https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13478
Bug ID: 13478 Summary: Fuzzed netscaler file causes infinite loop in nstrace_set_start_time_v20 Product: Wireshark Version: Git Hardware: All OS: All Status: UNCONFIRMED Severity: Major Priority: Low Component: Capture file support (libwiretap) Assignee: bugzilla-ad...@wireshark.org Reporter: otto.air...@gmail.com Created attachment 15331 --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15331&action=edit PCAP causing issue Build Information: TShark (Wireshark) 2.3.0 (v2.3.0rc0-2662-g7119b66) Built using gcc 5.4.0 20160609. -- Fuzzed PCAP goes to infinite loop on tshark 2.0.2 and a resent build from repository (commit 7119b6691f318efa90bfe42a98d1b812dac183b5) GDB backtrace from 'tshark -2 -V -r <pcap>' Interrupted after a while: Program received signal SIGINT, Interrupt. 0x00007ffff7b563f8 in nstrace_set_start_time_v20 (wth=0xab6590, wth=0xab6590) at netscaler.c:900 900 nstrace_set_start_time_ver(20) (gdb) bt #0 0x00007ffff7b563f8 in nstrace_set_start_time_v20 (wth=0xab6590, wth=0xab6590) at netscaler.c:900 #1 0x00007ffff7b56e9f in nstrace_set_start_time (wth=0xab6590) at netscaler.c:918 #2 nstrace_open (wth=0xab6590, err=0x7fffffffdf18, err_info=0x7fffffffd638) at netscaler.c:767 #3 0x00007ffff7b439f1 in wtap_open_offline (filename=filename@entry=0xab6ef0 "netscaler_busyloop.pcap", type=type@entry=0, err=err@entry=0x7fffffffdf18, err_info=err_info@entry=0x7fffffffd638, do_random=<optimized out>) at file_access.c:1047 #4 0x000000000041820d in cf_open (cf=cf@entry=0x643060 <cfile>, fname=0xab6ef0 "netscaler_busyloop.pcap", type=0, is_tempfile=is_tempfile@entry=0, err=err@entry=0x7fffffffdf18) at tshark.c:4118 #5 0x000000000040e914 in main (argc=<optimized out>, argv=<optimized out>) at tshark.c:2027 (gdb) Credit goes to: Otto Airamo and Antti Levomäki, Forcepoint -- You are receiving this mail because: You are watching all bug changes.
___________________________________________________________________________ Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe