Wireshark-bugs: [Wireshark-bugs] [Bug 9828] Buildbot crash output: fuzz-2014-03-02-5984.pcap
Evan Huus
changed
bug 9828
What |
Removed |
Added |
CC |
|
eapache@gmail.com
|
Comment # 1
on bug 9828
from Evan Huus
Top of crash backtrace is:
#0 fp_set_per_packet_inf_from_conv (p_conv_data=p_conv_data@entry=0x347ed54,
tvb=tvb@entry=0x343d5e0, pinfo=pinfo@entry=0x34082c8, tree=0x3560554)
at packet-umts_fp.c:4056
#1 0x00007f1eac9712a8 in dissect_fp (tvb=0x343d5e0, pinfo=0x34082c8,
tree=<optimized out>) at packet-umts_fp.c:4217
#2 0x00007f1eac2aa7e4 in call_dissector_through_handle
(handle=handle@entry=0x2265f54, tvb=tvb@entry=0x343d5e0,
pinfo=pinfo@entry=0x34082c8,
tree=tree@entry=0x338a380, data="" at packet.c:595
Valgrind errors are many, mostly very similar to
==28088== Invalid write of size 1
==28088== at 0x6C03E92: fp_set_per_packet_inf_from_conv.isra.4
(packet-umts_fp.c:3990)
==28088== by 0x6C082A7: dissect_fp (packet-umts_fp.c:4217)
==28088== by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088== by 0x65420D4: call_dissector_work (packet.c:682)
==28088== by 0x6534EE6: try_conversation_dissector (conversation.c:1266)
==28088== by 0x6BFE8FB: decode_udp_ports (packet-udp.c:368)
==28088== by 0x6BFF319: dissect (packet-udp.c:750)
==28088== by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088== by 0x65420D4: call_dissector_work (packet.c:682)
==28088== by 0x654278B: dissector_try_uint_new (packet.c:1113)
==28088== by 0x68CF622: dissect_ip (packet-ip.c:2400)
==28088== by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088== Address 0x14cb8014 is 0 bytes after a block of size 772 alloc'd
==28088== at 0x4C2A420: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28088== by 0x9707610: g_malloc (gmem.c:97)
==28088== by 0x6FF140F: wmem_simple_alloc (wmem_allocator_simple.c:50)
==28088== by 0x6FF00CD: wmem_alloc0 (wmem_core.c:62)
==28088== by 0x6C03D33: fp_set_per_packet_inf_from_conv.isra.4
(packet-umts_fp.c:3967)
==28088== by 0x6C082A7: dissect_fp (packet-umts_fp.c:4217)
==28088== by 0x65417E3: call_dissector_through_handle (packet.c:595)
==28088== by 0x65420D4: call_dissector_work (packet.c:682)
==28088== by 0x6534EE6: try_conversation_dissector (conversation.c:1266)
==28088== by 0x6BFE8FB: decode_udp_ports (packet-udp.c:368)
==28088== by 0x6BFF319: dissect (packet-udp.c:750)
==28088== by 0x65417E3: call_dissector_through_handle (packet.c:595)
You are receiving this mail because:
- You are watching all bug changes.