https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14402
Bug ID: 14402
Summary: Division by zero in epan/dissectors/file-pcapng.c:1158
Product: Wireshark
Version: Git
Hardware: x86-64
OS: Linux
Status: UNCONFIRMED
Severity: Major
Priority: Low
Component: Capture file support (libwiretap)
Assignee: bugzilla-ad...@wireshark.org
Reporter: mag...@stubman.eu
Target Milestone: ---
Build Information:
** (process:108953): WARNING **: No such preference
"capture.devices_buffersize" at line 286 of
/home/magnus/.wireshark/preferences (save preferences to remove this warning)
TShark (Wireshark) 2.5.1 (28960d79)
Copyright 1998-2018 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) without libpcap, with GLib 2.42.1, with zlib 1.2.8, without
SMI, with c-ares 1.10.0, with Lua 5.2.3, without GnuTLS, with Gcrypt 1.6.3,
without Kerberos, without GeoIP, without nghttp2, without LZ4, without Snappy,
with libxml2 2.9.1.
Running on Linux 3.16.0-5-amd64, with Intel(R) Core(TM) i7-6920HQ CPU @ 2.90GHz
(with SSE4.2), with 7359 MB of physical memory, with locale en_US.UTF-8, with
Gcrypt 1.6.3, with zlib 1.2.8.
Built using clang 4.2.1 Compatible Debian Clang 3.5.0 (tags/RELEASE_350/final).
--
magnus@h4xb0x:~/projects/wireshark/fuzz/wireshark$ git rev-parse HEAD
28960d79cca262ac6b974f339697b299a1e28fef
magnus@h4xb0x:~/projects/wireshark/fuzz$ cat div0.pcap | base64
Cg0NCjgAABlNPCsaAQAAAOH/////////BAARAEVkaXRjYXAgMi4xLjEtZ2l0AAAAAAAAADgAAAAB
AAAALAAAAAEAAAD//wAACAAIAP//////////CQABAMCoaQAAAAAALAAAAAYAAABEAQAAAAAAAOIF
BAD99EayIQEAACEBAAAADCkwBgAAAFZ/////AEUAARP7YUAAQAbYr8CocgHAqHKBzd8gvYjw5dMb
vwVHgBgFtD6pAAABAQgKBrMenADAYNUAAADb/1MBwKhygU1CcgAAAAAIQ8gAAAAAAAAAAAAAAAAA
AAAAAAABAAC4AAJQQwCARVRXT1JLIFBST0dSQU0gMS4wAAJNSUNST1NPRlQgTkVUf09SS1MgMS4w
MwACTUlDUk9TTwPoIE5FVFdPUktTIDMuMAACTEFOTUFOMS4wAAJXaW5kkXdzIGZvciBXb3JrZ3Jv
dXBzIDMuMWEAAkxNMS4yWDAwMgACRE9TIExBTrtBTjIuMQACTEFOTVJLIFBST0dSQU0gMS4wAAJN
SUNSTUFOIDEuMAACTlQgTE0gMC4xMgAAAABEAQAA
magnus@h4xb0x:~/projects/wireshark/fuzz$ sha256sum div0.pcap
ffcda9f3bb144e6b0ea064947b274626aa2ad1a9b7f4b0cd9f8f77d1636fafc5 div0.pcap
magnus@h4xb0x:~/projects/wireshark/fuzz$ gdb wireshark/tshark
GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from wireshark/tshark...done.
(gdb) run -n -X -V -r div0.pcap
Starting program: /home/magnus/projects/wireshark/fuzz/wireshark/tshark -n -X
-V -r div0.pcap
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7ffff532c700 (LWP 66469)]
[Thread 0x7ffff532c700 (LWP 66469) exited]
[New Thread 0x7ffff532c700 (LWP 66505)]
[Thread 0x7ffff532c700 (LWP 66505) exited]
** (process:66374): WARNING **: No such preference "capture.devices_buffersize"
at line 286 of
/home/magnus/.wireshark/preferences (save preferences to remove this warning)
Program received signal SIGFPE, Arithmetic exception.
