[Wireshark-bugs] [Bug 16647] New: Buildbot crash output: fuzz-2020-06-21-1632.pcap

Sun, 21 Jun 2020 13:30:48 -0700 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16647

            Bug ID: 16647
           Summary: Buildbot crash output: fuzz-2020-06-21-1632.pcap
           Product: Wireshark
           Version: unspecified
          Hardware: x86-64
                OS: Ubuntu
            Status: CONFIRMED
          Severity: Major
          Priority: High
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2020-06-21-1632.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/16666-reassembly.pcapng

Build host information:
Linux build6 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.4 LTS
Release:        18.04
Codename:       bionic

Buildbot information:
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=5236
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_GOT_REVISION=78a507b142d1f10b54a379b1ceb837b9db687618

Return value:  0

Dissector bug:  0

Valgrind error count:  2



Git commit
commit 78a507b142d1f10b54a379b1ceb837b9db687618
Author: Guy Harris <ghar...@sonic.net>
Date:   Sat Jun 20 18:33:42 2020 -0700

    VRT: fix the type of elements of an array of pointers to hf_ values.

    "int * const a[]" means "array of const pointers to (non-const) int". so
    the array elements are all const; "const int *a[]" means "array of
    (non-const) pointrs to const int".

    Change-Id: I790f6ecb2d9616ff1ae9ca47364e1d5443e36ace
    Reviewed-on: https://code.wireshark.org/review/37528
    Petri-Dish: Guy Harris <ghar...@sonic.net>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Guy Harris <ghar...@sonic.net>


Command and args: ./tools/valgrind-wireshark.sh -b
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin
 
==23543== Memcheck, a memory error detector
==23543== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==23543== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==23543== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2020-06-21-1632.pcap
==23543== 
==23543== Use of uninitialised value of size 8
==23543==    at 0x8331638: wmem_map_lookup (wmem_map.c:264)
==23543==    by 0x77554F1: rtps_util_get_topic_info (packet-rtps.c:4493)
==23543==    by 0x7754CCC: rtps_util_topic_info_add_tree (packet-rtps.c:4513)
==23543==    by 0x774AFE6: dissect_ACKNACK (packet-rtps.c:8143)
==23543==    by 0x7749850: dissect_rtps_submessage_v1 (packet-rtps.c:10295)
==23543==    by 0x77494CA: dissect_rtps (packet-rtps.c:10547)
==23543==    by 0x7748AF2: dissect_rtps_udp (packet-rtps.c:10577)
==23543==    by 0x839F222: dissector_try_heuristic (packet.c:2815)
==23543==    by 0x7966475: decode_udp_ports (packet-udp.c:709)
==23543==    by 0x7968F19: dissect (packet-udp.c:1261)
==23543==    by 0x796727D: dissect_udp (packet-udp.c:1267)
==23543==    by 0x83A0F57: call_dissector_through_handle (packet.c:712)
==23543== 
==23543== 
==23543== HEAP SUMMARY:
==23543==     in use at exit: 43,319 bytes in 204 blocks
==23543==   total heap usage: 370,976 allocs, 370,772 frees, 41,954,579 bytes
allocated
==23543== 
==23543== LEAK SUMMARY:
==23543==    definitely lost: 0 bytes in 0 blocks
==23543==    indirectly lost: 0 bytes in 0 blocks
==23543==      possibly lost: 304 bytes in 1 blocks
==23543==    still reachable: 42,212 bytes in 170 blocks
==23543==         suppressed: 803 bytes in 33 blocks
==23543== Rerun with --leak-check=full to see details of leaked memory
==23543== 
==23543== For counts of detected and suppressed errors, rerun with: -v
==23543== Use --track-origins=yes to see where uninitialised values come from
==23543== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to