dissector_try_heuristic (packet.c:1804)
==4703==    by 0x68055A3: dissect_netbios_payload (packet-netbios.c:1056)
==4703==    by 0x67D04AD: dissect_nbss_packet (packet-nbns.c:1623)
==4703==    by 0x67D068A: dissect_nbss (packet-nbns.c:1827)
==4703==    by 0x637ECC7: call_dissector_through_handle (packet.c:458)
==4703==    by 0x637F4EC: call_dissector_work (packet.c:549)
==4703==    by 0x637FD3F: dissector_try_uint_new (packet.c:966)
==4703==    by 0x637FD96: dissector_try_uint (packet.c:992)
==4703==    by 0x69D4A66: decode_tcp_ports (packet-tcp.c:3954)
==4703==    by 0x69D4E61: process_tcp_payload (packet-tcp.c:4013)
==4703==    by 0x69D5433: dissect_tcp_payload (packet-tcp.c:1837)
==4703==    by 0x69D6DFC: dissect_tcp (packet-tcp.c:4853)
==4703==    by 0x637ECC7: call_dissector_through_handle (packet.c:458)
==4703==    by 0x637F4EC: call_dissector_work (packet.c:549)
==4703==    by 0x637FD3F: dissector_try_uint_new (packet.c:966)
==4703==    by 0x637FD96: dissector_try_uint (packet.c:992)
==4703==    by 0x66FF45F: dissect_ip (packet-ip.c:2413)
==4703==    by 0x637ECC7: call_dissector_through_handle (packet.c:458)
==4703==    by 0x637F4EC: call_dissector_work (packet.c:549)
==4703==    by 0x637FD3F: dissector_try_uint_new (packet.c:966)
==4703==    by 0x637FD96: dissector_try_uint (packet.c:992)
==4703==    by 0x65D7DAE: ethertype (packet-ethertype.c:276)
==4703==    by 0x65D6848: dissect_eth_common (packet-eth.c:401)
==4703==    by 0x637ECC7: call_dissector_through_handle (packet.c:458)
==4703==    by 0x637F4EC: call_dissector_work (packet.c:549)
==4703==    by 0x637FD3F: dissector_try_uint_new (packet.c:966)
==4703==    by 0x637FD96: dissector_try_uint (packet.c:992)
==4703==    by 0x660B29F: dissect_frame (packet-frame.c:470)
==4703==    by 0x637ECC7: call_dissector_through_handle (packet.c:458)
==4703==    by 0x637F4EC: call_dissector_work (packet.c:549)
==4703==    by 0x6381270: call_dissector_with_data (packet.c:2073)
==4703==    by 0x638160F: dissect_packet (packet.c:392)
==4703==    by 0x63758BB: epan_dissect_run_with_taps (epan.c:217)
==4703==    by 0x418DD6: process_packet (tshark.c:3197)
==4703==    by 0x40B5F1: main (tshark.c:2994)
==4703==  Address 0x10 is not stack'd, malloc'd or (recently) free'd

It crashes immediately after with exactly the same stack trace (down to the
line number).

---

      You are receiving this mail because:

• You are watching all bug changes.