Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 13231] New: Buildbot crash output: fuzz-2016-12-09-20162.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 13231] New: Buildbot crash output: fuzz-2016-12-09-20162.p

Date: Sat, 10 Dec 2016 17:30:03 +0000

Bug ID	13231
Summary	Buildbot crash output: fuzz-2016-12-09-20162.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2016-12-09-20162.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-12-09-20162.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/before.pcap

Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:    16.04
Codename:    xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3815
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=f60ec2581ae825f89e669ca4b4f14917a2aab561

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit f60ec2581ae825f89e669ca4b4f14917a2aab561
Author: Michael Mann <mmann78@netscape.net>
Date:   Thu Dec 8 21:41:58 2016 -0500

    [ICMP] use abs() in detecting timestamp heuristics

    The code was making the assumption that the ICMP data time will always
    be greater than or equal to the frame time, but not earlier, but that
    is not always the case and the heuristics can fail.

    Bug: 13161
    Change-Id: I4bc7bd8d22d717d3b1f08afdd651f8a70cb7aef2
    Reviewed-on: https://code.wireshark.org/review/19157
    Petri-Dish: Michael Mann <mmann78@netscape.net>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
    Reviewed-by: Michael Mann <mmann78@netscape.net>


==6426== Memcheck, a memory error detector
==6426== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==6426== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==6426== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-12-09-20162.pcap
==6426== 
==6426== Conditional jump or move depends on uninitialised value(s)
==6426==    at 0x69DC9E6: fragment_add_seq_work (reassemble.c:1686)
==6426==    by 0x69DC9E6: fragment_add_seq_common (reassemble.c:1956)
==6426==    by 0x69DCD97: fragment_add_seq_check_work (reassemble.c:2037)
==6426==    by 0x69DCD2B: fragment_add_seq_check (reassemble.c:2074)
==6426==    by 0x6FCEBF8: dissect_p_mul (packet-p_mul.c:1290)
==6426==    by 0x69B1F75: call_dissector_through_handle (packet.c:650)
==6426==    by 0x69B1F75: call_dissector_work (packet.c:725)
==6426==    by 0x69B2059: dissector_try_uint_new (packet.c:1290)
==6426==    by 0x69B2059: dissector_try_uint (packet.c:1316)
==6426==    by 0x70A34DD: dissect_s5066_common (packet-s5066sis.c:1054)
==6426==    by 0x7198C15: tcp_dissect_pdus (packet-tcp.c:3468)
==6426==    by 0x70A1D48: dissect_s5066_tcp (packet-s5066sis.c:980)
==6426==    by 0x69B1F75: call_dissector_through_handle (packet.c:650)
==6426==    by 0x69B1F75: call_dissector_work (packet.c:725)
==6426==    by 0x69B1E3E: dissector_try_uint_new (packet.c:1290)
==6426==    by 0x71990D7: decode_tcp_ports (packet-tcp.c:5414)
==6426== 
==6426== 
==6426== HEAP SUMMARY:
==6426==     in use at exit: 6,083,455 bytes in 9,745 blocks
==6426==   total heap usage: 265,761 allocs, 256,016 frees, 37,349,154 bytes
allocated
==6426== 
==6426== LEAK SUMMARY:
==6426==    definitely lost: 520 bytes in 88 blocks
==6426==    indirectly lost: 256 bytes in 5 blocks
==6426==      possibly lost: 0 bytes in 0 blocks
==6426==    still reachable: 6,082,679 bytes in 9,652 blocks
==6426==         suppressed: 0 bytes in 0 blocks
==6426== Rerun with --leak-check=full to see details of leaked memory
==6426== 
==6426== For counts of detected and suppressed errors, rerun with: -v
==6426== Use --track-origins=yes to see where uninitialised values come from
==6426== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 2429] Shift+right arrow doesn't select characters in display filter text box
Next by Date: [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
Previous by thread: [Wireshark-bugs] [Bug 13230] Follow TCP stream does not work over BT HCI ACL link
Next by thread: [Wireshark-bugs] [Bug 13231] Buildbot crash output: fuzz-2016-12-09-20162.pcap
Index(es):
- Date
- Thread