[Wireshark-bugs] [Bug 13652] Import latest Ixia Veriwave code where appropriate

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13652

Michael Mann  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |IN_PROGRESS
 CC||mman...@netscape.net

--- Comment #3 from Michael Mann  ---
(In reply to Jörg Mayer from comment #2)
> I looked at the patch and while some of it might be applicable, they will
> need to be selected manually and especially the real veriwave specific
> changes need to be found and applied manually - as we changed these files
> significantly.

Do you have capture files to verify against?  There's definitely some
hacks/reverse engineering in the code.  I've started to clean it up, but I
don't know how to test.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13664] New: [oss-fuzz] ASAN: heap-buffer-overflow (run/tshark+0x103147) in __interceptor_strncmp.part.74

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13664

Bug ID: 13664
   Summary: [oss-fuzz] ASAN: heap-buffer-overflow
(run/tshark+0x103147) in __interceptor_strncmp.part.74
   Product: Wireshark
   Version: Git
  Hardware: x86-64
   URL: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=
1273
OS: Linux (other)
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pe...@lekensteyn.nl
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.3.0 (v2.3.0rc0-3288-gcd58e676bd)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.50.3, with zlib 1.2.11, without SMI, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.5.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP,
with nghttp2 1.20.0, with LZ4, with Snappy, with libxml2 2.9.4.

Running on Linux 4.10.9-1-ARCH, with Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
(with SSE4.2), with 31996 MB of physical memory, with locale C, with libpcap
version 1.8.1, with GnuTLS 3.5.11, with Gcrypt 1.7.6, with zlib 1.2.11.

Built using clang 4.2.1 Compatible Clang 4.0.0 (tags/RELEASE_400/final).
--
A problem was found by the oss-fuzz project:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1273

Attached is the sample that triggers this error which can be reproduced with an
ASAN+UBSAN build of Wireshark ("tshark -Vr test.pcap").
--
=
==18029==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x61300f8b at pc 0x55af63d1f148 bp 0x7ffd436ff240 sp 0x7ffd436fe9f0
READ of size 2 at 0x61300f8b thread T0
#0 0x55af63d1f147 in __interceptor_strncmp.part.74 (run/tshark+0x103147)
#1 0x7fd77ca0a592 in dissect_packetcable_bsdpd_vendor_info_heur
epan/dissectors/packet-bootp.c:4043:4
#2 0x7fd7802e6475 in dissector_try_heuristic epan/packet.c:2617:7
#3 0x7fd77c9ffbab in dissect_bootpopt_vendor_specific_info
epan/dissectors/packet-bootp.c:1962:7
#4 0x7fd7802ef31d in call_dissector_through_handle epan/packet.c:684:8
#5 0x7fd7802d9b1f in call_dissector_work epan/packet.c:759:9
#6 0x7fd7802d8b3d in dissector_try_uint_new epan/packet.c:1329:8
#7 0x7fd77ca0e024 in bootp_option epan/dissectors/packet-bootp.c:1910:7
#8 0x7fd77ca007af in dissect_bootpopt_option_overload
epan/dissectors/packet-bootp.c:2001:18
#9 0x7fd7802ef31d in call_dissector_through_handle epan/packet.c:684:8
#10 0x7fd7802d9b1f in call_dissector_work epan/packet.c:759:9
#11 0x7fd7802d8b3d in dissector_try_uint_new epan/packet.c:1329:8
#12 0x7fd77ca0e024 in bootp_option epan/dissectors/packet-bootp.c:1910:7
#13 0x7fd77c9fe192 in dissect_bootp epan/dissectors/packet-bootp.c:6283:18
#14 0x7fd7802ef31d in call_dissector_through_handle epan/packet.c:684:8
#15 0x7fd7802d9b1f in call_dissector_work epan/packet.c:759:9
#16 0x7fd7802d8b3d in dissector_try_uint_new epan/packet.c:1329:8
#17 0x7fd77d2bc722 in dissect_exported_pdu
epan/dissectors/packet-exported_pdu.c:307:17
#18 0x7fd7802ef31d in call_dissector_through_handle epan/packet.c:684:8
#19 0x7fd7802d9b1f in call_dissector_work epan/packet.c:759:9
#20 0x7fd7802d8b3d in dissector_try_uint_new epan/packet.c:1329:8
#21 0x7fd77d3da8b7 in dissect_frame epan/dissectors/packet-frame.c:521:11
#22 0x7fd7802ef31d in call_dissector_through_handle epan/packet.c:684:8
#23 0x7fd7802d9b1f in call_dissector_work epan/packet.c:759:9
#24 0x7fd7802e8737 in call_dissector_only epan/packet.c:2992:8
#25 0x7fd7802d08e4 in call_dissector_with_data epan/packet.c:3005:8
#26 0x7fd7802cf904 in dissect_record epan/packet.c:567:3
#27 0x7fd780267c48 in epan_dissect_run_with_taps epan/epan.c:474:2
#28 0x55af63e126c6 in process_packet_single_pass tshark.c:3421:5
#29 0x55af63e0b821 in process_cap_file tshark.c:3250:11
#30 0x55af63e03549 in main tshark.c:1955:17
#31 0x7fd771d92510 in __libc_start_main (/usr/lib/libc.so.6+0x20510)
#32 0x55af63cf04f9 in _start (run/tshark+0xd44f9)

