Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 4101] Buildbot crash output: fuzz-2009-10-07-16985.pcap

[bugzilla-daemon@xxxxxxxxxxxxx]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4101


Kovarththanan Rajaratnam <kovarththanan.rajaratnam@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kovarththanan.rajaratnam@gma
                   |                            |il.com




--- Comment #1 from Kovarththanan Rajaratnam <kovarththanan.rajaratnam@xxxxxxxxx>  2009-10-08 08:05:50 PDT ---
The callstack:

#0  0xb6567bc6 in tvb_new_subset (backing=0x0, backing_offset=0, 
    backing_length=-1, reported_length=-1) at tvbuff.c:522
#1  0xb682dd0e in dissect_gssapi_work (tvb=0xa7b64a8, pinfo=0xbfcc4044, 
    tree=0x0, is_verifier=0) at packet-gssapi.c:336
#2  0xb682dfb2 in wrap_dissect_gssapi (tvb=0xa771020, offset=0, 
    pinfo=0xbfcc4044, tree=0x0, drep=0xbfcc2dd8 "\020") at packet-gssapi.c:595
#3  0xb67104ef in dissect_auth_verf (auth_tvb=0xa771020, pinfo=0xbfcc4044, 
    tree=0x0, auth_fns=0xa1ae29c, hdr=0xbfcc2dd4, auth_info=0xbfcc2dfc)
    at packet-dcerpc.c:624
#4  0xb6710c2f in dissect_dcerpc_cn_auth (tvb=0xa7b6678, 
    stub_offset=<value optimized out>, pinfo=0xbfcc4044, dcerpc_tree=0x0, 
    hdr=0xbfcc2dd4, are_credentials=1, auth_info=0xbfcc2dfc)
    at packet-dcerpc.c:2621
#5  0xb6716344 in dissect_dcerpc_cn (tvb=<value optimized out>, offset=0, 
    pinfo=0xbfcc4044, tree=0x0, can_desegment=1, pkt_len=0xbfcc2f74)
    at packet-dcerpc.c:4177
#6  0xb67182c6 in dissect_dcerpc_cn_bs_body (tvb=0xa7b6640, pinfo=0xbfcc4044, 
    tree=0x0) at packet-dcerpc.c:4239
#7  0xb653733e in dissector_try_heuristic (sub_dissectors=0xa19b910, 
    tvb=0xa7b6640, pinfo=0xbfcc4044, tree=0x0) at packet.c:1639
#8  0xb6af4961 in dissect_pipe_dcerpc (d_tvb=0xa7b6640, pinfo=0xbfcc4044, 
    parent_tree=0x0, tree=0x0, fid=16384) at packet-smb-pipe.c:3345
#9  0xb6af4ffd in dissect_pipe_smb (sp_tvb=0xa7b6790, s_tvb=0xa4a1038, 
    pd_tvb=0xa7b66e8, p_tvb=0x0, d_tvb=0xa7b6640, pipe=0xb41a25d6 "", 
    pinfo=0xbfcc4044, tree=0x0) at packet-smb-pipe.c:3700
#10 0xb6b16a11 in dissect_transaction_request (tvb=0xa759ae0, 
    pinfo=0xbfcc4044, tree=0x0, offset=164, smb_tree=0x0) at packet-smb.c:13314
#11 0xb6afa5e0 in dissect_smb_command (tvb=0xa759ae0, pinfo=0xbfcc4044, 
    offset=32, smb_tree=0x0, cmd=37 '%', first_pdu=1) at packet-smb.c:15818
#12 0xb6afb4c1 in dissect_smb (tvb=0xa759ae0, pinfo=0xbfcc4044, 
    parent_tree=0x0) at packet-smb.c:16883
#13 0xb6afbcbe in dissect_smb_heur (tvb=0xa759ae0, pinfo=0xbfcc4044, 
    parent_tree=0x0) at packet-smb.c:16932
