Wireshark-bugs: [Wireshark-bugs] [Bug 8213] Capture file that crashes tshark in tshark.c
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 15 Jan 2013 16:48:31 +0000

changed bug 8213

What Removed Added
Status UNCONFIRMED CONFIRMED
CC   eapache@gmail.com
Ever confirmed   1

Comment # 1 on bug 8213 from 
Finally one I can reproduce :)

This looks like corruption of the emem internals via a bug in DCP-ETSI.

==20385== Invalid write of size 4
==20385==    at 0x655D4B7: dissect_pft (packet-dcp-etsi.c:296)
==20385==    by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385==    by 0x636E9AC: call_dissector_work (packet.c:549)
==20385==    by 0x636F4DE: dissector_try_string (packet.c:1228)
==20385==    by 0x655CA8C: dissect_dcp_etsi (packet-dcp-etsi.c:199)
==20385==    by 0x636FFDF: dissector_try_heuristic (packet.c:1807)
==20385==    by 0x69D636D: decode_udp_ports (packet-udp.c:279)
==20385==    by 0x69D69CF: dissect (packet-udp.c:593)
==20385==    by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385==    by 0x636E9AC: call_dissector_work (packet.c:549)
==20385==    by 0x636F1EF: dissector_try_uint_new (packet.c:969)
==20385==    by 0x636F246: dissector_try_uint (packet.c:995)
==20385==  Address 0x1230bd78 is 0 bytes after a block of size 232 alloc'd
==20385==    at 0x4C2CD7B: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==20385==    by 0x922E6C0: g_malloc (gmem.c:159)
==20385==    by 0x6361B65: emem_alloc_glib (emem.c:852)
==20385==    by 0x6361F3D: emem_alloc (emem.c:867)
==20385==    by 0x655D473: dissect_pft (packet-dcp-etsi.c:290)
==20385==    by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385==    by 0x636E9AC: call_dissector_work (packet.c:549)
==20385==    by 0x636F4DE: dissector_try_string (packet.c:1228)
==20385==    by 0x655CA8C: dissect_dcp_etsi (packet-dcp-etsi.c:199)
==20385==    by 0x636FFDF: dissector_try_heuristic (packet.c:1807)
==20385==    by 0x69D636D: decode_udp_ports (packet-udp.c:279)
==20385==    by 0x69D69CF: dissect (packet-udp.c:593)
==20385== 
==20385== Invalid write of size 4
==20385==    at 0x655D4D0: dissect_pft (packet-dcp-etsi.c:300)
==20385==    by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385==    by 0x636E9AC: call_dissector_work (packet.c:549)
==20385==    by 0x636F4DE: dissector_try_string (packet.c:1228)
==20385==    by 0x655CA8C: dissect_dcp_etsi (packet-dcp-etsi.c:199)
==20385==    by 0x636FFDF: dissector_try_heuristic (packet.c:1807)
==20385==    by 0x69D636D: decode_udp_ports (packet-udp.c:279)
==20385==    by 0x69D69CF: dissect (packet-udp.c:593)
==20385==    by 0x636E107: call_dissector_through_handle (packet.c:458)
==20385==    by 0x636E9AC: call_dissector_work (packet.c:549)
==20385==    by 0x636F1EF: dissector_try_uint_new (packet.c:969)
==20385==    by 0x636F246: dissector_try_uint (packet.c:995)
==20385==  Address 0x1230bdd4 is not stack'd, malloc'd or (recently) free'd

You are receiving this mail because:
  • You are watching all bug changes.