Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10585] New: Buildbot crash output: fuzz-2014-10-18-27943.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 10585] New: Buildbot crash output: fuzz-2014-10-18-27943.p

Date: Sat, 18 Oct 2014 22:40:02 +0000

Bug ID	10585
Summary	Buildbot crash output: fuzz-2014-10-18-27943.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2014-10-18-27943.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2014-10-18-27943.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/12694-AllJoynSample1.pcapng

Build host information:
Linux wsbb04 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3004
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=44d4339eb335b6d6f7a8ffad6846e82aba90b233

Return value:  0

Dissector bug:  0

Valgrind error count:  77



Git commit
commit 44d4339eb335b6d6f7a8ffad6846e82aba90b233
Author: Guy Harris <guy@alum.mit.edu>
Date:   Thu Oct 16 23:20:52 2014 -0700

    Don't use <ctype.h> macros, and eliminate an include of <ctype.h>.

    This avoids locale-dependent tests, and fixes cases where we passed
    signed char values to those macros (which is not safe with char being
    signed, as it is on most, but not all, platforms).

    Change-Id: I51d9716fe3eb02a6e98208334285c07597a6be79
    Reviewed-on: https://code.wireshark.org/review/4761
    Reviewed-by: Guy Harris <guy@alum.mit.edu>


Command and args: ./tools/valgrind-wireshark.sh 

==26137== Memcheck, a memory error detector
==26137== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26137== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==26137== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-10-18-27943.pcap
==26137== 
==26137== Invalid read of size 1
==26137==    at 0x6719DBD: parse_arg (packet-alljoyn.c:1180)
==26137==    by 0x671AA49: dissect_AllJoyn_message (packet-alljoyn.c:1387)
==26137==    by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137==    by 0x668DA94: call_dissector_work (packet.c:713)
==26137==    by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137==    by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137==    by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137==    by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137==    by 0x6D8C3AB: dissect_tcp (packet-tcp.c:5000)
==26137==    by 0x668D173: call_dissector_through_handle (packet.c:626)
==26137==    by 0x668DA94: call_dissector_work (packet.c:713)
==26137==    by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137==  Address 0x11adc923 is 0 bytes after a block of size 3 alloc'd
==26137==    at 0x4C2CE8E: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26137==    by 0x9AC16AE: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==26137==    by 0x71B3F70: wmem_simple_realloc (wmem_allocator_simple.c:90)
==26137==    by 0x71B552C: wmem_strbuf_finalize (wmem_strbuf.c:252)
==26137==    by 0x67197E8: parse_arg (packet-alljoyn.c:940)
==26137==    by 0x671A8EB: dissect_AllJoyn_message (packet-alljoyn.c:1288)
==26137==    by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137==    by 0x668DA94: call_dissector_work (packet.c:713)
==26137==    by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137==    by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137==    by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137==    by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137== 
==26137== Invalid read of size 1
==26137==    at 0x6719D97: parse_arg (packet-alljoyn.c:1181)
==26137==    by 0x671AA49: dissect_AllJoyn_message (packet-alljoyn.c:1387)
==26137==    by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137==    by 0x668DA94: call_dissector_work (packet.c:713)
==26137==    by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137==    by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137==    by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137==    by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137==    by 0x6D8C3AB: dissect_tcp (packet-tcp.c:5000)
==26137==    by 0x668D173: call_dissector_through_handle (packet.c:626)
==26137==    by 0x668DA94: call_dissector_work (packet.c:713)
==26137==    by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137==  Address 0x11adc923 is 0 bytes after a block of size 3 alloc'd
==26137==    at 0x4C2CE8E: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26137==    by 0x9AC16AE: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==26137==    by 0x71B3F70: wmem_simple_realloc (wmem_allocator_simple.c:90)
==26137==    by 0x71B552C: wmem_strbuf_finalize (wmem_strbuf.c:252)
==26137==    by 0x67197E8: parse_arg (packet-alljoyn.c:940)
==26137==    by 0x671A8EB: dissect_AllJoyn_message (packet-alljoyn.c:1288)
==26137==    by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137==    by 0x668DA94: call_dissector_work (packet.c:713)
==26137==    by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137==    by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137==    by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137==    by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137== 
==26137== 
==26137== HEAP SUMMARY:
==26137==     in use at exit: 1,216,345 bytes in 29,624 blocks
==26137==   total heap usage: 226,517 allocs, 196,893 frees, 28,677,589 bytes
allocated
==26137== 
==26137== LEAK SUMMARY:
==26137==    definitely lost: 5,385 bytes in 165 blocks
==26137==    indirectly lost: 36,648 bytes in 49 blocks
==26137==      possibly lost: 0 bytes in 0 blocks
==26137==    still reachable: 1,174,312 bytes in 29,410 blocks
==26137==         suppressed: 0 bytes in 0 blocks
==26137== Rerun with --leak-check=full to see details of leaked memory
==26137== 
==26137== For counts of detected and suppressed errors, rerun with: -v
==26137== ERROR SUMMARY: 77 errors from 2 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 10585] Buildbot crash output: fuzz-2014-10-18-27943.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10585] Buildbot crash output: fuzz-2014-10-18-27943.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10585] Buildbot crash output: fuzz-2014-10-18-27943.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10585] Buildbot crash output: fuzz-2014-10-18-27943.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10585] Buildbot crash output: fuzz-2014-10-18-27943.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10584] New: Buildbot crash output: fuzz-2014-10-18-14589.pcap
Next by Date: [Wireshark-bugs] [Bug 10586] New: Buildbot crash output: fuzz-2014-10-19-4259.pcap
Previous by thread: [Wireshark-bugs] [Bug 10584] Buildbot crash output: fuzz-2014-10-18-14589.pcap
Next by thread: [Wireshark-bugs] [Bug 10585] Buildbot crash output: fuzz-2014-10-18-27943.pcap
Index(es):
- Date
- Thread