Wireshark · Wireshark-dev: Re: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester

Wireshark-dev: Re: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Fri, 2 Mar 2012 14:45:26 -0800

On Mar 2, 2012, at 2:36 PM, Jeff Morriss wrote:

> The fuzz tester keeps failing with this file:
> 
>>    /home/wireshark/menagerie/menagerie/6550-iPhone_connection_and_SSH_session.cap:
>> ERROR
>> Processing failed.  Capture info follows:
>> 
>>  Output file: /dev/shm/buildbot/clangcodeanalysis/menagerie-fuzz/fuzz-2012-03-02-17845.pcap
>> stderr follows:
>> 
>> tshark: The file "/dev/shm/buildbot/clangcodeanalysis/menagerie-fuzz/fuzz-2012-03-02-17845.pcap" appears to be damaged or corrupt.
>> (pcapng: interface index 1 is not less than interface count 1.)
> 
> The source file itself is fine (well it no longer aborts for me after r41325), but running it through the fuzz tester fails every time.  Looks like editcap needs some PCAPNG smarts to avoid corrupting the non-packet parts.  (Or Wiretap needs to not give the non-packet parts to editcap.)

...or my recent changes to wiretap/pcapng.c broke something, or....

I'll try to look at that today.

(BTW, why aren't the fuzz failures being turned into bugs?)

Follow-Ups:
- Re: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
  - From: Guy Harris
- Re: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
  - From: Gerald Combs

References:
- [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
  - From: Jeff Morriss

Prev by Date: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
Next by Date: Re: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
Previous by thread: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
Next by thread: Re: [Wireshark-dev] PCAP-NG files being corrupted by fuzz tester
Index(es):
- Date
- Thread