0x61300f8b is located 0 bytes to the right of 331-byte region
[0x61300e40,0x61300f8b)
allocated by thread T0 here:
#0 0x55af63da6300 in realloc (run/tshark+0x18a300)
#1 0x7fd7727a2d47 in g_realloc /build/src/glib/glib/gmem.c:159
#2 0x7fd7731ea388 in wtap_read_packet_bytes wiretap/wtap.c:1349:2
#3 0x7fd772f713f0 in libpcap_read_packet wiretap/libpcap.c:729:7
#4 0x7fd772f66527 

[Wireshark-bugs] [Bug 13664] [oss-fuzz] ASAN: heap-buffer-overflow (run/tshark+0x103147) in __interceptor_strncmp.part.74

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13664

--- Comment #1 from Peter Wu  ---
Created attachment 15505
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15505=edit
Packet capture file

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13588] libfuzzer: isup dissector bug (isup.number_different_meaning)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13588

--- Comment #2 from Gerrit Code Review  ---
Change 21340 had a related patch set uploaded by Pascal Quantin:
ISUP: restore number indicators2 display like what was done in master-1.12

https://code.wireshark.org/review/21340

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #13 from Christopher Maynard  ---
(In reply to Christopher Maynard from comment #12)
> (In reply to Guy Harris from comment #10)
> > Evan, should this check be done in wmem_list_foreach() instead?
> 
> ... as well as in wmem_destroy_list()?

... and others, such as wmem_list_remove(), wmem_list_remove_frame(),
wmem_list_find(), ... ?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #12 from Christopher Maynard  ---
(In reply to Guy Harris from comment #10)
> Evan, should this check be done in wmem_list_foreach() instead?

... as well as in wmem_destroy_list()?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

Peter Wu  changed:

   What|Removed |Added

 Status|CONFIRMED   |RESOLVED
 Resolution|--- |FIXED

--- Comment #9 from Peter Wu  ---
Fixed in:
v2.3.0rc0-3288-gcd58e676bd
v2.2.7rc0-27-g7fe55f9667
v2.0.13rc0-18-g898fba4d3f

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #8 from Gerrit Code Review  ---
Change 21338 merged by Peter Wu:
ieee80211: fix stack-use-after-return

https://code.wireshark.org/review/21338

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #7 from Gerrit Code Review  ---
Change 21338 had a related patch set uploaded by Peter Wu:
ieee80211: fix stack-use-after-return

https://code.wireshark.org/review/21338

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #6 from Gerrit Code Review  ---
Change 21337 merged by Peter Wu:
ieee80211: fix stack-use-after-return

https://code.wireshark.org/review/21337

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #4 from Gerrit Code Review  ---
Change 21333 merged by Peter Wu:
ieee80211: fix stack-use-after-return

https://code.wireshark.org/review/21333

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #5 from Gerrit Code Review  ---
Change 21337 had a related patch set uploaded by Peter Wu:
ieee80211: fix stack-use-after-return

https://code.wireshark.org/review/21337

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13663] extcap: Capture from multiple interfaces does not bring up Interface Details dialog

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13663

Stig Bjørlykke  changed:

   What|Removed |Added

  Component|Extras  |Qt UI

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13663] New: extcap: Capture from multiple interfaces does not bring up Interface Details dialog

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13663

Bug ID: 13663
   Summary: extcap: Capture from multiple interfaces does not
bring up Interface Details dialog
   Product: Wireshark
   Version: 2.2.6
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Extras
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: s...@bjorlykke.org
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
When capturing from multiple extcap interfaces the Interface Options dialog
does not pop up, even if mandatory options are not set.  This gives a deadlock
(at least on macOS) and the application must be killed.

