[Wireshark-bugs] [Bug 13187] New: Buildbot crash output: fuzz-2016-11-30-31444.pcap

Wed, 30 Nov 2016 01:41:16 -0800 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13187

            Bug ID: 13187
           Summary: Buildbot crash output: fuzz-2016-11-30-31444.pcap
           Product: Wireshark
           Version: unspecified
          Hardware: x86-64
               URL: https://www.wireshark.org/download/automated/captures/
                    fuzz-2016-11-30-31444.pcap
                OS: Ubuntu
            Status: CONFIRMED
          Severity: Major
          Priority: High
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: buildbot-do-not-re...@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-11-30-31444.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/11275-cops-fuzz-test.pcap

Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:    16.04
Codename:    xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3800
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=7fe45cc0ec4e8bc1c3d5cd27c98feb8ecbb2b1b4

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 7fe45cc0ec4e8bc1c3d5cd27c98feb8ecbb2b1b4
Author: Peter Wu <pe...@lekensteyn.nl>
Date:   Wed Nov 23 16:28:34 2016 +0100

    Qt: fix GoToPacket when Voip Calls dialog is closed

    After opening the Call Flows dialog from the Voip Calls dialog, followed
    by closing the Voip Calls dialog, the Go To Packet functionality in the
    Call Flows dialog is broken. That happens because the signal is not
    proxied anymore.

    Just remove all these indirections via signals and directly update the
    selected packet.

    Change-Id: I9c6d519dbe800e4dfdf0407d832f17819b344e46
    Reviewed-on: https://code.wireshark.org/review/18933
    Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
    Tested-by: Petri Dish Buildbot <buildbot-no-re...@wireshark.org>
    Reviewed-by: Gerald Combs <ger...@wireshark.org>


==16247== Memcheck, a memory error detector
==16247== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==16247== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==16247== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-11-30-31444.pcap
==16247== 
==16247== Conditional jump or move depends on uninitialised value(s)
==16247==    at 0x6B9C8F4: dissect_cops_pdu (packet-cops.c:1102)
==16247==    by 0x718E655: tcp_dissect_pdus (packet-tcp.c:3468)
==16247==    by 0x6B9B2C1: dissect_cops (packet-cops.c:1134)
==16247==    by 0x69ACDB5: call_dissector_through_handle (packet.c:650)
==16247==    by 0x69ACDB5: call_dissector_work (packet.c:725)
==16247==    by 0x69ACC7E: dissector_try_uint_new (packet.c:1290)
==16247==    by 0x718EB6F: decode_tcp_ports (packet-tcp.c:5420)
==16247==    by 0x718FE8F: process_tcp_payload (packet-tcp.c:5483)
==16247==    by 0x718F3E8: desegment_tcp (packet-tcp.c:2990)
==16247==    by 0x718F3E8: dissect_tcp_payload (packet-tcp.c:5550)
==16247==    by 0x7193E57: dissect_tcp (packet-tcp.c:6434)
==16247==    by 0x69ACDB5: call_dissector_through_handle (packet.c:650)
==16247==    by 0x69ACDB5: call_dissector_work (packet.c:725)
==16247==    by 0x69ACC7E: dissector_try_uint_new (packet.c:1290)
==16247==    by 0x6DDD922: ip_try_dissect (packet-ip.c:1978)
==16247==    by 0x6DDD922: dissect_ip_v4 (packet-ip.c:2441)
==16247== 
==16247== 
==16247== HEAP SUMMARY:
==16247==     in use at exit: 6,085,520 bytes in 9,731 blocks
==16247==   total heap usage: 266,061 allocs, 256,330 frees, 37,344,896 bytes
allocated
==16247== 
==16247== LEAK SUMMARY:
==16247==    definitely lost: 456 bytes in 90 blocks
==16247==    indirectly lost: 384 bytes in 3 blocks
==16247==      possibly lost: 0 bytes in 0 blocks
==16247==    still reachable: 6,084,680 bytes in 9,638 blocks
==16247==         suppressed: 0 bytes in 0 blocks
==16247== Rerun with --leak-check=full to see details of leaked memory
==16247== 
==16247== For counts of detected and suppressed errors, rerun with: -v
==16247== Use --track-origins=yes to see where uninitialised values come from
==16247== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.

___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to