0x0000000001ba41f6 in pcapng_add_timestamp (tree=<optimized out>,
pinfo=<optimized out>, tvb=<optimized out>, offset=12, encoding=<optimized
out>, interface_id=<optimized out>, info=<optimized out>)
at file-pcapng.c:1164
1164 timestamp.secs = (time_t)(ts / resolution);
(gdb) bt
#0 0x0000000001ba41f6 in pcapng_add_timestamp (tree=<optimized out>,
pinfo=<optimized out>, tvb=<optimized out>, offset=12, encoding=<optimized
out>, interface_id=<optimized out>, info=<optimized out>)
at file-pcapng.c:1164
#1 0x0000000001ba0766 in dissect_block (tree=<optimized out>, pinfo=<optimized
out>, tvb=0x4808050, encoding=2147483648, info=0x7fffffffd628) at
file-pcapng.c:1472
#2 0x0000000001b9f2c2 in dissect_pcapng (tvb=0x488f460, pinfo=0x488f1e8,
tree=<optimized out>, data=<optimized out>) at file-pcapng.c:1583
#3 0x0000000001b9f3cc in dissect_pcapng_heur (tvb=0x0, pinfo=0x47ee0a0
<__afl_area_initial>, tree=0x0, data=<optimized out>) at file-pcapng.c:1592
#4 0x00000000005303cf in dissector_try_heuristic (sub_dissectors=<optimized
out>, tvb=0x488f460, pinfo=0x488f1e8, tree=0x0, heur_dtbl_entry=0x7fffffffd718,
data=0x0) at packet.c:2687
#5 0x00000000010e992a in dissect_mime_encap (tvb=0x488f460, pinfo=0x488f1e8,
tree=0x0, data=<optimized out>) at packet-mime-encap.c:48
#6 0x000000000052c6de in call_dissector_through_handle (handle=<optimized
out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>,
data=<optimized out>) at packet.c:680
#7 call_dissector_work (handle=0x7ffff55de110, tvb=0x488f460,
pinfo_arg=0x488f1e8, tree=0x0, add_proto_name=1, data=0x4840e58) at
packet.c:765
#8 0x000000000052c339 in dissector_try_uint_new (sub_dissectors=<optimized
out>, uint_val=134, tvb=0x488f460, pinfo=0x488f1e8, tree=0x0,
add_proto_name=-4, data=0x100000000) at packet.c:1347
#9 0x0000000000bf76f9 in dissect_frame (tvb=0x488f460, pinfo=0x488f1e8,
parent_tree=0x0, data=0x7fffffffdc18) at packet-frame.c:563
#10 0x000000000052c6de in call_dissector_through_handle (handle=<optimized
out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>,
data=<optimized out>) at packet.c:680
#11 call_dissector_work (handle=0x7ffff54fdef0, tvb=0x488f460,
pinfo_arg=0x488f1e8, tree=0x0, add_proto_name=1, data=0x7fffffffdc18) at
packet.c:765
#12 0x000000000052a083 in call_dissector_only (handle=0x0, tvb=<optimized out>,
pinfo=<optimized out>, tree=<optimized out>, data=<optimized out>) at
packet.c:3078
#13 call_dissector_with_data (handle=0x0, tvb=0x488f460, pinfo=0x488f1e8,
tree=0x0, data=0x405e2b246f4fd) at packet.c:3091
#14 0x0000000000529d46 in dissect_record (edt=0x488f1d0,
file_type_subtype=<optimized out>, phdr=<optimized out>, tvb=<optimized out>,
fd=0x7fffffffe170, cinfo=<optimized out>) at packet.c:554
#15 0x000000000051e8a2 in epan_dissect_run_with_taps (edt=0x488f1d0,
file_type_subtype=75423904, phdr=0x0, tvb=0x47ee0a0 <__afl_area_initial>,
fd=0xfffffffffffffffc, cinfo=0x100000000) at epan.c:540
#16 0x000000000043ec3a in process_packet_single_pass (cf=<optimized out>,
edt=<optimized out>, offset=<optimized out>, whdr=<optimized out>,
pd=<optimized out>, tap_flags=<optimized out>) at tshark.c:3499
#17 process_cap_file (max_packet_count=0, max_byte_count=0, cf=<optimized out>,
save_file=<optimized out>, out_file_type=<optimized out>,
out_file_name_res=<optimized out>) at tshark.c:3325
#18 main (argc=<optimized out>, argv=<optimized out>) at tshark.c:2024
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