#14 0xb653733e in dissector_try_heuristic (sub_dissectors=0xa19b900, 
    tvb=0xa759ae0, pinfo=0xbfcc4044, tree=0x0) at packet.c:1639
#15 0xb69a497d in dissect_netbios_payload (tvb=0xa759ae0, pinfo=0xbfcc4044, 
    tree=0x0) at packet-netbios.c:1078
#16 0xb695e391 in dissect_nbss_packet (tvb=0xa771238, 
    offset=<value optimized out>, pinfo=0xbfcc4044, tree=0x0, is_cifs=1)
    at packet-nbns.c:1605
#17 0xb695e5b6 in dissect_nbss (tvb=0xa771238, pinfo=0xbfcc4044, tree=0x0)
    at packet-nbns.c:1787
#18 0xb65371e5 in call_dissector_through_handle (handle=0x9dceeb8, 
    tvb=0xa771238, pinfo=0xbfcc4044, tree=0x0) at packet.c:406
#19 0xb65379be in call_dissector_work (handle=0x9dceeb8, tvb=0xa771238, 
    pinfo_arg=0xbfcc4044, tree=0x0, add_proto_name=1) at packet.c:497
#20 0xb6538bc9 in dissector_try_port_new (sub_dissectors=0x9f42d10, port=445, 
    tvb=0xa771238, pinfo=0xbfcc4044, tree=0x0, add_proto_name=1)
    at packet.c:906
#21 0xb6538c31 in dissector_try_port (sub_dissectors=0x9f42d10, port=445, 
    tvb=0xa771238, pinfo=0xbfcc4044, tree=0x0) at packet.c:932
#22 0xb6b5ef91 in decode_tcp_ports (tvb=0xa76d880, offset=20, 
    pinfo=0xbfcc4044, tree=0x0, src_port=2388, dst_port=445, tcpd=0xb3328268)
    at packet-tcp.c:2836
#23 0xb6b5f31a in process_tcp_payload (tvb=0xa76d880, offset=20, 
    pinfo=0xbfcc4044, tree=0x0, tcp_tree=0x0, src_port=2388, dst_port=445, 
    seq=0, nxtseq=0, is_tcp_segment=0, tcpd=0xb3328268) at packet-tcp.c:2895
#24 0xb6b5f87c in dissect_tcp_payload (tvb=0xa76d880, pinfo=0xbfcc4044, 
    offset=20, seq=3804, nxtseq=3972, sport=2388, dport=445, tree=0x0, 
    tcp_tree=0x0, tcpd=0xb3328268) at packet-tcp.c:1630
#25 0xb6b6156b in dissect_tcp (tvb=0xa76d880, pinfo=0xbfcc4044, tree=0x0)
    at packet-tcp.c:3641
#26 0xb65371e5 in call_dissector_through_handle (handle=0xa1f4b20, 
    tvb=0xa76d880, pinfo=0xbfcc4044, tree=0x0) at packet.c:406
#27 0xb65379be in call_dissector_work (handle=0xa1f4b20, tvb=0xa76d880, 
    pinfo_arg=0xbfcc4044, tree=0x0, add_proto_name=1) at packet.c:497
#28 0xb6538bc9 in dissector_try_port_new (sub_dissectors=0x9d8ca50, port=6, 
    tvb=0xa76d880, pinfo=0xbfcc4044, tree=0x0, add_proto_name=1)
    at packet.c:906
#29 0xb6538c31 in dissector_try_port (sub_dissectors=0x9d8ca50, port=6, 
    tvb=0xa76d880, pinfo=0xbfcc4044, tree=0x0) at packet.c:932
#30 0xb6897bfe in dissect_ip (tvb=0xa7b6550, pinfo=0xbfcc4044, parent_tree=0x0)
    at packet-ip.c:1676
#31 0xb65371e5 in call_dissector_through_handle (handle=0x9d98150, 
    tvb=0xa7b6550, pinfo=0xbfcc4044, tree=0x0) at packet.c:406
#32 0xb65379be in call_dissector_work (handle=0x9d98150, tvb=0xa7b6550, 
