https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16068
Bug ID: 16068
Summary: Buildbot crash output: fuzz-2019-09-21-17411.pcap
Product: Wireshark
Version: unspecified
Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
Severity: Major
Priority: High
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: buildbot-do-not-re...@wireshark.org
Target Milestone: ---
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2019-09-21-17411.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/15990-uaf_wmem_strbuf.pcap
Build host information:
Linux build6 4.15.0-62-generic #69-Ubuntu SMP Wed Sep 4 20:55:53 UTC 2019
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=5121
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_GOT_REVISION=893a2d9c62e8dcc4fe0f43c47e01743136f55386
Return value: 0
Dissector bug: 0
Valgrind error count: 92
Git commit
commit 893a2d9c62e8dcc4fe0f43c47e01743136f55386
Author: Tomasz Moń <deso...@gmail.com>
Date: Sun Sep 15 11:25:18 2019 +0200
MSVC: Warn about unused formal parameters
Provide _U_ macro definition for Visual Studio.
Change the way _U_ macro is ifdefed for some targets to allow Visual
Studio to recognize it.
Ping-Bug: 15832
Change-Id: Ic7ce145cbe9e8aa751d64c9c09ce8ba6c1bbbd30
Reviewed-on: https://code.wireshark.org/review/34530
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
Reviewed-by: Peter Wu <pe...@lekensteyn.nl>
Command and args: ./tools/valgrind-wireshark.sh -b
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin
==7365== Memcheck, a memory error detector
==7365== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==7365== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==7365== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2019-09-21-17411.pcap
==7365==
==7365== Invalid read of size 8
==7365== at 0x820314C: wmem_strbuf_get_str (wmem_strbuf.c:258)
==7365== by 0x7FA100C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC7E1: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList
(rrc.cnf:11497)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC764: dissect_rrc_PLMNIdentitiesOfNeighbourCells_v860ext
(rrc.cnf:11541)
==7365== Address 0x19376c18 is 8 bytes inside a block of size 40 free'd
==7365== at 0x4C30D3B: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0x81FD623: wmem_free (wmem_core.c:65)
==7365== by 0x82000A7: wmem_simple_free (wmem_allocator_simple.c:54)
==7365== by 0x81FD68E: wmem_free (wmem_core.c:75)
==7365== by 0x82031C5: wmem_strbuf_finalize (wmem_strbuf.c:278)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202A37: wmem_strbuf_sized_new (wmem_strbuf.c:59)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0x4C32CF2: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC6214D2: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0xC301FC2: g_printf_string_upper_bound (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x8202F06: wmem_strbuf_append_vprintf (wmem_strbuf.c:158)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Address 0x19376c80 is 0 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0x4C32D04: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC6214D2: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0xC301FC2: g_printf_string_upper_bound (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x8202F06: wmem_strbuf_append_vprintf (wmem_strbuf.c:158)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Address 0x19376c81 is 1 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0xC652487: _IO_default_xsputn (genops.c:417)
==7365== by 0xC620FEA: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0xC301FC2: g_printf_string_upper_bound (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x8202F06: wmem_strbuf_append_vprintf (wmem_strbuf.c:158)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Address 0x19376c80 is 0 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0x4C32CF2: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC6214D2: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0x8202F59: wmem_strbuf_append_vprintf (wmem_strbuf.c:164)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== Address 0x19376c80 is 0 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0x4C32D04: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC6214D2: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0x8202F59: wmem_strbuf_append_vprintf (wmem_strbuf.c:164)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== Address 0x19376c81 is 1 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0xC652532: _IO_default_xsputn (genops.c:412)
==7365== by 0xC620FEA: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0x8202F59: wmem_strbuf_append_vprintf (wmem_strbuf.c:164)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== Address 0x19376c80 is 0 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365== Invalid read of size 1
==7365== at 0xC652540: _IO_default_xsputn (genops.c:411)
==7365== by 0xC620FEA: vfprintf (vfprintf.c:1643)
==7365== by 0xC6F6168: __vsnprintf_chk (vsnprintf_chk.c:63)
==7365== by 0x8202F59: wmem_strbuf_append_vprintf (wmem_strbuf.c:164)
==7365== by 0x8202EC5: wmem_strbuf_append_printf (wmem_strbuf.c:210)
==7365== by 0x7FA1021: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:906)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== Address 0x1937b572 is 2 bytes inside a block of size 7 free'd
==7365== at 0x4C31D2F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEB6F: g_realloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD6CB: wmem_realloc (wmem_core.c:82)
==7365== by 0x8200019: wmem_simple_realloc (wmem_allocator_simple.c:78)
==7365== by 0x81FD774: wmem_realloc (wmem_core.c:96)
==7365== by 0x82031AE: wmem_strbuf_finalize (wmem_strbuf.c:276)
==7365== by 0x7FA0F14: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:886)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365== Block was alloc'd at
==7365== at 0x4C2FB0F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7365== by 0xC2FEAB8: g_malloc (in
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==7365== by 0x81FD523: wmem_alloc (wmem_core.c:35)
==7365== by 0x81FFF89: wmem_simple_alloc (wmem_allocator_simple.c:43)
==7365== by 0x81FD599: wmem_alloc (wmem_core.c:44)
==7365== by 0x8202AA4: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==7365== by 0x7FA0E8C: dissect_rrc_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:871)
==7365== by 0x7555C66: dissect_per_sequence_of_helper (packet-per.c:568)
==7365== by 0x7557C1C: dissect_per_constrained_sequence_of
(packet-per.c:943)
==7365== by 0x7FBC921:
dissect_rrc_SEQUENCE_SIZE_1_6_OF_PLMN_IdentityWithOptionalMCC_r6
(rrc.cnf:11469)
==7365== by 0x755A7A5: dissect_per_sequence (packet-per.c:1903)
==7365== by 0x7FBC8A4: dissect_rrc_MultiplePLMNsOfIntraFreqCellsList_item
(rrc.cnf:11484)
==7365==
==7365==
==7365== HEAP SUMMARY:
==7365== in use at exit: 40,742 bytes in 162 blocks
==7365== total heap usage: 318,571 allocs, 318,409 frees, 39,824,851 bytes
allocated
==7365==
==7365== LEAK SUMMARY:
==7365== definitely lost: 0 bytes in 0 blocks
==7365== indirectly lost: 0 bytes in 0 blocks
==7365== possibly lost: 304 bytes in 1 blocks
==7365== still reachable: 39,635 bytes in 128 blocks
==7365== suppressed: 803 bytes in 33 blocks
==7365== Rerun with --leak-check=full to see details of leaked memory
==7365==
==7365== For counts of detected and suppressed errors, rerun with: -v
==7365== ERROR SUMMARY: 92 errors from 8 contexts (suppressed: 0 from 0)
[ no debug trace ]
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