Expected result:
Interface Options dialog popup for each interface which requires settings.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13663] extcap: Capture from multiple interfaces does not bring up Interface Details dialog

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13663

Stig Bjørlykke  changed:

   What|Removed |Added

 CC||rkn...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13652] Import latest Ixia Veriwave code where appropriate

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13652

--- Comment #2 from Jörg Mayer  ---
I looked at the patch and while some of it might be applicable, they will need
to be selected manually and especially the real veriwave specific changes need
to be found and applied manually - as we changed these files significantly.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13661] Wireshark is crashing after 5-10 seconds of startup.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13661

--- Comment #1 from Jaap Keuter  ---
>From https://wiki.wireshark.org/Development/LifeCycle

Version   Stable Release   Date End of Life
1.10  June 5, 2013 June 5, 2015

This version is already end of life. Any reason to keep using it instead of
upgrading to a more recent version?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #3 from Gerrit Code Review  ---
Change 21333 had a related patch set uploaded by Peter Wu:
ieee80211: fix stack-use-after-return

https://code.wireshark.org/review/21333

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #2 from Peter Wu  ---
Requires ASAN_OPTIONS=detect_stack_use_after_return=1 for reproduction.
Issue seems legitimate, a stack variable is for some reason stored in
proto_data.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #1 from Peter Wu  ---
Created attachment 15504
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15504=edit
Packet capture file

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] New: [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

Bug ID: 13662
   Summary: [oss-fuzz] ASAN: stack-use-after-return
epan/dissectors/packet-ieee80211.c:14341:23 in
add_tagged_field
   Product: Wireshark
   Version: Git
  Hardware: x86-64
   URL: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=
1268
OS: Linux (other)
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pe...@lekensteyn.nl
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.3.0 (v2.3.0rc0-3267-gdc9127ddff)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.50.3, with zlib 1.2.11, without SMI, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.5.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP,
with nghttp2 1.20.0, with LZ4, with Snappy, with libxml2 2.9.4.

Running on Linux 4.10.9-1-ARCH, with Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
(with SSE4.2), with 31996 MB of physical memory, with locale C, with libpcap
version 1.8.1, with GnuTLS 3.5.11, with Gcrypt 1.7.6, with zlib 1.2.11.

Built using clang 4.2.1 Compatible Clang 4.0.0 (tags/RELEASE_400/final).
--
A problem was found by the oss-fuzz project:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1268

