[Wireshark-bugs] [Bug 13660] New: Buildbot crash output: fuzz-2017-04-25-3107.pcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13660

            Bug ID: 13660
           Summary: Buildbot crash output: fuzz-2017-04-25-3107.pcap
           Product: Wireshark
           Version: unspecified
          Hardware: x86-64
               URL: https://www.wireshark.org/download/automated/captures/
                    fuzz-2017-04-25-3107.pcap
                OS: Ubuntu
            Status: CONFIRMED
          Severity: Major
          Priority: High
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2017-04-25-3107.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/0000.cap

Build host information:
Linux wsbb04 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.2 LTS
Release:        16.04
Codename:       xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4000
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=77751c94f17e2c110ae9e88b1780e279d610b96b

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 77751c94f17e2c110ae9e88b1780e279d610b96b
Author: Stig Bjørlykke <s...@bjorlykke.org>
Date:   Sat Apr 15 23:30:30 2017 +0200

    Qt: Add interface toolbar support

    An extcap utility can provide configuration for controls to use in a
    GUI interface toolbar.  This controls are bidirectional and can be
    used to control the extcap utility while capturing.

    This is useful in scenarios where configuration can be done based on
    findings in the capture process, setting temporary values or give other
    inputs without restarting current capture.

    Todo:
    - Add support for Windows

    Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
    Reviewed-on: https://code.wireshark.org/review/19982
    Petri-Dish: Stig Bjørlykke <s...@bjorlykke.org>
    Tested-by: Petri Dish Buildbot <buildbot-no-re...@wireshark.org>
    Reviewed-by: Stig Bjørlykke <s...@bjorlykke.org>


==3230== Memcheck, a memory error detector
==3230== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==3230== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==3230== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2017-04-25-3107.pcap
==3230== 
==3230== Invalid read of size 8
==3230==    at 0x76DC44B: wmem_list_foreach (wmem_list.c:267)
==3230==    by 0x6B3FCE5: bootp_cleanup_protocol (packet-bootp.c:6343)
==3230==    by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==3230==    by 0x6A0B08A: cleanup_dissection (packet.c:343)
==3230==    by 0x6A00E9D: epan_free (epan.c:337)
==3230==    by 0x414CB1: main (tshark.c:2113)
==3230==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==3230== 
==3230== 
==3230== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==3230==  Access not within mapped region at address 0x8
==3230==    at 0x76DC44B: wmem_list_foreach (wmem_list.c:267)
==3230==    by 0x6B3FCE5: bootp_cleanup_protocol (packet-bootp.c:6343)
==3230==    by 0xA40309C: g_slist_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
==3230==    by 0x6A0B08A: cleanup_dissection (packet.c:343)
==3230==    by 0x6A00E9D: epan_free (epan.c:337)
==3230==    by 0x414CB1: main (tshark.c:2113)
==3230==  If you believe this happened as a result of a stack
==3230==  overflow in your program's main thread (unlikely but
==3230==  possible), you can try to increase the size of the
==3230==  main thread stack using the --main-stacksize= flag.
==3230==  The main thread stack size used in this run was 2084864.
==3230== 
==3230== HEAP SUMMARY:
==3230==     in use at exit: 25,770,290 bytes in 222,272 blocks
==3230==   total heap usage: 278,123 allocs, 55,851 frees, 37,831,329 bytes
allocated
==3230== 
==3230== LEAK SUMMARY:
==3230==    definitely lost: 36 bytes in 2 blocks
==3230==    indirectly lost: 72 bytes in 3 blocks
==3230==      possibly lost: 0 bytes in 0 blocks
==3230==    still reachable: 25,552,879 bytes in 221,463 blocks
==3230==         suppressed: 217,303 bytes in 804 blocks
==3230== Rerun with --leak-check=full to see details of leaked memory
==3230== 
==3230== For counts of detected and suppressed errors, rerun with: -v
==3230== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
./tools/valgrind-wireshark.sh: line 149:  3230 Segmentation fault      (core
dumped) $cmdline > /dev/null

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe