Wireshark-bugs: [Wireshark-bugs] [Bug 10896] New: Filtering for an LLC protocol during a live ca
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 27 Jan 2015 01:32:24 +0000
Bug ID 10896
Summary Filtering for an LLC protocol during a live capture causes eventual crash
Product Wireshark
Version 1.99.x (Experimental)
Hardware x86-64
OS All
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter sean.stalley@intel.com 

Build Information:
Wireshark 1.99.2 (v1.99.1rc0-1754-ga835c85 from unknown)

Copyright 1998-2015 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.2.1, with libpcap, with POSIX capabilities (Linux),
without libnl, with libz 1.2.8, with GLib 2.40.2, with SMI 0.4.8, with c-ares
1.10.0, with Lua 5.2, with GnuTLS 2.12.23, with Gcrypt 1.5.3, with MIT
Kerberos,
with GeoIP, without PortAudio, with AirPcap.

Running on Linux 3.13.0-40-generic, with locale en_US.UTF-8, with libpcap
version 1.5.3, with libz 1.2.8, with GnuTLS 2.12.23, with Gcrypt 1.5.3, without
AirPcap.
       Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz (with SSE4.2)

Built using gcc 4.8.2.
--
Directions to replicate:
1.) start a live capture of network traffic in wireshark
2.) filter for a protocol that uses llc_add_oui (mausb, btl2cap, hpteam, etc.)
    It doesn't matter if the filter finds traffic or not.
3.) wait for crash

I've seen this issue in both a Windows & Ubuntu Build (using Qt).
Wireshark doesn't crash immediately, and crashes in different locations, which
makes me think it's likely caused by corrupted memory.

This seems to be the most common crash location: 
ERROR:wmem_core.c:50:wmem_alloc: assertion failed: (allocator->in_scope)
Aborted (core dumped)

I am unsure what component is causing this crash. Let me know if there is any
additional info that would be useful. I will be happy to provide.

You are receiving this mail because:
  • You are watching all bug changes.