https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15709
Bug ID: 15709
Summary: ISAKMP: Segmentation fault with non-hex string for
IKEv1 Decryption Table Initiator Cookie
Product: Wireshark
Version: Git
Hardware: x86
OS: Mac OS X 10.4
Status: UNCONFIRMED
Severity: Major
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: u...@heilmeier.eu
Target Milestone: ---
Build Information:
Wireshark 3.0.0 (v3.0.0-0-g937e33de)
Compiled (64-bit) with Qt 5.12.1, with libpcap, without POSIX capabilities,
with
GLib 2.37.6, with zlib 1.2.8, with SMI 0.4.8, with c-ares 1.15.0, with Lua
5.2.4, with GnuTLS 3.4.17, with Gcrypt 1.7.7, with MIT Kerberos, with MaxMind
DB
resolver, with nghttp2 1.21.0, with LZ4, with Snappy, with libxml2 2.9.9, with
QtMultimedia, with SBC, with SpanDSP, with bcg729.
Running on Mac OS X 10.14.4, build 18E226 (Darwin 18.5.0), with Intel(R)
Core(TM) i5-6500 CPU @ 3.20GHz (with SSE4.2), with 16384 MB of physical memory,
with locale C, with libpcap version 1.8.1 -- Apple version 79.250.1, with
GnuTLS
3.4.17, with Gcrypt 1.7.7, with zlib 1.2.11, binary plugins supported (0
loaded).
Built using clang 4.2.1 Compatible Apple LLVM 10.0.0 (clang-1000.11.45.5).
--
After pasting a non-hex string as IKEv1 Decryption Table Initiator Cookie (see
bug 15693) and saving it WS crashes with a segmentation fault:
Process: Wireshark [85748]
Path: /Applications/Wireshark.app/Contents/MacOS/Wireshark
Identifier: org.wireshark.Wireshark
Version: 3.0.0 (3.0.0)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: Wireshark [85748]
User ID: 502
Date/Time: 2019-04-18 11:42:05.154 +0200
OS Version: Mac OS X 10.14.4 (18E226)
Report Version: 12
Anonymous UUID: 699C678B-0763-2EB0-B6CC-4F6B26F4EEC6
Sleep/Wake UUID: 8DD62768-822F-4CB8-A32E-8DD16F875D9A
Time Awake Since Boot: 390000 seconds
Time Since Wake: 440 seconds
System Integrity Protection: enabled
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [85748]
VM Regions Near 0:
-->
__TEXT 000000010ecba000-000000010f301000 [ 6428K] r-x/rwx
SM=COW /Applications/Wireshark.app/Contents/MacOS/Wireshark
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libwireshark.12.dylib 0x0000000110b52048 isakmp_init_protocol
+ 104 (packet-isakmp.c:5811)
1 libglib-2.0.0.dylib 0x0000000110241f6d g_slist_foreach + 45
(gslist.c:893)
2 libwireshark.12.dylib 0x00000001115593e8 init_dissection + 40
(packet.c:331)
3 libwireshark.12.dylib 0x000000011154efb4 epan_new + 68
(epan.c:386)
4 org.wireshark.Wireshark 0x000000010f0041b4 rescan_packets + 356
5 org.wireshark.Wireshark 0x000000010ee063b3
MainWindow::redissectPackets() + 67
6 org.qt-project.QtCore 0x0000000116e362c1
QObject::event(QEvent*) + 753
7 org.qt-project.QtWidgets 0x000000010f7fcf3a
QWidget::event(QEvent*) + 4746
8 org.qt-project.QtWidgets 0x000000010f90d0f5
QMainWindow::event(QEvent*) + 277
9 org.qt-project.QtWidgets 0x000000010f7c02cd
QApplicationPrivate::notify_helper(QObject*, QEvent*) + 269
10 org.qt-project.QtWidgets 0x000000010f7c16d2
QApplication::notify(QObject*, QEvent*) + 594
11 org.qt-project.QtCore 0x0000000116e0ca04
QCoreApplication::notifyInternal2(QObject*, QEvent*) + 212
12 org.qt-project.QtCore 0x0000000116e0dc3e
QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) + 878
13 libqcocoa.dylib 0x00000001192b0759 0x119281000 + 194393
14 libqcocoa.dylib 0x00000001192b0fd0 0x119281000 + 196560
15 com.apple.CoreFoundation 0x00007fff2c2905e3
__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
16 com.apple.CoreFoundation 0x00007fff2c290589 __CFRunLoopDoSource0
+ 108
17 com.apple.CoreFoundation 0x00007fff2c273f3b
__CFRunLoopDoSources0 + 195
18 com.apple.CoreFoundation 0x00007fff2c273505 __CFRunLoopRun +
1189
19 com.apple.CoreFoundation 0x00007fff2c272e0e CFRunLoopRunSpecific
+ 455
20 com.apple.HIToolbox 0x00007fff2b55f9db
RunCurrentEventLoopInMode + 292
21 com.apple.HIToolbox 0x00007fff2b55f715
ReceiveNextEventCommon + 603
22 com.apple.HIToolbox 0x00007fff2b55f4a6
_BlockUntilNextEventMatchingListInModeWithFilter + 64
23 com.apple.AppKit 0x00007fff298f9ffb _DPSNextEvent + 965
24 com.apple.AppKit 0x00007fff298f8d93
-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:]
+ 1361
25 com.apple.AppKit 0x00007fff298f2eb0 -[NSApplication run]
+ 699
26 libqcocoa.dylib 0x00000001192afe2b 0x119281000 + 192043
27 org.qt-project.QtCore 0x0000000116e0806f
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 431
28 org.qt-project.QtCore 0x0000000116e0d012
QCoreApplication::exec() + 130
29 org.wireshark.Wireshark 0x000000010edcdd87 main + 3991
30 libdyld.dylib 0x00007fff586e73d5 start + 1
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
