Wireshark-bugs: [Wireshark-bugs] [Bug 10386] Buildbot crash output: fuzz-2014-08-14-24510.pcap
Date: Fri, 15 Aug 2014 23:07:22 +0000

changed bug 10386


What Removed Added
CC   eapache@gmail.com

Comment # 2 on bug 10386 from
==21783== Invalid read of size 8
==21783==    at 0x6AA62CD: get_control_selector_values
(packet-usb-video.c:1596)
==21783==    by 0x6AA7CCC: dissect_usb_vid_get_set (packet-usb-video.c:1657)
==21783==    by 0x6AA691B: dissect_usb_vid_control (packet-usb-video.c:2024)
==21783==    by 0x63427DE: call_dissector_through_handle (packet.c:622)
==21783==    by 0x63430C4: call_dissector_work (packet.c:713)
==21783==    by 0x634377B: dissector_try_uint_new (packet.c:1145)
==21783==    by 0x6AA90EE: try_dissect_next_protocol (packet-usb.c:2650)
==21783==    by 0x6AABB92: dissect_usb_common (packet-usb.c:3379)
==21783==    by 0x63427A3: call_dissector_through_handle (packet.c:626)
==21783==    by 0x63430C4: call_dissector_work (packet.c:713)
==21783==    by 0x634377B: dissector_try_uint_new (packet.c:1145)
==21783==    by 0x63437D6: dissector_try_uint (packet.c:1171)
==21783==  Address 0xf0f6d70 is 0 bytes inside a block of size 1 alloc'd
==21783==    at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==21783==    by 0xA0F8610: g_malloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4000.0)
==21783==    by 0x639750B: wmem_simple_alloc (wmem_allocator_simple.c:55)
==21783==    by 0x6AA0A01: dissect_usb_audio_descriptor
(packet-usb-audio.c:325)
==21783==    by 0x63427DE: call_dissector_through_handle (packet.c:622)
==21783==    by 0x63430C4: call_dissector_work (packet.c:713)
==21783==    by 0x634377B: dissector_try_uint_new (packet.c:1145)
==21783==    by 0x6AAA66F: dissect_usb_setup_get_descriptor_response
(packet-usb.c:1939)
==21783==    by 0x6AAC561: dissect_usb_common (packet-usb.c:3412)
==21783==    by 0x63427A3: call_dissector_through_handle (packet.c:626)
==21783==    by 0x63430C4: call_dissector_work (packet.c:713)
==21783==    by 0x634377B: dissector_try_uint_new (packet.c:1145)
==21783== 
==21783== Invalid read of size 8
==21783==    at 0x6399110: wmem_tree_lookup32 (wmem_tree.c:376)
==21783==    by 0x6AA62D4: get_control_selector_values
(packet-usb-video.c:1596)
==21783==    by 0x6AA7CCC: dissect_usb_vid_get_set (packet-usb-video.c:1657)
==21783==    by 0x6AA691B: dissect_usb_vid_control (packet-usb-video.c:2024)
==21783==    by 0x63427DE: call_dissector_through_handle (packet.c:622)
==21783==    by 0x63430C4: call_dissector_work (packet.c:713)
==21783==    by 0x634377B: dissector_try_uint_new (packet.c:1145)
==21783==    by 0x6AA90EE: try_dissect_next_protocol (packet-usb.c:2650)
==21783==    by 0x6AABB92: dissect_usb_common (packet-usb.c:3379)
==21783==    by 0x63427A3: call_dissector_through_handle (packet.c:626)
==21783==    by 0x63430C4: call_dissector_work (packet.c:713)
==21783==    by 0x634377B: dissector_try_uint_new (packet.c:1145)
==21783==  Address 0x11 is not stack'd, malloc'd or (recently) free'd


You are receiving this mail because:
  • You are watching all bug changes.