Wireshark-bugs: [Wireshark-bugs] [Bug 10804] New: Buildbot crash output: fuzz-2014-12-22-29952.p
Date: Tue, 23 Dec 2014 17:10:03 +0000
Bug ID 10804
Summary Buildbot crash output: fuzz-2014-12-22-29952.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2014-12-22-29952.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2014-12-22-29952.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/9630-ATLAS_FTAM_TCP_TRACE_2012110713400115.pcap

Build host information:
Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3085
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=b4e90bdc8e5db01a3f38fab97cc1e341288d7c0b

Return value:  0

Dissector bug:  0

Valgrind error count:  124



Git commit
commit b4e90bdc8e5db01a3f38fab97cc1e341288d7c0b
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Sat Dec 20 20:09:00 2014 +0100

    Fix filter test for multifield custom column

    This adds support for "field||field" without spaces.

    Change-Id: Ia738d6642d12a188d1629bbdd9701cc8f8bb7a68
    Reviewed-on: https://code.wireshark.org/review/5922
    Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
    Tested-by: Michal Labedzki <michal.labedzki@tieto.com>


Command and args: ./tools/valgrind-wireshark.sh 

==19904== Memcheck, a memory error detector
==19904== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==19904== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==19904== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-12-22-29952.pcap
==19904== 
==19904== Invalid read of size 1
==19904==    at 0x9B41FE0: g_str_hash (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x9B41568: g_hash_table_lookup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x67CA820: call_ber_oid_callback (packet-ber.c:551)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==    by 0x6F37CAD: dissect_ftam_Create_Attributes (ftam.cnf:170)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==  Address 0x1422e930 is 0 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== Invalid read of size 1
==19904==    at 0x9B41FFD: g_str_hash (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x9B41568: g_hash_table_lookup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x67CA820: call_ber_oid_callback (packet-ber.c:551)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==    by 0x6F37CAD: dissect_ftam_Create_Attributes (ftam.cnf:170)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==  Address 0x1422e931 is 1 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== Invalid read of size 1
==19904==    at 0x4C2E0E2: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x9B6EB02: g_strdup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x66CD660: find_string_dtbl_entry (packet.c:1224)
==19904==    by 0x66CDF66: dissector_try_string (packet.c:1413)
==19904==    by 0x67CA888: call_ber_oid_callback (packet-ber.c:1120)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==  Address 0x1422e930 is 0 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== Invalid read of size 1
==19904==    at 0x4C2E0F4: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x9B6EB02: g_strdup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x66CD660: find_string_dtbl_entry (packet.c:1224)
==19904==    by 0x66CDF66: dissector_try_string (packet.c:1413)
==19904==    by 0x67CA888: call_ber_oid_callback (packet-ber.c:1120)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==  Address 0x1422e931 is 1 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== Invalid read of size 8
==19904==    at 0x4C2F790: memcpy@@GLIBC_2.14 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x9B6EB1C: g_strdup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x66CD660: find_string_dtbl_entry (packet.c:1224)
==19904==    by 0x66CDF66: dissector_try_string (packet.c:1413)
==19904==    by 0x67CA888: call_ber_oid_callback (packet-ber.c:1120)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==  Address 0x1422e930 is 0 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== Invalid read of size 8
==19904==    at 0x4C2F79E: memcpy@@GLIBC_2.14 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x9B6EB1C: g_strdup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x66CD660: find_string_dtbl_entry (packet.c:1224)
==19904==    by 0x66CDF66: dissector_try_string (packet.c:1413)
==19904==    by 0x67CA888: call_ber_oid_callback (packet-ber.c:1120)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==  Address 0x1422e940 is 16 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== Invalid read of size 2
==19904==    at 0x4C2F7E0: memcpy@@GLIBC_2.14 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x9B6EB1C: g_strdup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==19904==    by 0x66CD660: find_string_dtbl_entry (packet.c:1224)
==19904==    by 0x66CDF66: dissector_try_string (packet.c:1413)
==19904==    by 0x67CA888: call_ber_oid_callback (packet-ber.c:1120)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35D1F: dissect_ftam_T_document_type (ftam.cnf:91)
==19904==    by 0x67C9856: dissect_ber_choice (packet-ber.c:2925)
==19904==    by 0x6F351AF: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137)
==19904==    by 0x67CB46C: dissect_ber_sequence (packet-ber.c:2425)
==19904==    by 0x6F35EDF: dissect_ftam_Create_Attributes_U (ftam.cnf:160)
==19904==    by 0x67C898A: dissect_ber_tagged_type (packet-ber.c:717)
==19904==  Address 0x1422e968 is 56 bytes inside a block of size 57 free'd
==19904==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19904==    by 0x66C18A4: emem_free_all (emem.c:1187)
==19904==    by 0x66C2A10: epan_dissect_run_with_taps (epan.c:350)
==19904==    by 0x413833: process_packet (tshark.c:3586)
==19904==    by 0x40C88F: main (tshark.c:3349)
==19904== 
==19904== 
==19904== HEAP SUMMARY:
==19904==     in use at exit: 1,227,979 bytes in 30,530 blocks
==19904==   total heap usage: 981,608 allocs, 951,078 frees, 63,598,399 bytes
allocated
==19904== 
==19904== LEAK SUMMARY:
==19904==    definitely lost: 11,568 bytes in 1,026 blocks
==19904==    indirectly lost: 36,744 bytes in 51 blocks
==19904==      possibly lost: 0 bytes in 0 blocks
==19904==    still reachable: 1,179,667 bytes in 29,453 blocks
==19904==         suppressed: 0 bytes in 0 blocks
==19904== Rerun with --leak-check=full to see details of leaked memory
==19904== 
==19904== For counts of detected and suppressed errors, rerun with: -v
==19904== ERROR SUMMARY: 124 errors from 7 contexts (suppressed: 0 from 0)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.