Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9761] New: Read Access Violation near NULL starting

Wireshark-bugs: [Wireshark-bugs] [Bug 9761] New: Read Access Violation near NULL starting

Date: Fri, 14 Feb 2014 12:15:38 +0000

Bug ID	9761
Summary	Read Access Violation near NULL starting
Classification	Unclassified
Product	Wireshark
Version	1.10.5
Hardware	x86-64
OS	Windows 8
Status	UNCONFIRMED
Severity	Critical
Priority	Low
Component	Wireshark
Assignee	bugzilla-admin@wireshark.org
Reporter	osanda@unseen.is

Build Information:
wireshark 1.10.5 (SVNRev 54262 from /trunk-1.10)

Copyright 1998-2013 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.24.14, with Cairo 1.10.2, with Pango 1.30.1, with
GLib 2.34.1, with WinPcap (4_1_3), with libz 1.2.5, without POSIX capabilities,
without libnl, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.1, without Python,
with GnuTLS 2.12.18, with Gcrypt 1.4.6, with MIT Kerberos, with GeoIP, with
PortAudio V19-devel (built Dec 19 2013), with AirPcap.

Running on 64-bit Windows 8, build 9200, with WinPcap version 4.1.3 (packet.dll
version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008),
GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.
      Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz, with 12240MB of physical
memory.


Built using Microsoft Visual C++ 10.0 build 40219
--
Paste 50000 A chars in the filter input box and it will cause a crash. Tested
on x64 and 32 bit versions.

(ee0.710): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for
C:\Program Files (x86)\Wireshark32\libcairo-2.dll - 
eax=00000000 ebx=04b383f0 ecx=77a12ad2 edx=63d7c6e0 esi=00000000 edi=63d7c6e0
eip=63d11737 esp=0018dd60 ebp=00000000 iopl=0         nv up ei pl nz na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00210206
libcairo_2!cairo_image_surface_get_data+0x7:
63d11737 8138609dd763    cmp     dword ptr [eax],offset
libcairo_2!cairo_tee_surface_index+0xd080 (63d79d60) ds:002b:00000000=????????
0:000> !exploitable

!exploitable 1.6.0.0
Exploitability Classification: PROBABLY_NOT_EXPLOITABLE
Recommended Bug Title: Read Access Violation near NULL starting at
libcairo_2!cairo_image_surface_get_data+0x0000000000000007
(Hash=0xc13b8603.0x3eca6f5e)

This is a user mode read access violation near null, and is probably not
exploitable.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 9761] Read Access Violation near NULL starting
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9761] Null pointer dereference in Cairo if 50, 000 characters pasted into the filter input box
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9761] Null pointer dereference in Cairo if 50, 000 characters pasted into the filter input box
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9728] Lua: ProtoField.bool() VALUESTRING argument is not optional but was supposed to be
Next by Date: [Wireshark-bugs] [Bug 9762] New: Rx ACK packets are displayed with transposed Interface MTU and Max MTU fields
Previous by thread: [Wireshark-bugs] [Bug 9760] New: Buildbot crash output: fuzz-2014-02-13-31707.pcap
Next by thread: [Wireshark-bugs] [Bug 9761] Read Access Violation near NULL starting
Index(es):
- Date
- Thread