Attached is the sample that triggers this error which can be reproduced with an
ASAN+UBSAN build of Wireshark ("tshark -Vr test.pcap").
--
=
==4432==ERROR: AddressSanitizer: stack-use-after-return on address
0x7fcbb41285b0 at pc 0x7fcbc87b7b25 bp 0x7fffaf2adf50 sp 0x7fffaf2adf48
READ of size 4 at 0x7fcbb41285b0 thread T0
#0 0x7fcbc87b7b24 in add_tagged_field
epan/dissectors/packet-ieee80211.c:14341:23
#1 0x7fcbc87fe17c in ieee_80211_add_tagged_parameters
epan/dissectors/packet-ieee80211.c:16782:19
#2 0x7fcbc87c0b08 in dissect_data_encap
epan/dissectors/packet-ieee80211.c:19562:7
#3 0x7fcbcb35f3fd in call_dissector_through_handle epan/packet.c:684:8
#4 0x7fcbcb349bff in call_dissector_work epan/packet.c:759:9
#5 0x7fcbcb348c1d in dissector_try_uint_new epan/packet.c:1329:8
#6 0x7fcbcb34a159 in dissector_try_uint epan/packet.c:1353:9
#7 0x7fcbc831b373 in dissect_ethertype
epan/dissectors/packet-ethertype.c:267:21
#8 0x7fcbcb35f3fd in call_dissector_through_handle epan/packet.c:684:8
#9 0x7fcbcb349bff in call_dissector_work epan/packet.c:759:9
#10 0x7fcbcb358817 in call_dissector_only epan/packet.c:2992:8
#11 0x7fcbcb3409c4 in call_dissector_with_data epan/packet.c:3005:8
#12 0x7fcbc831754e in dissect_eth_common epan/dissectors/packet-eth.c:536:5
#13 0x7fcbc830b08c in dissect_eth_withoutfcs
epan/dissectors/packet-eth.c:810:3
#14 0x7fcbcb35f3fd in call_dissector_through_handle epan/packet.c:684:8
#15 0x7fcbcb349bff in call_dissector_work epan/packet.c:759:9
#16 0x7fcbcb358817 in call_dissector_only epan/packet.c:2992:8
#17 0x7fcbcb3409c4 in call_dissector_with_data epan/packet.c:3005:8
#18 0x7fcbcb358861 in call_dissector epan/packet.c:3022:9
#19 0x7fcbc91efd10 in dissect_bcp_bpdu epan/dissectors/packet-ppp.c:5054:21
#20 0x7fcbcb35f3fd in call_dissector_through_handle epan/packet.c:684:8
#21 0x7fcbcb349bff in call_dissector_work epan/packet.c:759:9
#22 0x7fcbcb348c1d in dissector_try_uint_new epan/packet.c:1329:8
#23 0x7fcbcb34a159 in dissector_try_uint epan/packet.c:1353:9
#24 0x7fcbc91fc2ed in dissect_ppp_common
epan/dissectors/packet-ppp.c:4838:10
#25 0x7fcbc91fb9e3 in dissect_ppp_hdlc_common
epan/dissectors/packet-ppp.c:5873:5
#26 0x7fcbc91e20e5 in dissect_ppp_raw_hdlc
epan/dissectors/packet-ppp.c:6072:17
#27 0x7fcbcb35f3fd in call_dissector_through_handle epan/packet.c:684:8
#28 0x7fcbcb349bff in call_dissector_work epan/packet.c:759:9
#29 0x7fcbcb348c1d in dissector_try_uint_new epan/packet.c:1329:8
#30 0x7fcbcb34a159 in dissector_try_uint epan/packet.c:1353:9
#31 0x7fcbc84e048a in dissect_gre epan/dissectors/packet-gre.c:512:14
#32 0x7fcbcb35f3fd in call_dissector_through_handle epan/packet.c:684:8
#33 0x7fcbcb349bff in call_dissector_work epan/packet.c:759:9
#34 0x7fcbcb348c1d in dissector_try_uint_new epan/packet.c:1329:8
#35 0x7fcbc889d53c in ip_try_dissect epan/dissectors/packet-ip.c:1854:7
#36 0x7fcbc8919065 in ipv6_dissect_next
epan/dissectors/packet-ipv6.c:2414:9
#37 0x7fcbc891c92d in dissect_ipv6 

[Wireshark-bugs] [Bug 13661] Wireshark is crashing after 5-10 seconds of startup.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13661

adarsh verma  changed:

   What|Removed |Added

 CC||adarsh.verma...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13661] New: Wireshark is crashing after 5-10 seconds of startup.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13661

Bug ID: 13661
   Summary: Wireshark is crashing after 5-10 seconds of startup.
   Product: Wireshark
   Version: 1.10.7
  Hardware: x86
OS: Windows 8.1
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: GTK+ UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: adarsh.verma...@gmail.com
  Target Milestone: ---

Build Information:
TShark 1.10.7 (v1.10.7-0-g6b931a1 from master-1.10)

Copyright 1998-2014 Gerald Combs  and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GLib 2.34.1, with WinPcap (4_1_3), with libz 1.2.5,
without POSIX capabilities, without libnl, with SMI 0.4.8, with c-ares 1.9.1,
with Lua 5.1, without Python, with GnuTLS 2.12.18, with Gcrypt 1.4.6, with MIT
Kerberos, with GeoIP.

Running on 64-bit Windows 8 / 10, build 9200, without WinPcap.
Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, with 8072MB of physical memory.


Build using Microsoft Visual C++ 10.0 build 40219

--
Wireshark is crashing after 5-10 seconds of startup. I have tried with latest
build also same crash is observed.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #11 from Stig Bjørlykke  ---
*** Bug 13660 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13660] Buildbot crash output: fuzz-2017-04-25-3107.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13660

Stig Bjørlykke  changed:

   What|Removed |Added

 Status|CONFIRMED   |RESOLVED
 Resolution|--- |DUPLICATE
 CC||s...@bjorlykke.org

--- Comment #1 from Stig Bjørlykke  ---


*** This bug has been marked as a duplicate of bug 13655 ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13660] New: Buildbot crash output: fuzz-2017-04-25-3107.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13660

