Wireshark-bugs: [Wireshark-bugs] [Bug 5818] New: buffer overflow occurred while capturing on eth
Date: Mon, 11 Apr 2011 07:50:45 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5818

           Summary: buffer overflow occurred while capturing on ethernet
           Product: Wireshark
           Version: 1.4.4
          Platform: x86
        OS/Version: Gentoo
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: shett@xxxxxxxxxxx


Build Information:
wireshark 1.4.4

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.1, with GLib 2.26.1, with libpcap 1.1.1, with
libz 1.2.5, with POSIX capabilities (Linux), with libpcre (version unknown),
without SMI, without c-ares, without ADNS, without Lua, with Python, with
GnuTLS
2.10.4, without Gcrypt, without Kerberos, without GeoIP, without PortAudio,
without AirPcap.

Running on Linux 2.6.36-gentoo-r8, with libpcap version 1.1.1, with libz 1.2.5,
GnuTLS 2.10.5.

Built using gcc 4.4.5.
--
Overview:
While capturing traffic on an eth0 as root an buffer overflow occurred and
wireshark terminated.

I ran rtorrent and wanted to watch the packets flowing from my home server
(which acts as an gateway between two subnets) but then:

server verwalter # *** buffer overflow detected ***: wireshark terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x50)[0xb4f94cc0]
/lib/libc.so.6(+0xe1d1a)[0xb4f92d1a]
/usr/lib/libwireshark.so.0(+0x747587)[0xb5dc6587]
/usr/lib/libwireshark.so.0(+0x549736)[0xb5bc8736]
/usr/lib/libwireshark.so.0(+0x549eda)[0xb5bc8eda]
/usr/lib/libwireshark.so.0(dissector_try_port_new+0x4b)[0xb5bca15b]
/usr/lib/libwireshark.so.0(dissector_try_port+0x41)[0xb5bca1d1]
/usr/lib/libwireshark.so.0(ethertype+0x465)[0xb5e20c75]
/usr/lib/libwireshark.so.0(+0xaf90b9)[0xb61780b9]
/usr/lib/libwireshark.so.0(+0x549736)[0xb5bc8736]
/usr/lib/libwireshark.so.0(+0x549eda)[0xb5bc8eda]
/usr/lib/libwireshark.so.0(dissector_try_port_new+0x4b)[0xb5bca15b]
/usr/lib/libwireshark.so.0(dissector_try_port+0x41)[0xb5bca1d1]
/usr/lib/libwireshark.so.0(+0x7e00b0)[0xb5e5f0b0]
/usr/lib/libwireshark.so.0(+0x549736)[0xb5bc8736]
/usr/lib/libwireshark.so.0(+0x549eda)[0xb5bc8eda]
/usr/lib/libwireshark.so.0(call_dissector+0x3a)[0xb5bc90da]
/usr/lib/libwireshark.so.0(dissect_packet+0x2a9)[0xb5bcac79]
/usr/lib/libwireshark.so.0(epan_dissect_run+0x3e)[0xb5bc07be]
wireshark[0x80a4e17]
wireshark[0x80a435d]
/usr/lib/libgtk-x11-2.0.so.0(gtk_tree_view_column_cell_set_cell_data+0x1c2)[0xb54cfe62]
/usr/lib/libgtk-x11-2.0.so.0(+0x2509e9)[0xb54c99e9]
/usr/lib/libgtk-x11-2.0.so.0(+0x252939)[0xb54cb939]
/usr/lib/libgtk-x11-2.0.so.0(+0x13b564)[0xb53b4564]
/usr/lib/libgobject-2.0.so.0(+0xc1f7)[0xb514a1f7]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x192)[0xb514bb82]
/usr/lib/libgobject-2.0.so.0(+0x23f56)[0xb5161f56]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x5db)[0xb51635ab]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x32)[0xb5163bb2]
