Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9485] Buildbot crash output: fuzz-2013-11-27-4993.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 9485] Buildbot crash output: fuzz-2013-11-27-4993.pcap

Date: Wed, 27 Nov 2013 21:56:50 +0000

What	Removed	Added
Status	CONFIRMED	IN_PROGRESS
CC		wireshark@kaiser.cx

Comment # 1 on bug 9485 from Martin Kaiser

This is an interesting one.

In dissect_ppi(), the fuzzing changed dlt to 224 (==fc). dissector_try_uint()
calls the fc dissector, which needs a data parameter, with data="" data is
dereferenced, wireshark crashes.

Potentially, this could happen to any new-style dissector with a data
parameter, even if the normal code paths always set data to a reasonable value

I modified the fc dissector in r53617 to reject the packet when data=""

I'll leave the bug open for others to comment.

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 9485] New: Buildbot crash output: fuzz-2013-11-27-4993.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9485] New: Buildbot crash output: fuzz-2013-11-27-4993.pcap
Next by Date: [Wireshark-bugs] [Bug 9482] Buildbot crash output: fuzz-2013-11-27-22455.pcap
Previous by thread: [Wireshark-bugs] [Bug 9485] New: Buildbot crash output: fuzz-2013-11-27-4993.pcap
Next by thread: [Wireshark-bugs] [Bug 9485] Buildbot crash output: fuzz-2013-11-27-4993.pcap
Index(es):
- Date
- Thread