Bug ID: 13660
   Summary: Buildbot crash output: fuzz-2017-04-25-3107.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
   URL: https://www.wireshark.org/download/automated/captures/
fuzz-2017-04-25-3107.pcap
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2017-04-25-3107.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/.cap

Build host information:
Linux wsbb04 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.2 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4000
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=77751c94f17e2c110ae9e88b1780e279d610b96b

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 77751c94f17e2c110ae9e88b1780e279d610b96b
Author: Stig Bjørlykke 
Date:   Sat Apr 15 23:30:30 2017 +0200

Qt: Add interface toolbar support

An extcap utility can provide configuration for controls to use in a
GUI interface toolbar.  This controls are bidirectional and can be
used to control the extcap utility while capturing.

This is useful in scenarios where configuration can be done based on
findings in the capture process, setting temporary values or give other
inputs without restarting current capture.

Todo:
- Add support for Windows

Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
Reviewed-on: https://code.wireshark.org/review/19982
Petri-Dish: Stig Bjørlykke 
Tested-by: Petri Dish Buildbot 
Reviewed-by: Stig Bjørlykke 


==3230== Memcheck, a memory error detector
==3230== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==3230== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==3230== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2017-04-25-3107.pcap
==3230== 
==3230== Invalid read of size 8
==3230==at 0x76DC44B: wmem_list_foreach (wmem_list.c:267)
==3230==by 0x6B3FCE5: bootp_cleanup_protocol (packet-bootp.c:6343)
==3230==by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==3230==by 0x6A0B08A: cleanup_dissection (packet.c:343)
==3230==by 0x6A00E9D: epan_free (epan.c:337)
==3230==by 0x414CB1: main (tshark.c:2113)
==3230==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==3230== 
==3230== 
==3230== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==3230==  Access not within mapped region at address 0x8
==3230==at 0x76DC44B: wmem_list_foreach (wmem_list.c:267)
==3230==by 0x6B3FCE5: bootp_cleanup_protocol (packet-bootp.c:6343)
==3230==by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==3230==by 0x6A0B08A: cleanup_dissection (packet.c:343)
==3230==by 0x6A00E9D: epan_free (epan.c:337)
==3230==by 0x414CB1: main (tshark.c:2113)
==3230==  If you believe this happened as a result of a stack
==3230==  overflow in your program's main thread (unlikely but
==3230==  possible), you can try to increase the size of the
==3230==  main thread stack using the --main-stacksize= flag.
==3230==  The main thread stack size used in this run was 2084864.
==3230== 
==3230== HEAP SUMMARY:
==3230== in use at exit: 25,770,290 bytes in 222,272 blocks
==3230==   total heap usage: 278,123 allocs, 55,851 frees, 37,831,329 bytes
allocated
==3230== 
==3230== LEAK SUMMARY:
==3230==definitely lost: 36 bytes in 2 blocks
==3230==indirectly lost: 72 bytes in 3 blocks
==3230==  possibly lost: 0 bytes in 0 blocks
==3230==still reachable: 25,552,879 bytes in 221,463 blocks
==3230== suppressed: 217,303 bytes in 804 blocks
==3230== Rerun with --leak-check=full to see details of leaked memory
==3230== 
==3230== For counts of detected and suppressed errors, rerun with: -v
==3230== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
./tools/valgrind-wireshark.sh: line 149:  3230 Segmentation fault  (core
dumped) $cmdline > /dev/null

[ no debug trace ]

-- 
You are receiving this mail 

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #10 from Guy Harris  ---
Evan, should this check be done in wmem_list_foreach() instead?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

Guy Harris  changed:

   What|Removed |Added

 CC||eapa...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

Guy Harris  changed:

   What|Removed |Added

 Status|IN_PROGRESS |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #9 from Gerrit Code Review  ---
Change 21329 merged by Guy Harris:
Don't crash if we have no BOOTP option preferences.

https://code.wireshark.org/review/21329

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #8 from Gerrit Code Review  ---
Change 21329 had a related patch set uploaded by Guy Harris:
Don't crash if we have no BOOTP option preferences.

https://code.wireshark.org/review/21329

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

Guy Harris  changed:

   What|Removed |Added

 Status|CONFIRMED   |IN_PROGRESS

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #7 from Guy Harris  ---
That sure looks like a null pointer dereference (and the crash report from
macOS would probably have indicated that as well, if I'd bothered to look at
the failing address).