/usr/lib/libgtk-x11-2.0.so.0(+0x268066)[0xb54e1066]
/usr/lib/libgtk-x11-2.0.so.0(gtk_main_do_event+0x61b)[0xb53ae20b]
/usr/lib/libgdk-x11-2.0.so.0(+0x3e26f)[0xb521e26f]
/usr/lib/libgdk-x11-2.0.so.0(+0x3e21e)[0xb521e21e]
/usr/lib/libgdk-x11-2.0.so.0(+0x3e21e)[0xb521e21e]
/usr/lib/libgdk-x11-2.0.so.0(+0x67314)[0xb5247314]
/usr/lib/libgdk-x11-2.0.so.0(+0x3aa24)[0xb521aa24]
/usr/lib/libgdk-x11-2.0.so.0(gdk_window_process_updates+0x150)[0xb521f6f0]
/usr/lib/libgtk-x11-2.0.so.0(+0x24a12d)[0xb54c312d]
/usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__VOID+0x7c)[0xb515b6ec]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x192)[0xb514bb82]
/usr/lib/libgobject-2.0.so.0(+0x24305)[0xb5162305]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x75c)[0xb516372c]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x32)[0xb5163bb2]
/usr/lib/libgtk-x11-2.0.so.0(gtk_adjustment_value_changed+0x8a)[0xb52e129a]
/usr/lib/libgtk-x11-2.0.so.0(+0x23ca8a)[0xb54b5a8a]
/usr/lib/libgtk-x11-2.0.so.0(+0x24ac5e)[0xb54c3c5e]
/usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__BOXED+0x88)[0xb515ad58]
/usr/lib/libgobject-2.0.so.0(+0xc1f7)[0xb514a1f7]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0xc0)[0xb514bab0]
/usr/lib/libgobject-2.0.so.0(+0x23baa)[0xb5161baa]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x75c)[0xb516372c]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x32)[0xb5163bb2]
/usr/lib/libgtk-x11-2.0.so.0(gtk_widget_size_allocate+0x164)[0xb54e60b4]
/usr/lib/libgtk-x11-2.0.so.0(+0x1a2a59)[0xb541ba59]
/usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__BOXED+0x88)[0xb515ad58]
/usr/lib/libgobject-2.0.so.0(+0xc1f7)[0xb514a1f7]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0xc0)[0xb514bab0]
/usr/lib/libgobject-2.0.so.0(+0x23baa)[0xb5161baa]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x75c)[0xb516372c]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x32)[0xb5163bb2]
/usr/lib/libgtk-x11-2.0.so.0(gtk_widget_size_allocate+0x164)[0xb54e60b4]
/usr/lib/libgtk-x11-2.0.so.0(+0x167500)[0xb53e0500]
======= Memory map: ========
08048000-081ad000 r-xp 00000000 16:03 547166     /usr/bin/wireshark
081ad000-081ae000 r--p 00164000 16:03 547166     /usr/bin/wireshark
081ae000-081c1000 rw-p 00165000 16:03 547166     /usr/bin/wireshark
081c1000-1357c000 rw-p 00000000 00:00 0          [heap]
a7cfd000-a7efe000 rw-p 00000000 00:00 0 
a7efe000-a7f23000 rw-p 00000000 00:00 0 
a7f23000-a7f24000 ---p 00000000 00:00 0 
a7f24000-a8921000 rw-p 00000000 00:00 0 
a8921000-a8922000 ---p 00000000 00:00 0 
a8922000-aa4cf000 rw-p 00000000 00:00 0 
aa4cf000-aa4d0000 ---p 00000000 00:00 0 
aa4d0000-aaecd000 rw-p 00000000 00:00 0 
aaecd000-aaece000 ---p 00000000 00:00 0 
aaece000-ab0cf000 rw-p 00000000 00:00 0 
