Wireshark-bugs: [Wireshark-bugs] [Bug 10716] New: Buildbot crash output: fuzz-2014-11-18-30809.p
Date: Wed, 19 Nov 2014 12:50:02 +0000
Bug ID 10716
Summary Buildbot crash output: fuzz-2014-11-18-30809.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2014-11-18-30809.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2014-11-18-30809.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/3216-IrDA_Sample_Trace_1.pcap

Build host information:
Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3064
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=3815b14a0765b08f173955bf127dc115e765e0e6

Return value:  0

Dissector bug:  0

Valgrind error count:  6



Git commit
commit 3815b14a0765b08f173955bf127dc115e765e0e6
Author: Pascal Quantin <pascal.quantin@gmail.com>
Date:   Mon Nov 17 10:44:36 2014 +0100

    E212: fix bytes highlighting when dissecting the high nibble variant

    Change-Id: I376dcb333f7768242dbdb73313870e1e22d959ff
    Reviewed-on: https://code.wireshark.org/review/5362
    Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>


Command and args: ./tools/valgrind-wireshark.sh 

==15672== Memcheck, a memory error detector
==15672== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==15672== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==15672== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-11-18-30809.pcap
==15672== 
==15672== Conditional jump or move depends on uninitialised value(s)
==15672==    at 0x9B04294: g_strlcat (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==15672==    by 0x668CADC: col_do_append_str (column-utils.c:724)
==15672==    by 0xE9F22C1: dissect_iap_result (packet-irda.c:750)
==15672==    by 0xE9F3E08: dissect_irda (packet-irda.c:1168)
==15672==    by 0x66A0B23: call_dissector_through_handle (packet.c:622)
==15672==    by 0x66A15A4: call_dissector_work (packet.c:709)
==15672==    by 0x66A1C5B: dissector_try_uint_new (packet.c:1141)
==15672==    by 0x66A1CA6: dissector_try_uint (packet.c:1167)
==15672==    by 0x695CF30: dissect_frame (packet-frame.c:501)
==15672==    by 0x66A0B5E: call_dissector_through_handle (packet.c:618)
==15672==    by 0x66A15A4: call_dissector_work (packet.c:709)
==15672==    by 0x66A3101: call_dissector_with_data (packet.c:2293)
==15672== 
==15672== Conditional jump or move depends on uninitialised value(s)
==15672==    at 0x9B042BC: g_strlcat (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==15672==    by 0x668CADC: col_do_append_str (column-utils.c:724)
==15672==    by 0xE9F22C1: dissect_iap_result (packet-irda.c:750)
==15672==    by 0xE9F3E08: dissect_irda (packet-irda.c:1168)
==15672==    by 0x66A0B23: call_dissector_through_handle (packet.c:622)
==15672==    by 0x66A15A4: call_dissector_work (packet.c:709)
==15672==    by 0x66A1C5B: dissector_try_uint_new (packet.c:1141)
==15672==    by 0x66A1CA6: dissector_try_uint (packet.c:1167)
==15672==    by 0x695CF30: dissect_frame (packet-frame.c:501)
==15672==    by 0x66A0B5E: call_dissector_through_handle (packet.c:618)
==15672==    by 0x66A15A4: call_dissector_work (packet.c:709)
==15672==    by 0x66A3101: call_dissector_with_data (packet.c:2293)
==15672== 
==15672== Conditional jump or move depends on uninitialised value(s)
==15672==    at 0x9B0427D: g_strlcat (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==15672==    by 0x668CADC: col_do_append_str (column-utils.c:724)
==15672==    by 0x66C12C5: show_reported_bounds_error (show_exception.c:162)
==15672==    by 0x695BE8E: dissect_frame (packet-frame.c:550)
==15672==    by 0x66A0B5E: call_dissector_through_handle (packet.c:618)
==15672==    by 0x66A15A4: call_dissector_work (packet.c:709)
==15672==    by 0x66A3101: call_dissector_with_data (packet.c:2293)
==15672==    by 0x66A34D5: dissect_record (packet.c:495)
==15672==    by 0x6696A63: epan_dissect_run_with_taps (epan.c:346)
==15672==    by 0x4136C3: process_packet (tshark.c:3527)
==15672==    by 0x40C837: main (tshark.c:3315)
==15672== 
==15672== Conditional jump or move depends on uninitialised value(s)
==15672==    at 0x4C2E0F8: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15672==    by 0x41339F: print_packet (tshark.c:3737)
==15672==    by 0x413A0A: process_packet (tshark.c:3541)
==15672==    by 0x40C837: main (tshark.c:3315)
==15672== 
==15672== Conditional jump or move depends on uninitialised value(s)
==15672==    at 0x4C2E0F8: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15672==    by 0xA7901BE: fputs (iofputs.c:35)
==15672==    by 0x66AAFE5: print_line_text (print.c:1152)
==15672==    by 0x412FA8: print_packet (tshark.c:3882)
==15672==    by 0x413A0A: process_packet (tshark.c:3541)
==15672==    by 0x40C837: main (tshark.c:3315)
==15672== 
==15672== Syscall param write(buf) points to uninitialised byte(s)
==15672==    at 0xA80D3B0: __write_nocancel (syscall-template.S:81)
==15672==    by 0xA79AA82: _IO_file_write@@GLIBC_2.2.5 (fileops.c:1261)
==15672==    by 0xA79BF5B: _IO_do_write@@GLIBC_2.2.5 (fileops.c:538)
==15672==    by 0xA79B120: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:1332)
==15672==    by 0xA790243: fputs (iofputs.c:40)
==15672==    by 0x66AAFE5: print_line_text (print.c:1152)
==15672==    by 0x412FA8: print_packet (tshark.c:3882)
==15672==    by 0x413A0A: process_packet (tshark.c:3541)
==15672==    by 0x40C837: main (tshark.c:3315)
==15672==  Address 0x402e1a8 is not stack'd, malloc'd or (recently) free'd
==15672== 
==15672== 
==15672== HEAP SUMMARY:
==15672==     in use at exit: 1,215,556 bytes in 29,619 blocks
==15672==   total heap usage: 226,824 allocs, 197,205 frees, 28,713,525 bytes
allocated
==15672== 
==15672== LEAK SUMMARY:
==15672==    definitely lost: 3,656 bytes in 156 blocks
==15672==    indirectly lost: 36,744 bytes in 51 blocks
==15672==      possibly lost: 0 bytes in 0 blocks
==15672==    still reachable: 1,175,156 bytes in 29,412 blocks
==15672==         suppressed: 0 bytes in 0 blocks
==15672== Rerun with --leak-check=full to see details of leaked memory
==15672== 
==15672== For counts of detected and suppressed errors, rerun with: -v
==15672== Use --track-origins=yes to see where uninitialised values come from
==15672== ERROR SUMMARY: 6 errors from 6 contexts (suppressed: 0 from 0)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.