Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12804] New: Version 2.0.5 fast memory leak

Wireshark-bugs: [Wireshark-bugs] [Bug 12804] New: Version 2.0.5 fast memory leak

Date: Wed, 31 Aug 2016 22:44:16 +0000

Bug ID	12804
Summary	Version 2.0.5 fast memory leak
Product	Wireshark
Version	unspecified
Hardware	x86
OS	Windows 7
Status	UNCONFIRMED
Severity	Major
Priority	Low
Component	Qt UI
Assignee	bugzilla-admin@wireshark.org
Reporter	patrick.sullivan3@emc.com

Build Information:
Version 2.0.5 (v2.0.5-0-ga3be9c6 from master-2.0)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale
English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz (with SSE4.2), with 7879MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629
--
When opening the attached packet capture with either qt or gtk I see the memory
for the wireshark process quickly escalate. I narrowed it down to a single
packet that seems to represent the issue and will attach that after submission. 

here is the packet:
c:\Users\pat\Downloads\bad_packs\really_really_bad\the_worst_packet>tshark -
r bad_packet_00003_20160829071957.pcap -O ssl
Frame 1: 125 bytes on wire (1000 bits), 125 bytes captured (1000 bits) on
interf
ace 0
Ethernet II, Src: 00:60:16:79:55:00, Dst: 54:52:00:f0:00:f0
Internet Protocol Version 4, Src: 10.101.109.37, Dst: 10.101.108.108
Transmission Control Protocol, Src Port: 443 (443), Dst Port: 42518 (42518),
Seq
: 1, Ack: 1, Len: 59
Secure Sockets Layer
    TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
        Content Type: Change Cipher Spec (20)
        Version: TLS 1.0 (0x0301)
        Length: 1
        Change Cipher Spec Message
    TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 48
        Handshake Protocol: Encrypted Handshake Message

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12804] Version 2.0.5 fast memory leak
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12804] Version 2.0.5 maybe TLS dissector having problems. Single packet causes 200MB+ of memory usage
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12803] New: The value of 'Rel start' and 'Duration' in "Conversations" no need too precise
Next by Date: [Wireshark-bugs] [Bug 12804] Version 2.0.5 fast memory leak
Previous by thread: [Wireshark-bugs] [Bug 12803] New: The value of 'Rel start' and 'Duration' in "Conversations" no need too precise
Next by thread: [Wireshark-bugs] [Bug 12804] Version 2.0.5 fast memory leak
Index(es):
- Date
- Thread