ab0d0000-aba09000 rw-p 00000000 00:00 0 
aba09000-aba0a000 ---p 00000000 00:00 0 
aba0a000-ac407000 rw-p 00000000 00:00 0 
ac407000-ac408000 ---p 00000000 00:00 0 
ac4cf000-ac4eb000 r-xp 00000000 16:03 615709    
/usr/lib/gcc/i686-pc-linux-gnu/4.4.5/libgcc_s.so.1
ac4eb000-ac4ec000 r--p 0001c000 16:03 615709    
/usr/lib/gcc/i686-pc-linux-gnu/4.4.5/libgcc_s.so.1
ac4ec000-ac4ed000 rw-p 0001d000 16:03 615709    
/usr/lib/gcc/i686-pc-linux-gnu/4.4.5/libgcc_s.so.1
ac504000-ac50a000 rw-p 00000000 00:00 0 
ac50d000-ad951000 rw-p 00000000 00:00 0 
ad958000-ad9b2000 rw-p 00000000 00:00 0 
ad9b2000-ada01000 r--p 00000000 16:03 563298    
/usr/share/fonts/dejavu/DejaVuSansMono.ttf
ada01000-ada02000 rw-p 00000000 00:00 0 
ada02000-ada03000 ---p 00000000 00:00 0 
ada03000-ae400000 rw-p 00000000 00:00 0 
ae400000-ae401000 ---p 00000000 00:00 0 
ae401000-b17c3000 r--p 00000000 16:03 640755    
/usr/share/icons/gnome/icon-theme.cache
b17c3000-b19c8000 r--p 00000000 16:03 636500    
/usr/share/icons/hicolor/icon-theme.cache
b19c8000-b1a2d000 rw-p 00000000 00:00 0 
b1a2d000-b1a7b000 rw-p 00000000 00:00 0 
b1a7b000-b1a8f000 r--p 00000000 16:03 646028    
/usr/share/locale/de/LC_MESSAGES/glib20.mo
b1a8f000-b1a9d000 r-xp 00000000 16:03 547031    
/usr/lib/wireshark/plugins/1.4.4/wimaxasncp.so
b1a9d000-b1a9e000 r--p 0000d000 16:03 547031    
/usr/lib/wireshark/plugins/1.4.4/wimaxasncp.so
b1a9e000-b1a9f000 rw-p 0000e000 16:03 547031    
/usr/lib/wireshark/plugins/1.4.4/wimaxasncp.so
b1a9f000-b1aa1000 r-xp 00000000 16:03 547042    
/usr/lib/wireshark/plugins/1.4.4/interlink.so
b1aa1000-b1aa2000 r--p 00001000 16:03 547042    
/usr/lib/wireshark/plugins/1.4.4/interlink.so
b1aa2000-b1aa3000 rw-p 00002000 16:03 547042    
/usr/lib/wireshark/plugins/1.4.4/interlink.so
b1aa3000-b1ae1000 r-xp 00000000 16:03 547025    
/usr/lib/wireshark/plugins/1.4.4/profinet.so
b1ae1000-b1ae2000 ---p 0003e000 16:03 547025    
/usr/lib/wireshark/plugins/1.4.4/profinet.so
b1ae2000-b1ae5000 r--p 0003e000 16:03 547025    
/usr/lib/wireshark/plugins/1.4.4/profinet.so
b1ae5000-b1af0000 rw-p 00041000 16:03 547025    
/usr/lib/wireshark/plugins/1.4.4/profinet.so
b1af0000-b1afa000 r-xp 00000000 16:03 547040    
/usr/lib/wireshark/plugins/1.4.4/tango.so
b1afa000-b1afb000 ---p 0000a000 16:03 547040    
/usr/lib/wireshark/plugins/1.4.4/tango.so
b1afb000-b1afc000 r--p 0000a000 16:03 547040    
/usr/lib/wireshark/plugins/1.4.4/tango.so
b1afc000-b1afd000 rw-p 0000b000 16:03 547040    
/usr/lib/wireshark/plugins/1.4.4/tango.so
b1afd000-b1b26000 r-xp 00000000 16:03 547027    
/usr/lib/wireshark/plugins/1.4.4/opcua.so
b1b26000-b1b28000 r--p 00028000 16:03 547027    
/usr/lib/wireshark/plugins/1.4.4/opcua.so
b1b28000-b1b30000 rw-p 0002a000 16:03 547027    
/usr/lib/wireshark/plugins/1.4.4/opcua.so
b1b30000-b1be7000 r-xp 00000000 16:03 547044    
