Wireshark-bugs: [Wireshark-bugs] [Bug 9885] Buildbot crash output: fuzz-2014-03-14-15333.pcap
Comment # 2
on bug 9885
from Hadriel Kaplan
Created attachment 12636 [details]
minimal pcap to crash
(putting this stuff in bugzilla before I forget it, because I haven't spent
long looking at this and might not get to it for a couple days)
The attached is a smaller pcap of the original needed to crash. Oddly, with the
original it doesn't crash on a 1-pass tshark run, but does on a 2-pass; but
this attached one crashes on just 1-pass.
It also has another (probably unrelated) bug showing - the RTP packet is
matching an RTP-setup flow that it shouldn't match, because it's destined to an
IP-address that wasn't the connection address in SDP. That's really weird, but
I don't think it's related to the crash. (maybe)
The crash occurs during a g_hash table lookup for dynamic payload info.
Also, the crash trace is this:
0 libglib-2.0.0.dylib 0x000000010a81014d g_hash_table_lookup +
61 (ghash.c:371)
1 libwireshark.0.dylib 0x000000010686c8bb dissect_rtp + 1499
(packet-rtp.c:1789)
2 libwireshark.0.dylib 0x000000010628a59e call_dissector_work +
286 (packet.c:591)
3 libwireshark.0.dylib 0x000000010627b65d
try_conversation_dissector + 93 (conversation.c:1307)
4 libwireshark.0.dylib 0x0000000106984c5d decode_udp_ports + 269
(packet-udp.c:368)
5 libwireshark.0.dylib 0x0000000106985fea dissect + 3642
(packet-udp.c:750)
6 libwireshark.0.dylib 0x000000010628a5b6 call_dissector_work +
310 (packet.c:597)
7 libwireshark.0.dylib 0x000000010628a43a dissector_try_uint_new
+ 106 (packet.c:1113)
8 libwireshark.0.dylib 0x0000000106648358 dissect_ip + 5448
(packet-ip.c:2400)
9 libwireshark.0.dylib 0x000000010628a5b6 call_dissector_work +
310 (packet.c:597)
10 libwireshark.0.dylib 0x000000010628a6a8 dissector_try_uint +
104 (packet.c:1113)
11 libwireshark.0.dylib 0x000000010651e706 dissect_ethertype +
342 (packet-ethertype.c:303)
12 libwireshark.0.dylib 0x000000010628a59e call_dissector_work +
286 (packet.c:591)
13 libwireshark.0.dylib 0x000000010628bb42
call_dissector_with_data + 50 (packet.c:2247)
14 libwireshark.0.dylib 0x000000010651df3b dissect_eth_common +
3163 (packet-eth.c:470)
15 libwireshark.0.dylib 0x000000010628a5b6 call_dissector_work +
310 (packet.c:597)
16 libwireshark.0.dylib 0x000000010628a6a8 dissector_try_uint +
104 (packet.c:1113)
17 libwireshark.0.dylib 0x0000000106550d90 dissect_frame + 3248
(packet-frame.c:488)
18 libwireshark.0.dylib 0x000000010628a5b6 call_dissector_work +
310 (packet.c:597)
19 libwireshark.0.dylib 0x000000010628bb42
call_dissector_with_data + 50 (packet.c:2247)
20 libwireshark.0.dylib 0x0000000106289ac5 dissect_packet + 469
(packet.c:471)
21 libwireshark.0.dylib 0x000000010627efbe
epan_dissect_run_with_taps + 62 (epan.c:343)
22 tshark 0x000000010617a837 process_packet + 327
(tshark.c:3525)
23 tshark 0x0000000106178257 main + 11431
(tshark.c:3312)
24 libdyld.dylib 0x00007fff92ea25fd start + 1
You are receiving this mail because:
- You are watching all bug changes.