Wireshark-bugs: [Wireshark-bugs] [Bug 2682] Buildbot crash output: fuzz-2008-07-04-16393.pcap
Date: Mon, 7 Jul 2008 09:52:00 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2682


Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |DUPLICATE




--- Comment #2 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>  2008-07-07 09:51:58 PDT ---
Running tshark through valgrind gave me this error:

==22743== Invalid read of size 1
==22743==    at 0x5718ACD: tvb_uncompress (tvbuff.c:2897)
==22743==    by 0x58FD91D: dissect_http_message (packet-http.c:1052)
==22743==    by 0x58FDB20: dissect_http (packet-http.c:2040)
==22743==    by 0x56EFF0B: call_dissector_through_handle (packet.c:396)
==22743==    by 0x56F0550: call_dissector_work (packet.c:485)
==22743==    by 0x56F09D8: dissector_try_port (packet.c:870)
==22743==    by 0x5AE01A6: decode_tcp_ports (packet-tcp.c:2406)
==22743==    by 0x5AE04A2: process_tcp_payload (packet-tcp.c:2465)
==22743==    by 0x5AE0B25: dissect_tcp_payload (packet-tcp.c:1511)
==22743==    by 0x5AE27F4: dissect_tcp (packet-tcp.c:3195)
==22743==    by 0x56EFF0B: call_dissector_through_handle (packet.c:396)
==22743==    by 0x56F0550: call_dissector_work (packet.c:485)

which points to this code:

                        if (flags & (1 << 3)) {
                                /* A null terminated filename */

                                while (*c != '\0') {
                                        c++; <<<< this is line 2897
                                }

                                c++;
                        }

so it appears this is a dup of 2649.

*** This bug has been marked as a duplicate of bug 2649 ***


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.