/usr/lib/wireshark/plugins/1.4.4/parlay.so
b1be7000-b1be9000 r--p 000b7000 16:03 547044    
/usr/lib/wireshark/plugins/1.4.4/parlay.so
b1be9000-b1bea000 rw-p 000b9000 16:03 547044    
/usr/lib/wireshark/plugins/1.4.4/parlay.so
b1bea000-b1bf2000 r-xp 00000000 16:03 547023    
/usr/lib/wireshark/plugins/1.4.4/sercosiii.so
b1bf2000-b1bf4000 r--p 00007000 16:03 547023    
/usr/lib/wireshark/plugins/1.4.4/sercosiii.so
b1bf4000-b1bf5000 rw-p 00009000 16:03 547023    
/usr/lib/wireshark/plugins/1.4.4/sercosiii.so
b1bf5000-b1bf7000 rw-p 00000000 00:00 0 
b1bf7000-b1bf9000 r-xp 00000000 16:03 547048    
/usr/lib/wireshark/plugins/1.4.4/coseventcomm.so
b1bf9000-b1bfa000 r--p 00001000 16:03 547048    
/usr/lib/wireshark/plugins/1.4.4/coseventcomm.so
b1bfa000-b1bfb000 rw-p 00002000 16:03 547048    
/usr/lib/wireshark/plugins/1.4.4/coseventcomm.so
b1bfb000-b1c10000 r-xp 00000000 16:03 547050    
/usr/lib/wireshark/plugins/1.4.4/unistim.so
b1c10000-b1c12000 r--p 00014000 16:03 547050    
/usr/lib/wireshark/plugins/1.4.4/unistim.so
b1c12000-b1c17000 rw-p 00016000 16:03 547050    
/usr/lib/wireshark/plugins/1.4.4/unistim.so
b1c17000-b1c91000 r-xp 00000000 16:03 547018    
/usr/lib/wireshark/plugins/1.4.4/wimax.so
b1c91000-b1c94000 r--p 00079000 16:03 547018    
/usr/lib/wireshark/plugins/1.4.4/wimax.so
b1c94000-b1cae000 rw-p 0007c000 16:03 547018    
/usr/lib/wireshark/plugins/1.4.4/wimax.so
b1cae000-b1cc2000 r-xp 00000000 16:03 547010    
/usr/lib/wireshark/plugins/1.4.4/ethercat.so
b1cc2000-b1cc3000 r--p 00014000 16:03 547010    
/usr/lib/wireshark/plugins/1.4.4/ethercat.so
b1cc3000-b1cca000 rw-p 00015000 16:03 547010    
/usr/lib/wireshark/plugins/1.4.4/ethercat.so
b1cca000-b1cdb000 r-xp 00000000 16:03 547038    
/usr/lib/wireshark/plugins/1.4.4/asn1.so
b1cdb000-b1cdc000 r--p 00010000 16:03 547038    
/usr/lib/wireshark/plugins/1.4.4/asn1.so
b1cdc000-b1cdd000 rw-p 00011000 16:03 547038    
/usr/lib/wireshark/plugins/1.4.4/asn1.so
b1cdd000-b1ce1000 rw-p 00000000 00:00 0 
b1ce1000-b1cf7000 r-xp 00000000 16:03 547036    
/usr/lib/wireshark/plugins/1.4.4/mate.so
b1cf7000-b1cf8000 r--p 00015000 16:03 547036    
/usr/lib/wireshark/plugins/1.4.4/mate.so
b1cf8000-b1cf9000 rw-p 00016000 16:03 547036    
/usr/lib/wireshark/plugins/1.4.4/mate.so
b1cf9000-b1d0b000 rw-p 00000000 00:00 0 
b1d0b000-b1d0e000 r-xp 00000000 16:03 547020    
/usr/lib/wireshark/plugins/1.4.4/m2m.so
b1d0e000-b1d0f000 r--p 00002000 16:03 547020    
/usr/lib/wireshark/plugins/1.4.4/m2m.so

If I start wireshark via terminal, this Error is print:
[Errno 2] Datei oder Verzeichnis nicht gefunden:
'/usr/lib/wireshark/python/1.4.4/wspy_dissectors'

Linux server 2.6.36-gentoo-r8 #1 SMP Sun Apr 3 17:04:21 CEST 2011 i686 Intel(R)
Pentium(R) Dual CPU E2140 @ 1.60GHz GenuineIntel GNU/Linux

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.