    pinfo_arg=0xbfcc4044, tree=0x0, add_proto_name=1) at packet.c:497
#33 0xb6538bc9 in dissector_try_port_new (sub_dissectors=0x9cfd448, port=2048, 
    tvb=0xa7b6550, pinfo=0xbfcc4044, tree=0x0, add_proto_name=1)
    at packet.c:906
#34 0xb6538c31 in dissector_try_port (sub_dissectors=0x9cfd448, port=2048, 
    tvb=0xa7b6550, pinfo=0xbfcc4044, tree=0x0) at packet.c:932
#35 0xb6788ba5 in ethertype (etype=2048, tvb=0xa771388, offset_after_etype=14, 
    pinfo=0xbfcc4044, tree=0x0, fh_tree=0x0, etype_id=16395, trailer_id=16397, 
    fcs_len=-1) at packet-ethertype.c:247
#36 0xb6787c5f in dissect_eth_common (tvb=0xa771388, pinfo=0xbfcc4044, 
    parent_tree=0x0, fcs_len=-1) at packet-eth.c:341
#37 0xb65371e5 in call_dissector_through_handle (handle=0x9cfd3f0, 
    tvb=0xa771388, pinfo=0xbfcc4044, tree=0x0) at packet.c:406
#38 0xb65379be in call_dissector_work (handle=0x9cfd3f0, tvb=0xa771388, 
    pinfo_arg=0xbfcc4044, tree=0x0, add_proto_name=1) at packet.c:497
#39 0xb6538bc9 in dissector_try_port_new (sub_dissectors=0x9d161d0, port=1, 
    tvb=0xa771388, pinfo=0xbfcc4044, tree=0x0, add_proto_name=1)
    at packet.c:906
#40 0xb6538c31 in dissector_try_port (sub_dissectors=0x9d161d0, port=1, 
    tvb=0xa771388, pinfo=0xbfcc4044, tree=0x0) at packet.c:932
#41 0xb67cd389 in dissect_frame (tvb=0xa771388, pinfo=0xbfcc4044, 
    parent_tree=0x0) at packet-frame.c:325
#42 0xb65371e5 in call_dissector_through_handle (handle=0x9d161e8, 
    tvb=0xa771388, pinfo=0xbfcc4044, tree=0x0) at packet.c:406
#43 0xb65379be in call_dissector_work (handle=0x9d161e8, tvb=0xa771388, 
    pinfo_arg=0xbfcc4044, tree=0x0, add_proto_name=1) at packet.c:497
#44 0xb6537b5a in call_dissector (handle=0x9d161e8, tvb=0xa771388, 
    pinfo=0xbfcc4044, tree=0x0) at packet.c:1835
#45 0xb65396b7 in dissect_packet (edt=0xbfcc403c, pseudo_header=0xa617934, 
    pd=0xa62d850 "", fd=0xa7bc570, cinfo=0x0) at packet.c:337
#46 0xb652da5e in epan_dissect_run (edt=0xbfcc403c, pseudo_header=0xa617934, 
    data=0xa62d850 "", fd=0xa7bc570, cinfo=0x0) at epan.c:198
#47 0x080796b3 in add_packet_to_packet_list (fdata=0xa7bc570, cf=0x81d5660, 
    dfcode=0x0, filtering_tap_listeners=0, tap_flags=0, 
    pseudo_header=0xa617934, buf=0xa62d850 "", refilter=1, 
    add_to_packet_list=1) at file.c:1112
#48 0x0807adfe in read_packet (cf=0x81d5660, dfcode=0x0, 
    filtering_tap_listeners=0, tap_flags=0, offset=1535142) at file.c:1370
#49 0x0807b8e5 in cf_read (cf=0x81d5660) at file.c:615
#50 0x0809192e in main (argc=Cannot access memory at address 0x0
) at main.c:2665


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.