Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12467] New: Buildbot crash output: fuzz-2016-05-21-10834.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 12467] New: Buildbot crash output: fuzz-2016-05-21-10834.p

Date: Sun, 22 May 2016 09:50:03 +0000

Bug ID	12467
Summary	Buildbot crash output: fuzz-2016-05-21-10834.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2016-05-21-10834.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-05-21-10834.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/14549-asan_heap-oob_4557e4_4089_48b71f6d4c1deccaae1d67a233556e69931a551c78d36c34.cap

Build host information:
Linux wsbb04 3.13.0-85-generic #129-Ubuntu SMP Thu Mar 17 20:50:15 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.4 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=132
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.0/
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_SLAVENAME=fuzz-test
BUILDBOT_GOT_REVISION=32b28101f102e864fa117e35413ead31a36ab94c

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 32b28101f102e864fa117e35413ead31a36ab94c
Author: AndersBroman <anders.broman@ericsson.com>
Date:   Wed Apr 6 17:25:18 2016 +0200

    [MSVC2015] Fix finding of vcredist when using MSVC2015.

    Change-Id: I23ddc8c7601e61c7c092a258e4e540bc475e020a
    Reviewed-on: https://code.wireshark.org/review/14831
    Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
    Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
    Reviewed-by: Anders Broman <a.broman58@gmail.com>
    (cherry picked from commit 5601d6057b9717cd415bfda75b58cc0aa1248cbc)
    Reviewed-on: https://code.wireshark.org/review/15507


Command and args: ./tools/valgrind-wireshark.sh 

==26444== Memcheck, a memory error detector
==26444== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26444== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==26444== Command:
/home/wireshark/builders/wireshark-2.0-fuzz/fuzztest/install/bin/tshark -nr
/fuzz/buildbot/fuzztest/valgrind-fuzz-2.0/fuzz-2016-05-21-10834.pcap
==26444== 
==26444== Conditional jump or move depends on uninitialised value(s)
==26444==    at 0x6889E0C: AirPDcapDecryptWPABroadcastKey (airpdcap.c:318)
==26444==    by 0x688A3D2: AirPDcapRsna4WHandshake (airpdcap.c:1405)
==26444==    by 0x688AB72: AirPDcapScanForKeys (airpdcap.c:564)
==26444==    by 0x688AD9F: AirPDcapPacketProcess (airpdcap.c:696)
==26444==    by 0x6C08212: dissect_ieee80211_common (packet-ieee80211.c:17815)
==26444==    by 0x6C0A065: dissect_ieee80211 (packet-ieee80211.c:18423)
==26444==    by 0x684688E: call_dissector_through_handle (packet.c:618)
==26444==    by 0x6847224: call_dissector_work (packet.c:706)
==26444==    by 0x6847A1B: dissector_try_uint_new (packet.c:1163)
==26444==    by 0x6B1A645: dissect_frame (packet-frame.c:499)
==26444==    by 0x684688E: call_dissector_through_handle (packet.c:618)
==26444==    by 0x6847224: call_dissector_work (packet.c:706)
==26444== 
==26444== 
==26444== HEAP SUMMARY:
==26444==     in use at exit: 1,039,567 bytes in 28,330 blocks
==26444==   total heap usage: 239,419 allocs, 211,089 frees, 31,160,630 bytes
allocated
==26444== 
==26444== LEAK SUMMARY:
==26444==    definitely lost: 2,908 bytes in 125 blocks
==26444==    indirectly lost: 36,448 bytes in 48 blocks
==26444==      possibly lost: 0 bytes in 0 blocks
==26444==    still reachable: 1,000,211 bytes in 28,157 blocks
==26444==         suppressed: 0 bytes in 0 blocks
==26444== Rerun with --leak-check=full to see details of leaked memory
==26444== 
==26444== For counts of detected and suppressed errors, rerun with: -v
==26444== Use --track-origins=yes to see where uninitialised values come from
==26444== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12467] Buildbot crash output: fuzz-2016-05-21-10834.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10335] 1.12.0 does not dissect HTTP correctly
Next by Date: [Wireshark-bugs] [Bug 12454] Buildbot crash output: fuzz-2016-05-17-11817.pcap
Previous by thread: [Wireshark-bugs] [Bug 10335] 1.12.0 does not dissect HTTP correctly
Next by thread: [Wireshark-bugs] [Bug 12467] Buildbot crash output: fuzz-2016-05-21-10834.pcap
Index(es):
- Date
- Thread