Wireshark-bugs: [Wireshark-bugs] [Bug 12430] New: Tshark crashes when analyzing rtp due to point
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 11 May 2016 17:19:14 +0000
Bug ID 12430
Summary Tshark crashes when analyzing rtp due to pointer being freed not allocated
Product Wireshark
Version 2.0.3
Hardware x86
OS Mac OS X 10.10
Status UNCONFIRMED
Severity Major
Priority Low
Component TShark
Assignee bugzilla-admin@wireshark.org
Reporter joseph.letizia@meraki.net 

Build Information:
TShark (Wireshark) 2.0.3 (v2.0.3-0-geed34f0 from master-2.0)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, with libz 1.2.5,
with GLib 2.36.0, with SMI 0.4.8, with c-ares 1.10.0, with Lua 5.2, with GnuTLS
2.12.19, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP.

Running on Mac OS X 10.10.5, build 14F27 (Darwin 14.5.0), with locale
en_US.UTF-8, with libpcap version 1.5.3 - Apple version 47, with libz 1.2.5,
with GnuTLS 2.12.19, with Gcrypt 1.5.0.
Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz (with SSE4.2)

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build
2336.9.00).
--
This issue does not occur on v1.12.11-0-gc74c83c from master-1.12.

On 2.0.3 we see the following (tshark crash after 1 stream gets analyzed).
Tried on both OSX 10.10.5 and 10.9.4

➜  /tmp tshark -r airportSniffeNm8ap.cap -d udp.port==19594,rtp -q -z
rtp,streams
========================= RTP Streams ========================
    Src IP addr  Port    Dest IP addr  Port       SSRC          Payload  Pkts  
      Lost   Max Delta(ms)  Max Jitter(ms) Mean Jitter(ms) Problems?
    10.0.10.201 19594     10.0.10.241 19888 0xE417259E ITU-T G.711 PCMU   608  
-84 (-16.0%)         1015.20      4825098.23       131079.30 X
tshark(53115,0x7fff7cb35300) malloc: *** error for object 0x7fc912a76b60:
pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug
[1]    53115 abort      tshark -r airportSniffeNm8ap.cap -d udp.port==19594,rtp
-q -z rtp,streams

Expected output as seen on 1.12.11 is as follows:

➜  /tmp tshark -r airportSniffeNm8ap.cap -d udp.port==19594,rtp -q -z
rtp,streams
========================= RTP Streams ========================
    Src IP addr  Port    Dest IP addr  Port       SSRC          Payload  Pkts  
      Lost   Max Delta(ms)  Max Jitter(ms) Mean Jitter(ms) Problems?
    10.0.10.201 19594     10.0.10.241 19888 0xE417259E ITU-T G.711 PCMU   608  
-83 (-15.8%)         1015.20      4825098.23       131295.25 X
    10.0.10.241 19888     10.0.10.201 19594 0x5767C015 ITU-T G.711 PCMU   974  
-10 (-1.0%)          375.14           45.01            8.23 X
    10.0.10.201 19594     10.0.10.241 19888 0xF1E49EE0 ITU-T G.711 PCMU     1  
  0 (0.0%)            0.00            0.00            0.00
    10.0.10.241 19888     10.0.10.201 19594 0x576700F9 ITU-T G.711 PCMU     1  
  0 (0.0%)            0.00            0.00            0.00
    10.0.10.241 19888     10.0.10.201 19594 0x6560C015 ITU-T G.711 PCMU     1  
  0 (0.0%)            0.00            0.00            0.00
    10.0.10.241 19888     10.0.10.201 19594 0xD319C015 ITU-T G.711 PCMU     1  
  0 (0.0%)            0.00            0.00            0.00
    10.0.10.241 19888     10.0.10.201 19594 0x5167C015 ITU-T G.711 PCMU     1  
  0 (0.0%)            0.00            0.00            0.00
==============================================================

You are receiving this mail because:
  • You are watching all bug changes.