Wireshark-bugs: [Wireshark-bugs] [Bug 12095] New: Buildbot crash output: fuzz-2016-02-07-22010.p
Date: Sun, 07 Feb 2016 13:40:02 +0000
Bug ID | 12095 |
---|---|
Summary | Buildbot crash output: fuzz-2016-02-07-22010.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-02-07-22010.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | bugzilla-admin@wireshark.org |
Reporter | buildbot-do-not-reply@wireshark.org |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-02-07-22010.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/10619-80211ad.pcap Build host information: Linux wsbb04 3.13.0-74-generic #118-Ubuntu SMP Thu Dec 17 22:52:10 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark BUILDBOT_BUILDNUMBER=3493 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=f87c2616c490ebfbfabe9ed628da662f1473d065 Return value: 1 Dissector bug: 0 Valgrind error count: 0 Git commit commit f87c2616c490ebfbfabe9ed628da662f1473d065 Author: Martin Kaiser <wireshark@kaiser.cx> Date: Sat Feb 6 10:53:22 2016 +0100 ndps: don't THROW() an exception from a dissector if we just return the offset, there's no need to check for overflows the caller continues dissection from the returned offset if the offset is invalid, the core routines will throw an exception if we call proto_item_set_end() with the calculated offset, we can do the range check using tvb_ensure_bytes_exist() Change-Id: I0e2a7b2a866596eda0d7ed4a948fbea8ed084845 Reviewed-on: https://code.wireshark.org/review/13792 Reviewed-by: Martin Kaiser <wireshark@kaiser.cx> Command and args: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nVxr ================================================================= ==28449==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f1a839b9010 at pc 0x7f1a81caa85d bp 0x7ffe0dded720 sp 0x7ffe0dded718 READ of size 4 at 0x7f1a839b9010 thread T0 #0 0x7f1a81caa85c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x799885c) #1 0x7f1a816434a1 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73314a1) #2 0x7f1a8164157c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732f57c) #3 0x7f1a81cb08f7 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x799e8f7) #4 0x7f1a816434a1 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73314a1) #5 0x7f1a8164313a (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x733113a) #6 0x7f1a81b795d5 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x78675d5) #7 0x7f1a816434a1 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73314a1) #8 0x7f1a8164157c (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732f57c) #9 0x7f1a81640d98 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x732ed98) #10 0x7f1a816214fe (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x730f4fe) #11 0x501145 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x501145) #12 0x4fb96b (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4fb96b) #13 0x7f1a76f50ec4 (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4) #14 0x43fc26 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x43fc26) 0x7f1a839b9010 is located 48 bytes to the left of global variable 'Nhteltf' defined in 'packet-ieee80211-radio.c:705:30' (0x7f1a839b9040) of size 16 0x7f1a839b9010 is located 0 bytes to the right of global variable 'Nhtdltf' defined in 'packet-ieee80211-radio.c:704:30' (0x7f1a839b9000) of size 16 Shadow bytes around the buggy address: 0x0fe3d072f1b0: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 0x0fe3d072f1c0: 00 f9 f9 f9 f9 f9 f9 f9 00 04 f9 f9 f9 f9 f9 f9 0x0fe3d072f1d0: 00 03 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 0x0fe3d072f1e0: 00 02 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 0x0fe3d072f1f0: 03 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 =>0x0fe3d072f200: 00 00[f9]f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 0x0fe3d072f210: 00 00 00 00 00 00 00 00 00 05 f9 f9 f9 f9 f9 f9 0x0fe3d072f220: 00 00 00 00 00 00 00 00 00 05 f9 f9 f9 f9 f9 f9 0x0fe3d072f230: 06 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 0x0fe3d072f240: 05 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 0x0fe3d072f250: 05 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==28449==ABORTING [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12095] Buildbot crash output: fuzz-2016-02-07-22010.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12095] Buildbot crash output: fuzz-2016-02-07-22010.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12094] New: Unknown SSLv2 ciphers in wireshark gui
- Next by Date: [Wireshark-bugs] [Bug 12096] New: Leak in preference subsystem (using obsolete type)
- Previous by thread: [Wireshark-bugs] [Bug 12094] Unknown SSLv2 ciphers in wireshark gui
- Next by thread: [Wireshark-bugs] [Bug 12095] Buildbot crash output: fuzz-2016-02-07-22010.pcap
- Index(es):