wmem_list_foreach() assumes it is *not* passed a null pointer, but if you have
no options specified in the options UAT, it will be null, so that whole step
should be skipped if saved_uat_opts is null.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #6 from Pascal Quantin  ---
*** Bug 13659 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13659] Buildbot crash output: fuzz-2017-04-25-2225.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13659

Pascal Quantin  changed:

   What|Removed |Added

 Resolution|--- |DUPLICATE
 Status|CONFIRMED   |RESOLVED
 CC||pascal.quan...@gmail.com

--- Comment #1 from Pascal Quantin  ---


*** This bug has been marked as a duplicate of bug 13655 ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #5 from Guy Harris  ---
(In reply to Guy Harris from comment #2)
> I'll look at trying with an ASAN build.

Mr. ASAN says:

ASAN:DEADLYSIGNAL
=
==16594==ERROR: AddressSanitizer: SEGV on unknown address 0x0008 (pc
0x0001061e3f9e bp 0x7fff5d9c3500 sp 0x7fff5d9c34e0 T0)
==16594==The signal is caused by a READ memory access.
==16594==Hint: address points to the zero page.
#0 0x1061e3f9d in wmem_list_foreach wmem_list.c:267
#1 0x104e11068 in bootp_cleanup_protocol packet-bootp.c:6343
#2 0x103e9649c in g_slist_foreach gslist.c:896
#3 0x104ba1fdd in cleanup_dissection packet.c:343
#4 0x104b87b52 in epan_free epan.c:337
#5 0x102255dca in cf_close file.c:477
#6 0x1026fb2ad in MainWindow::testCaptureFileClose(QString,
MainWindow::FileCloseContext) main_window.cpp:1914

...

==16594==Register values:
rax = 0x1001  rbx = 0x6150cb40  rcx = 0x61d00076b860 
rdx = 0x  
rdi = 0x0008  rsi = 0x000104e1be40  rbp = 0x7fff5d9c3500 
rsp = 0x7fff5d9c34e0  
 r8 = 0x61d1bc80   r9 = 0x0001  r10 = 0x0005 
r11 = 0x  
r12 = 0x1000  r13 = 0x1000  r14 = 0x 
r15 = 0x000104e1be40  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV wmem_list.c:267 in wmem_list_foreach

which doesn't add much - in particular, for what it's worth, it's not reporting
any out-of-bounds stores *before* the list is freed.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13659] New: Buildbot crash output: fuzz-2017-04-25-2225.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13659

Bug ID: 13659
   Summary: Buildbot crash output: fuzz-2017-04-25-2225.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
   URL: https://www.wireshark.org/download/automated/captures/
fuzz-2017-04-25-2225.pcap
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2017-04-25-2225.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/.cap

Build host information:
Linux wsbb04 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.2 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3999
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=cd55bd29258b8e0ffae9ea9471059b457ebb59ae

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit cd55bd29258b8e0ffae9ea9471059b457ebb59ae
Author: S. Shapira 
Date:   Sun Apr 23 22:02:09 2017 +0300

UMTS FP: Improved MAC multiplexing detection

Previous detection was based on DCH ID 31 or 24 and specific TB Size.
New method checks if the 'Transport Format' looks like the commonly used
format for DCCH over DCH or DCH ID 24 and specific TB size (To not break that
special case which I'm not familiar with personally)

Change-Id: I59fe7772ec05f7cc15351ef78276085e25570461
Reviewed-on: https://code.wireshark.org/review/21304
Petri-Dish: Anders Broman 
Tested-by: Petri Dish Buildbot 
Reviewed-by: Anders Broman 


