Wireshark-bugs: [Wireshark-bugs] [Bug 13158] New: Buildbot crash output: fuzz-2016-11-19-26937.p
Date: Sat, 19 Nov 2016 21:30:03 +0000
Bug ID 13158
Summary Buildbot crash output: fuzz-2016-11-19-26937.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2016-11-19-26937.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-11-19-26937.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/11275-cops-fuzz-test.pcap

Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:    16.04
Codename:    xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3785
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=231ad4f6ff1dc675947739a107bd639a67b7cd35

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 231ad4f6ff1dc675947739a107bd639a67b7cd35
Author: Dario Lombardo <lomato@gmail.com>
Date:   Thu Nov 10 10:35:56 2016 +0100

    cpack: improve source tarball generation by adding the "dist" target.

    The source package must not contain compiled objects. If the build dir
    is under the source tree, it is included too. By excluding /build/ we
    avoid to add every build dir, but if the build dir doesn't contain
    build the problem still persist.

    Change-Id: I75021565c058c1a93945f43b9b49cb3d04c960d4
    Reviewed-on: https://code.wireshark.org/review/18729
    Reviewed-by: Peter Wu <peter@lekensteyn.nl>
    Reviewed-by: Dario Lombardo <lomato@gmail.com>


==19229== Memcheck, a memory error detector
==19229== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==19229== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==19229== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-11-19-26937.pcap
==19229== 
==19229== Conditional jump or move depends on uninitialised value(s)
==19229==    at 0x6B99BE4: dissect_cops_pdu (packet-cops.c:1102)
==19229==    by 0x7189535: tcp_dissect_pdus (packet-tcp.c:3468)
==19229==    by 0x6B985B1: dissect_cops (packet-cops.c:1134)
==19229==    by 0x69AA215: call_dissector_through_handle (packet.c:650)
==19229==    by 0x69AA215: call_dissector_work (packet.c:725)
==19229==    by 0x69AA0DE: dissector_try_uint_new (packet.c:1290)
==19229==    by 0x7189A4F: decode_tcp_ports (packet-tcp.c:5420)
==19229==    by 0x718AD6F: process_tcp_payload (packet-tcp.c:5483)
==19229==    by 0x718A2C8: desegment_tcp (packet-tcp.c:2990)
==19229==    by 0x718A2C8: dissect_tcp_payload (packet-tcp.c:5550)
==19229==    by 0x718EE9C: dissect_tcp (packet-tcp.c:6434)
==19229==    by 0x69AA215: call_dissector_through_handle (packet.c:650)
==19229==    by 0x69AA215: call_dissector_work (packet.c:725)
==19229==    by 0x69AA0DE: dissector_try_uint_new (packet.c:1290)
==19229==    by 0x6DDAA72: ip_try_dissect (packet-ip.c:1978)
==19229==    by 0x6DDAA72: dissect_ip_v4 (packet-ip.c:2441)
==19229== 
==19229== 
==19229== HEAP SUMMARY:
==19229==     in use at exit: 6,085,744 bytes in 9,729 blocks
==19229==   total heap usage: 265,963 allocs, 256,234 frees, 37,348,348 bytes
allocated
==19229== 
==19229== LEAK SUMMARY:
==19229==    definitely lost: 504 bytes in 91 blocks
==19229==    indirectly lost: 640 bytes in 5 blocks
==19229==      possibly lost: 0 bytes in 0 blocks
==19229==    still reachable: 6,084,600 bytes in 9,633 blocks
==19229==         suppressed: 0 bytes in 0 blocks
==19229== Rerun with --leak-check=full to see details of leaked memory
==19229== 
==19229== For counts of detected and suppressed errors, rerun with: -v
==19229== Use --track-origins=yes to see where uninitialised values come from
==19229== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.