https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16123
Bug ID: 16123
Summary: Buildbot crash output: fuzz-2019-10-11-21199.pcap
Product: Wireshark
Version: unspecified
Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
Severity: Major
Priority: High
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: buildbot-do-not-re...@wireshark.org
Target Milestone: ---
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2019-10-11-21199.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/17363-wifi-nan.pcap
Build host information:
Linux build6 4.15.0-65-generic #74-Ubuntu SMP Tue Sep 17 17:06:04 UTC 2019
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=5131
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_GOT_REVISION=926d5504f775b75168d1e49a154b8daea12fdc1d
Return value: 0
Dissector bug: 0
Valgrind error count: 1
Git commit
commit 926d5504f775b75168d1e49a154b8daea12fdc1d
Author: Gerald Combs <ger...@wireshark.org>
Date: Wed Oct 9 13:40:12 2019 -0700
CMake: Remove some header defines.
It looks like HAVE_SYS_TYPES_H, HAVE_STDINT_H, and HAVE_STDDEF_H were
required for check_type_size via test_big_endian, but we don't use that
any more.
HAVE_LRINT was used by the GTK+ UI.
Change-Id: I6474c118bac4413791b3613d34d263e38107600a
Reviewed-on: https://code.wireshark.org/review/34754
Petri-Dish: Gerald Combs <ger...@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <ger...@wireshark.org>
Command and args: ./tools/valgrind-wireshark.sh -b
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin
==2312== Memcheck, a memory error detector
==2312== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==2312== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==2312== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2019-10-11-21199.pcap
==2312==
==2312== Invalid read of size 4
==2312== at 0x7926D99: dissect_attr_availability (packet-wifi-nan.c:1583)
==2312== by 0x79234BB: find_attribute_field (packet-wifi-nan.c:2386)
==2312== by 0x7922D15: dissect_nan_service_discovery
(packet-wifi-nan.c:2476)
==2312== by 0x829D637: call_dissector_through_handle (packet.c:706)
==2312== by 0x829928C: call_dissector_work (packet.c:799)
==2312== by 0x8299067: dissector_try_uint_new (packet.c:1399)
==2312== by 0x719377D: add_ff_action_public_fields (packet-ieee80211.c:9847)
==2312== by 0x7190E38: add_ff_action_public (packet-ieee80211.c:9923)
==2312== by 0x7190156: add_ff_action (packet-ieee80211.c:12763)
==2312== by 0x718CD40: dissect_ieee80211_mgt (packet-ieee80211.c:22657)
==2312== by 0x71898B8: dissect_ieee80211_common (packet-ieee80211.c:25202)
==2312== by 0x7172A15: dissect_ieee80211 (packet-ieee80211.c:25371)
==2312== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==2312==
==2312==
==2312== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==2312== Access not within mapped region at address 0x0
==2312== at 0x7926D99: dissect_attr_availability (packet-wifi-nan.c:1583)
==2312== by 0x79234BB: find_attribute_field (packet-wifi-nan.c:2386)
==2312== by 0x7922D15: dissect_nan_service_discovery
(packet-wifi-nan.c:2476)
==2312== by 0x829D637: call_dissector_through_handle (packet.c:706)
==2312== by 0x829928C: call_dissector_work (packet.c:799)
==2312== by 0x8299067: dissector_try_uint_new (packet.c:1399)
==2312== by 0x719377D: add_ff_action_public_fields (packet-ieee80211.c:9847)
==2312== by 0x7190E38: add_ff_action_public (packet-ieee80211.c:9923)
==2312== by 0x7190156: add_ff_action (packet-ieee80211.c:12763)
==2312== by 0x718CD40: dissect_ieee80211_mgt (packet-ieee80211.c:22657)
==2312== by 0x71898B8: dissect_ieee80211_common (packet-ieee80211.c:25202)
==2312== by 0x7172A15: dissect_ieee80211 (packet-ieee80211.c:25371)
==2312== If you believe this happened as a result of a stack
==2312== overflow in your program's main thread (unlikely but
==2312== possible), you can try to increase the size of the
==2312== main thread stack using the --main-stacksize= flag.
==2312== The main thread stack size used in this run was 2084864.
==2312==
==2312== HEAP SUMMARY:
==2312== in use at exit: 26,826,354 bytes in 289,840 blocks
==2312== total heap usage: 431,572 allocs, 141,732 frees, 45,330,500 bytes
allocated
==2312==
==2312== LEAK SUMMARY:
==2312== definitely lost: 1,333 bytes in 44 blocks
==2312== indirectly lost: 0 bytes in 0 blocks
==2312== possibly lost: 304 bytes in 1 blocks
==2312== still reachable: 26,819,230 bytes in 289,710 blocks
==2312== suppressed: 5,487 bytes in 85 blocks
==2312== Rerun with --leak-check=full to see details of leaked memory
==2312==
==2312== For counts of detected and suppressed errors, rerun with: -v
==2312== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
[ no debug trace ]
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
