https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10585
Bug ID: 10585
Summary: Buildbot crash output: fuzz-2014-10-18-27943.pcap
Product: Wireshark
Version: unspecified
Hardware: x86-64
URL: https://www.wireshark.org/download/automated/captures/
fuzz-2014-10-18-27943.pcap
OS: Ubuntu
Status: CONFIRMED
Severity: Major
Priority: High
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: buildbot-do-not-re...@wireshark.org
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2014-10-18-27943.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/12694-AllJoynSample1.pcapng
Build host information:
Linux wsbb04 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty
Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3004
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=44d4339eb335b6d6f7a8ffad6846e82aba90b233
Return value: 0
Dissector bug: 0
Valgrind error count: 77
Git commit
commit 44d4339eb335b6d6f7a8ffad6846e82aba90b233
Author: Guy Harris <g...@alum.mit.edu>
Date: Thu Oct 16 23:20:52 2014 -0700
Don't use <ctype.h> macros, and eliminate an include of <ctype.h>.
This avoids locale-dependent tests, and fixes cases where we passed
signed char values to those macros (which is not safe with char being
signed, as it is on most, but not all, platforms).
Change-Id: I51d9716fe3eb02a6e98208334285c07597a6be79
Reviewed-on: https://code.wireshark.org/review/4761
Reviewed-by: Guy Harris <g...@alum.mit.edu>
Command and args: ./tools/valgrind-wireshark.sh
==26137== Memcheck, a memory error detector
==26137== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26137== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==26137== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-10-18-27943.pcap
==26137==
==26137== Invalid read of size 1
==26137== at 0x6719DBD: parse_arg (packet-alljoyn.c:1180)
==26137== by 0x671AA49: dissect_AllJoyn_message (packet-alljoyn.c:1387)
==26137== by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137== by 0x668DA94: call_dissector_work (packet.c:713)
==26137== by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137== by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137== by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137== by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137== by 0x6D8C3AB: dissect_tcp (packet-tcp.c:5000)
==26137== by 0x668D173: call_dissector_through_handle (packet.c:626)
==26137== by 0x668DA94: call_dissector_work (packet.c:713)
==26137== by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137== Address 0x11adc923 is 0 bytes after a block of size 3 alloc'd
==26137== at 0x4C2CE8E: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26137== by 0x9AC16AE: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==26137== by 0x71B3F70: wmem_simple_realloc (wmem_allocator_simple.c:90)
==26137== by 0x71B552C: wmem_strbuf_finalize (wmem_strbuf.c:252)
==26137== by 0x67197E8: parse_arg (packet-alljoyn.c:940)
==26137== by 0x671A8EB: dissect_AllJoyn_message (packet-alljoyn.c:1288)
==26137== by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137== by 0x668DA94: call_dissector_work (packet.c:713)
==26137== by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137== by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137== by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137== by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137==
==26137== Invalid read of size 1
==26137== at 0x6719D97: parse_arg (packet-alljoyn.c:1181)
==26137== by 0x671AA49: dissect_AllJoyn_message (packet-alljoyn.c:1387)
==26137== by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137== by 0x668DA94: call_dissector_work (packet.c:713)
==26137== by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137== by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137== by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137== by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137== by 0x6D8C3AB: dissect_tcp (packet-tcp.c:5000)
==26137== by 0x668D173: call_dissector_through_handle (packet.c:626)
==26137== by 0x668DA94: call_dissector_work (packet.c:713)
==26137== by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137== Address 0x11adc923 is 0 bytes after a block of size 3 alloc'd
==26137== at 0x4C2CE8E: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26137== by 0x9AC16AE: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==26137== by 0x71B3F70: wmem_simple_realloc (wmem_allocator_simple.c:90)
==26137== by 0x71B552C: wmem_strbuf_finalize (wmem_strbuf.c:252)
==26137== by 0x67197E8: parse_arg (packet-alljoyn.c:940)
==26137== by 0x671A8EB: dissect_AllJoyn_message (packet-alljoyn.c:1288)
==26137== by 0x668D1AE: call_dissector_through_handle (packet.c:622)
==26137== by 0x668DA94: call_dissector_work (packet.c:713)
==26137== by 0x668E14B: dissector_try_uint_new (packet.c:1145)
==26137== by 0x6D89D95: decode_tcp_ports (packet-tcp.c:4049)
==26137== by 0x6D8A13E: process_tcp_payload (packet-tcp.c:4107)
==26137== by 0x6D8A92F: dissect_tcp_payload (packet-tcp.c:1987)
==26137==
==26137==
==26137== HEAP SUMMARY:
==26137== in use at exit: 1,216,345 bytes in 29,624 blocks
==26137== total heap usage: 226,517 allocs, 196,893 frees, 28,677,589 bytes
allocated
==26137==
==26137== LEAK SUMMARY:
==26137== definitely lost: 5,385 bytes in 165 blocks
==26137== indirectly lost: 36,648 bytes in 49 blocks
==26137== possibly lost: 0 bytes in 0 blocks
==26137== still reachable: 1,174,312 bytes in 29,410 blocks
==26137== suppressed: 0 bytes in 0 blocks
==26137== Rerun with --leak-check=full to see details of leaked memory
==26137==
==26137== For counts of detected and suppressed errors, rerun with: -v
==26137== ERROR SUMMARY: 77 errors from 2 contexts (suppressed: 0 from 0)
[ no debug trace ]
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
