Wireshark-bugs: [Wireshark-bugs] [Bug 12090] New: Buildbot crash output: fuzz-2016-02-06-21973.p
Date: Sat, 06 Feb 2016 07:40:03 +0000
Bug ID | 12090 |
---|---|
Summary | Buildbot crash output: fuzz-2016-02-06-21973.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-02-06-21973.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | bugzilla-admin@wireshark.org |
Reporter | buildbot-do-not-reply@wireshark.org |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-02-06-21973.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/Http.cap Build host information: Linux wsbb04 3.13.0-74-generic #118-Ubuntu SMP Thu Dec 17 22:52:10 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark BUILDBOT_BUILDNUMBER=3490 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=154e710857599fb91351d955360f1f1dd8eddd22 Return value: 1 Dissector bug: 0 Valgrind error count: 0 Git commit commit 154e710857599fb91351d955360f1f1dd8eddd22 Author: Martin Kaiser <wireshark@kaiser.cx> Date: Fri Feb 5 17:49:25 2016 +0100 pktc: don't THROW() an exception from a dissector in the switch-case statements, we already show an expert info it should be sufficient to exit and report to the caller how many bytes we dissected as for the string, we can just calculate the length and let proto_tree_add_item() throw an exception if that length is invalid Change-Id: I310a4011cb112f3ed70e804c5b44d58f275fab6b Reviewed-on: https://code.wireshark.org/review/13745 Reviewed-by: Martin Kaiser <wireshark@kaiser.cx> Command and args: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nVxr ================================================================= ==19026==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7feb08db3174 at pc 0x7feb070a70ee bp 0x7ffdbaf0b0a0 sp 0x7ffdbaf0b098 READ of size 4 at 0x7feb08db3174 thread T0 #0 0x7feb070a70ed (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x798f0ed) #1 0x7feb06a40f01 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7328f01) #2 0x7feb06a3efdc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7326fdc) #3 0x7feb0740f846 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7cf7846) #4 0x7feb06a40f01 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7328f01) #5 0x7feb06a40b9a (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7328b9a) #6 0x7feb06f75fe5 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x785dfe5) #7 0x7feb06a40f01 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7328f01) #8 0x7feb06a3efdc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7326fdc) #9 0x7feb06a3e7f8 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x73267f8) #10 0x7feb06a1ef5e (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/lib/libwireshark.so.0+0x7306f5e) #11 0x501145 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x501145) #12 0x4fb96b (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x4fb96b) #13 0x7feafc356ec4 (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4) #14 0x43fc26 (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark+0x43fc26) 0x7feb08db3174 is located 12 bytes to the left of global variable '<string literal>' defined in 'packet-ieee80211-radio.c:243:5' (0x7feb08db3180) of size 5 '<string literal>' is ascii string 'BPSK' 0x7feb08db3174 is located 36 bytes to the right of global variable 'subcarriers' defined in 'packet-ieee80211-radio.c:265:20' (0x7feb08db3140) of size 16 Shadow bytes around the buggy address: 0x0ffde11ae5d0: 00 02 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 0x0ffde11ae5e0: 03 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 0x0ffde11ae5f0: 00 00 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 0x0ffde11ae600: 00 00 00 00 00 00 00 00 00 05 f9 f9 f9 f9 f9 f9 0x0ffde11ae610: 00 00 00 00 00 00 00 00 00 05 f9 f9 f9 f9 f9 f9 =>0x0ffde11ae620: 06 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9[f9]f9 0x0ffde11ae630: 05 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 0x0ffde11ae640: 05 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 0x0ffde11ae650: 07 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 0x0ffde11ae660: 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 0x0ffde11ae670: 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 02 f9 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==19026==ABORTING [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12090] Buildbot crash output: fuzz-2016-02-06-21973.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12090] Buildbot crash output: fuzz-2016-02-06-21973.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12088] GlusterFS: Add support for the SEEK procedure
- Next by Date: [Wireshark-bugs] [Bug 12085] Buildbot crash output: fuzz-2016-02-05-26837.pcap
- Previous by thread: [Wireshark-bugs] [Bug 12089] Buildbot crash output: fuzz-2016-02-05-8806.pcap
- Next by thread: [Wireshark-bugs] [Bug 12090] Buildbot crash output: fuzz-2016-02-06-21973.pcap
- Index(es):