Bug ID |
10263
|
Summary |
NULL deref in ldss dissector
|
Classification |
Unclassified
|
Product |
Wireshark
|
Version |
Git
|
Hardware |
All
|
OS |
All
|
Status |
UNCONFIRMED
|
Severity |
Major
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
bugzilla-admin@wireshark.org
|
Reporter |
peter@lekensteyn.nl
|
Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
Since commit 4afd70d4e46c944e5d4e9476103992e621510253, capture
2867-ldss_filtered.pcap (attachment 2867 [details]) crashes due to a null deref. See
below.
==12100==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000028 (pc
0x7f99ce1e6d0a sp 0x7fffd41fc640 bp 0x7fffd41fc7c0 T0)
#0 0x7f99ce1e6d09 in dissect_ldss_transfer
epan/dissectors/packet-ldss.c:483
#1 0x7f99cd8e44ca in call_dissector_through_handle epan/packet.c:622
#2 0x7f99cd8e48cf in call_dissector_work epan/packet.c:713
#3 0x7f99cd8e9bed in call_dissector_only epan/packet.c:2284
#4 0x7f99cd8b937b in try_conversation_dissector epan/conversation.c:1303
#5 0x7f99ce76d484 in decode_tcp_ports epan/dissectors/packet-tcp.c:3912
#6 0x7f99ce76dec4 in process_tcp_payload epan/dissectors/packet-tcp.c:4016
#7 0x7f99ce765413 in desegment_tcp epan/dissectors/packet-tcp.c:1839
#8 0x7f99ce76e473 in dissect_tcp_payload epan/dissectors/packet-tcp.c:4083
#9 0x7f99ce776126 in dissect_tcp epan/dissectors/packet-tcp.c:4913
#10 0x7f99cd8e450d in call_dissector_through_handle epan/packet.c:626
#11 0x7f99cd8e48cf in call_dissector_work epan/packet.c:713
#12 0x7f99cd8e61a3 in dissector_try_uint_new epan/packet.c:1145
#13 0x7f99ce0c4c2f in dissect_ip epan/dissectors/packet-ip.c:2408
#14 0x7f99cd8e450d in call_dissector_through_handle epan/packet.c:626
#15 0x7f99cd8e48cf in call_dissector_work epan/packet.c:713
#16 0x7f99cd8e61a3 in dissector_try_uint_new epan/packet.c:1145
#17 0x7f99cd8e6248 in dissector_try_uint epan/packet.c:1171
#18 0x7f99cde8ff9c in dissect_ethertype
epan/dissectors/packet-ethertype.c:303
#19 0x7f99cd8e44ca in call_dissector_through_handle epan/packet.c:622
#20 0x7f99cd8e48cf in call_dissector_work epan/packet.c:713
#21 0x7f99cd8e9bed in call_dissector_only epan/packet.c:2284
#22 0x7f99cd8e9c30 in call_dissector_with_data epan/packet.c:2297
#23 0x7f99cde8d763 in dissect_eth_common epan/dissectors/packet-eth.c:475
#24 0x7f99cde8ef01 in dissect_eth_maybefcs epan/dissectors/packet-eth.c:758
#25 0x7f99cd8e450d in call_dissector_through_handle epan/packet.c:626
#26 0x7f99cd8e48cf in call_dissector_work epan/packet.c:713
#27 0x7f99cd8e61a3 in dissector_try_uint_new epan/packet.c:1145
#28 0x7f99cd8e6248 in dissector_try_uint epan/packet.c:1171
#29 0x7f99cdf03064 in dissect_frame epan/dissectors/packet-frame.c:497
#30 0x7f99cd8e450d in call_dissector_through_handle epan/packet.c:626
#31 0x7f99cd8e48cf in call_dissector_work epan/packet.c:713
#32 0x7f99cd8e9bed in call_dissector_only epan/packet.c:2284
#33 0x7f99cd8e9c30 in call_dissector_with_data epan/packet.c:2297
#34 0x7f99cd8e9d07 in call_dissector epan/packet.c:2314
#35 0x7f99cd8e3156 in dissect_record epan/packet.c:497
#36 0x7f99cd8c0ac0 in epan_dissect_run_with_taps epan/epan.c:346
#37 0x419e37 in process_packet tshark.c:3559
#38 0x41911f in load_cap_file tshark.c:3349
#39 0x414e25 in main tshark.c:2114
#40 0x7f99c7e79fff in __libc_start_main (/usr/lib/libc.so.6+0x1ffff)
#41 0x409fe8 (/tmp/wsbuild/run/tshark+0x409fe8)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV epan/dissectors/packet-ldss.c:483
dissect_ldss_transfer
==12100==ABORTING
4afd70d4e46c944e5d4e9476103992e621510253 is the first bad commit
commit 4afd70d4e46c944e5d4e9476103992e621510253
Author: Evan Huus <eapache@gmail.com>
Date: Sun Jul 6 09:21:25 2014 -0400
Use g_hash_table_new_full to free some values
Fixes a good 80-90KB of leaks in certain cases.
Bug: 10261
Change-Id: I81d57ac67219e730b03649b9fdfc2306807bdb97
Reviewed-on: https://code.wireshark.org/review/2879
Reviewed-by: Anders Broman <a.broman58@gmail.com>
:040000 040000 4c60521948aa390dca020ad7fa650ce659ecb4b1
f42d0e2989240cf19b6dba83e85b47efa47a19b1 M epan
You are receiving this mail because:
- You are watching all bug changes.