https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14473
Bug ID: 14473
Summary: Crafted UDP packet causes large memory usage
Product: Wireshark
Version: Git
Hardware: x86
OS: Linux
Status: UNCONFIRMED
Severity: Major
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: otto.air...@gmail.com
Target Milestone: ---
Created attachment 16181
--> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16181&action=edit
recording to cause all the memory to used
Build Information:
TShark (Wireshark) 2.5.1 (v2.5.1rc0-417-g24b5a553)
Built using clang 4.2.1 Compatible Clang 3.8.0 (tags/RELEASE_380/final).
--
GDB backtrace from 'tshark -2 -V -r <pcap>' Interrupted after using 4GB of
memory:
Thread 1 "tshark" received signal SIGINT, Interrupt.
0x00007fffeb50779b in try_val_to_str_idx (val=128, vs=<optimized out>,
idx=<optimized out>) at value_string.c:85
85 while (vs[i].strptr) {
(gdb) bt
#0 0x00007fffeb50779b in try_val_to_str_idx (val=128, vs=<optimized out>,
idx=<optimized out>) at value_string.c:85
#1 try_val_to_str (val=<optimized out>, vs=<optimized out>) at
value_string.c:103
#2 val_to_str (val=<optimized out>, vs=<optimized out>, fmt=<optimized out>)
at value_string.c:34
#3 0x00007fffec3a365c in dissect_mmse (tvb=<optimized out>, pinfo=<optimized
out>, tree=<optimized out>, pdut=128 '\200', message_type=<optimized out>) at
packet-mmse.c:1211
#4 0x00007fffec3a0e55 in dissect_mmse_standalone (tvb=0x61d00001bc00,
pinfo=0x61400000fa58, tree=0x0, data=<optimized out>) at packet-mmse.c:664
#5 0x00007fffeb392292 in call_dissector_through_handle (handle=<optimized
out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>,
data=<optimized out>) at packet.c:694
#6 0x00007fffeb3830bc in call_dissector_work (handle=0x7ffe517267b0,
tvb=0x61d00001bc00, pinfo_arg=<optimized out>, tree=<optimized out>,
add_proto_name=<optimized out>, data=<optimized out>)
at packet.c:779
#7 0x00007fffeb384d5c in dissector_try_string_new (sub_dissectors=<optimized
out>, string=0x7fffef84dd40 <.str.773> "application/vnd.wap.mms-message",
tvb=0x61d00001bc00, pinfo=0x7fffeeb7f0e0 <.str.212>,
tree=0x0, add_proto_name=1, data=0x0) at packet.c:1660
#8 dissector_try_string (sub_dissectors=<optimized out>, string=<optimized
out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>,
data=<optimized out>) at packet.c:1685
#9 0x00007fffece060f5 in dissect_wsp_common (tvb=<optimized out>,
pinfo=<optimized out>, tree=0x0, dissector_handle=<optimized out>,
is_connectionless=<optimized out>) at packet-wsp.c:5018
#10 0x00007fffecded45e in dissect_wsp_fromudp (tvb=0x61d00001c720,
pinfo=0x61400000fa58, tree=0x0, data=<optimized out>) at packet-wsp.c:5054
#11 0x00007fffeb392292 in call_dissector_through_handle (handle=<optimized
out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>,
data=<optimized out>) at packet.c:694
#12 0x00007fffeb3830bc in call_dissector_work (handle=0x7ffe5168c4a0,
tvb=0x61d00001c720, pinfo_arg=<optimized out>, tree=<optimized out>,
add_proto_name=<optimized out>, data=<optimized out>)
at packet.c:779
Credit goes to: Otto Airamo and Antti Levomäki, Forcepoint
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