==2312== Memcheck, a memory error detector
==2312== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==2312== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==2312== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2017-04-25-2225.pcap
==2312== 
==2312== Invalid read of size 8
==2312==at 0x76DC44B: wmem_list_foreach (wmem_list.c:267)
==2312==by 0x6B3FCE5: bootp_cleanup_protocol (packet-bootp.c:6343)
==2312==by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==2312==by 0x6A0B08A: cleanup_dissection (packet.c:343)
==2312==by 0x6A00E9D: epan_free (epan.c:337)
==2312==by 0x414177: main (tshark.c:2113)
==2312==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==2312== 
==2312== 
==2312== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==2312==  Access not within mapped region at address 0x8
==2312==at 0x76DC44B: wmem_list_foreach (wmem_list.c:267)
==2312==by 0x6B3FCE5: bootp_cleanup_protocol (packet-bootp.c:6343)
==2312==by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==2312==by 0x6A0B08A: cleanup_dissection (packet.c:343)
==2312==by 0x6A00E9D: epan_free (epan.c:337)
==2312==by 0x414177: main (tshark.c:2113)
==2312==  If you believe this happened as a result of a stack
==2312==  overflow in your program's main thread (unlikely but
==2312==  possible), you can try to increase the size of the
==2312==  main thread stack using the --main-stacksize= flag.
==2312==  The main thread stack size used in this run was 2084864.
==2312== 
==2312== HEAP SUMMARY:
==2312== in use at exit: 25,770,358 bytes in 222,283 blocks
==2312==   total heap usage: 278,205 allocs, 55,922 frees, 37,834,812 bytes
allocated
==2312== 
==2312== LEAK SUMMARY:
==2312==definitely lost: 36 bytes in 2 blocks
==2312==indirectly lost: 72 bytes in 3 blocks
==2312==  possibly lost: 0 bytes in 0 blocks
==2312==still reachable: 25,552,947 bytes in 221,474 blocks
==2312== suppressed: 217,303 bytes in 804 blocks
==2312== Rerun with --leak-check=full to see details of leaked memory
==2312== 
==2312== For counts of detected and suppressed errors, rerun with: -v
==2312== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
./tools/valgrind-wireshark.sh: line 149:  2312 Segmentation fault  (core
dumped) $cmdline > /dev/null

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs 

[Wireshark-bugs] [Bug 13658] Buildbot crash output: fuzz-2017-04-25-9297.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13658

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com
 Status|CONFIRMED   |RESOLVED
 Resolution|--- |DUPLICATE

--- Comment #2 from Pascal Quantin  ---


*** This bug has been marked as a duplicate of bug 13655 ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13655] After loading a capture file, Wireshark crashes upon exiting.

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13655

--- Comment #4 from Pascal Quantin  ---
*** Bug 13658 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13658] Buildbot crash output: fuzz-2017-04-25-9297.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13658

Dave Goodell  changed:

   What|Removed |Added

 CC||wiresh...@goodell.io

--- Comment #1 from Dave Goodell  ---
I can confirm this particular SEGV happens for me with almost any pcap file I
collect, whether I captured it with Wireshark or with tcpdump.  From some quick
bisecting, it looks like commit 6cbea5c01c was probably the culprit
(https://code.wireshark.org/review/#/c/21297/).

I can try to find time to give more details if whoever's responsible can't
reproduce, just let me know.  I'm on macOS 10.12 (Sierra) with this LLVM
version:

Apple LLVM version 8.1.0 (clang-802.0.42)
Target: x86_64-apple-darwin16.5.0

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13592] GSM SMS dissector does not take into account lower layer info for reassembly

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13592

hhw  changed:

   What|Removed |Added

  Attachment #15501|0   |1
is obsolete||

--- Comment #16 from hhw  ---
Created attachment 15503
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15503=edit
scenario2 of sms reassembly

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13658] New: Buildbot crash output: fuzz-2017-04-25-9297.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13658

Bug ID: 13658
   Summary: Buildbot crash output: fuzz-2017-04-25-9297.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
   URL: https://www.wireshark.org/download/automated/captures/
fuzz-2017-04-25-9297.pcap
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2017-04-25-9297.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/.cap

Build host information:
Linux wsbb04 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.2 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3998
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=dcaad43e1f65e8b99cbfed8b1b410e01eb1cad80

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit dcaad43e1f65e8b99cbfed8b1b410e01eb1cad80
Author: Pascal Quantin 
Date:   Mon Apr 24 22:52:52 2017 +0200

GSM SMS: add more lower layer info for reassembly and switch preference to
on by default

Change-Id: I3faf15c326d14e246975094ad31431eba2404d8c
Ping-Bug: 13592
Reviewed-on: https://code.wireshark.org/review/21320
Petri-Dish: Pascal Quantin 
Tested-by: Petri Dish Buildbot 
Reviewed-by: Pascal Quantin 


==9397== Memcheck, a memory error detector
==9397== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==9397== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==9397== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2017-04-25-9297.pcap
==9397== 
==9397== Invalid read of size 8
==9397==at 0x76DBEFB: wmem_list_foreach (wmem_list.c:267)
==9397==by 0x6B3F805: bootp_cleanup_protocol (packet-bootp.c:6343)
==9397==by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==9397==by 0x6A0ABAA: cleanup_dissection (packet.c:343)
==9397==by 0x6A009BD: epan_free (epan.c:337)
==9397==by 0x414177: main (tshark.c:2113)
==9397==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==9397== 
==9397== 
==9397== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==9397==  Access not within mapped region at address 0x8
==9397==at 0x76DBEFB: wmem_list_foreach (wmem_list.c:267)
==9397==by 0x6B3F805: bootp_cleanup_protocol (packet-bootp.c:6343)
==9397==by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==9397==by 0x6A0ABAA: cleanup_dissection (packet.c:343)
==9397==by 0x6A009BD: epan_free (epan.c:337)
==9397==by 0x414177: main (tshark.c:2113)
==9397==  If you believe this happened as a result of a stack
==9397==  overflow in your program's main thread (unlikely but
==9397==  possible), you can try to increase the size of the
==9397==  main thread stack using the --main-stacksize= flag.
==9397==  The main thread stack size used in this run was 2084864.
==9397== 
==9397== HEAP SUMMARY:
==9397== in use at exit: 25,770,114 bytes in 222,278 blocks
==9397==   total heap usage: 277,981 allocs, 55,703 frees, 37,827,395 bytes
allocated
==9397== 
==9397== LEAK SUMMARY:
==9397==definitely lost: 36 bytes in 2 blocks
==9397==indirectly lost: 72 bytes in 3 blocks
==9397==  possibly lost: 0 bytes in 0 blocks
==9397==still reachable: 25,552,703 bytes in 221,469 blocks
==9397== suppressed: 217,303 bytes in 804 blocks
==9397== Rerun with --leak-check=full to see details of leaked memory
==9397== 
==9397== For counts of detected and suppressed errors, rerun with: -v
==9397== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
./tools/valgrind-wireshark.sh: line 149:  9397 Segmentation fault  (core
dumped) $cmdline > /dev/null

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 

[Wireshark-bugs] [Bug 13657] New: Reload this file button triggers segmentation fault

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13657

Bug ID: 13657
   Summary: Reload this file button triggers segmentation fault
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: macOS 10.12
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: daniel.simio...@gmail.com
  Target Milestone: ---

Build Information:
Adrians-MacBook-Pro:wireshark asimionov$ wireshark -v
Wireshark 2.2.4 (v2.2.4-0-gcc3dc1b)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with libpcap, without POSIX capabilities, with
GLib 2.36.0, with zlib 1.2.5, with SMI 0.4.8, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 2.12.19, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP,
with QtMultimedia, without AirPcap.

Running on Mac OS X 10.12.5, build 16F60a (Darwin 16.6.0), with locale
en_AU.UTF-8, with libpcap version 1.8.1 -- Apple version 67.60.1, with GnuTLS
2.12.19, with Gcrypt 1.5.0, with zlib 1.2.8.
Intel(R) Core(TM) i7-6567U CPU @ 3.30GHz (with SSE4.2)

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build
2336.9.00).
--
Steps to reproduce:

open a pcap file
click "Reload this file" button

Result:
Segmentation fault: 11

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13656] New: HEX highligh wrong byte

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13656

Bug ID: 13656
   Summary: HEX highligh wrong byte
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: macOS 10.12
Status: UNCONFIRMED
  Severity: Minor
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: daniel.simio...@gmail.com
  Target Milestone: ---

Created attachment 15502
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15502=edit
issue of BYTE highlight

Build Information:
Adrians-MacBook-Pro:wireshark asimionov$ wireshark -v
Wireshark 2.2.4 (v2.2.4-0-gcc3dc1b)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with libpcap, without POSIX capabilities, with
GLib 2.36.0, with zlib 1.2.5, with SMI 0.4.8, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 2.12.19, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP,
with QtMultimedia, without AirPcap.

Running on Mac OS X 10.12.5, build 16F60a (Darwin 16.6.0), with locale
en_AU.UTF-8, with libpcap version 1.8.1 -- Apple version 67.60.1, with GnuTLS
2.12.19, with Gcrypt 1.5.0, with zlib 1.2.8.
Intel(R) Core(TM) i7-6567U CPU @ 3.30GHz (with SSE4.2)

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build
2336.9.00).
--
Please check the attached GIF. When I move the mouse, I would expect the yellow
BYTE to be the one mouse is over, but it seems there is a gap. More I move the
mouse, bigger the gap becomes.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe