[prev in list] [next in list] [prev in thread] [next in thread]
List: wireshark-bugs
Subject: [Wireshark-bugs] [Bug 16741] New: Buildbot crash output: fuzz-2020-07-28-5905.pcap
From: bugzilla-daemon () wireshark ! org
Date: 2020-07-29 0:30:04
Message-ID: 0100017397f9e7fb-2be63ea9-3640-4ae8-9990-8a8c62ee946c-000000 () us-east-1 ! amazonses ! com
[Download RAW message or body]
--15959826031.c2B97.20677
Date: Wed, 29 Jul 2020 00:30:03 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.wireshark.org/bugzilla/
Auto-Submitted: auto-generated
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16741
Bug ID: 16741
Summary: Buildbot crash output: fuzz-2020-07-28-5905.pcap
Product: Wireshark
Version: unspecified
Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
Severity: Major
Priority: High
Component: Dissection engine (libwireshark)
Assignee: bugzilla-admin@wireshark.org
Reporter: buildbot-do-not-reply@wireshark.org
Target Milestone: ---
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2020-07-28-5905.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/14213-servermanager_test.pcapng
Build host information:
Linux build6 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=fuzz-test
BUILDBOT_BUILDNUMBER=211
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-3.0/
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_GOT_REVISION=97c3ed7878a37a0ebaf6bc11f8ac32d2bde6a079
Return value: 0
Dissector bug: 0
Valgrind error count: 0
Git commit
commit 97c3ed7878a37a0ebaf6bc11f8ac32d2bde6a079
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date: Sun Jul 26 11:17:38 2020 +0200
MQ: Fix short NameValue presentation
Patch from Robert Grange
Bug: 16733
Change-Id: I7a11e060bb89aa1279a212f9dd958931c1031846
Reviewed-on: https://code.wireshark.org/review/37967
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit dba5465f1173bcb5992854e74b610aaef14a4989)
Reviewed-on: https://code.wireshark.org/review/37969
Command and args:
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark
-nVxr
=================================================================
==6884==ERROR: AddressSanitizer: attempting free on address which was not
malloc()-ed: 0x61b00004bba0 in thread T0
#0 0x5574ac921ec2 in __interceptor_free
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x108ec2)
#1 0x7f5ad268c0b3 in get_multipart_info
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:349:13
#2 0x7f5ad268b741 in dissect_multipart
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:815:32
#3 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#4 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#5 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#6 0x7f5ad21119cb in dissect_http_message
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:1832:16
#7 0x7f5ad210b3c2 in dissect_http_on_stream
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3504:9
#8 0x7f5ad2107933 in dissect_http_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3559:2
#9 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#10 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#11 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#12 0x7f5ad2f365cf in decode_tcp_ports
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5771:9
#13 0x7f5ad2f3d1a9 in process_tcp_payload
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5840:13
#14 0x7f5ad2f49229 in dissect_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:6696:21
#15 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#16 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#17 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#18 0x7f5ad22565f2 in ip_try_dissect
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:1832:7
#19 0x7f5ad225d5e3 in dissect_ip_v4
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:2290:10
#20 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#21 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#22 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#23 0x7f5ad44210fb in dissector_try_uint
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1423:9
#24 0x7f5ad1e123f0 in dissect_ethertype
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ethertype.c:261:21
#25 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#26 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#27 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#28 0x7f5ad441cf74 in call_dissector_with_data
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3180:8
#29 0x7f5ad1e0fad6 in dissect_eth_common
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-eth.c:527:5
#30 0x7f5ad1e0b513 in dissect_eth
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-eth.c:803:5
#31 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#32 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#33 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#34 0x7f5ad1ecb6ce in dissect_frame
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-frame.c:625:6
#35 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#36 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#37 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#38 0x7f5ad441cf74 in call_dissector_with_data
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3180:8
#39 0x7f5ad441c776 in dissect_record
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:580:3
#40 0x7f5ad43ec848 in epan_dissect_run_with_taps
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/epan.c:564:2
#41 0x5574ac9821f0 in process_packet_single_pass
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../tshark.c:3497:5
#42 0x5574ac97e139 in process_cap_file
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../tshark.c:3330:11
#43 0x5574ac978cc3 in main
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../tshark.c:2031:17
#44 0x7f5ac6c62b96 in __libc_start_main
/build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310
#45 0x5574ac876879 in _start
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x5d879)
0x61b00004bba0 is located 32 bytes inside of 1411-byte region
[0x61b00004bb80,0x61b00004c103)
allocated by thread T0 here:
#0 0x5574ac922243 in __interceptor_malloc
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x109243)
#1 0x7f5ac76c2ab8 in g_malloc
(/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51ab8)
#2 0x7f5ad4307162 in wmem_strict_alloc
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/wmem/wmem_allocator_strict.c:81:46
#3 0x7f5ad42fdbd9 in wmem_alloc
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/wmem/wmem_core.c:44:12
#4 0x7f5ad440c3c7 in ws_find_media_type_parameter
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/media_params.c:178:24
#5 0x7f5ad268c027 in get_multipart_info
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:341:22
#6 0x7f5ad268b741 in dissect_multipart
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:815:32
#7 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#8 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#9 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#10 0x7f5ad21119cb in dissect_http_message
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:1832:16
#11 0x7f5ad210b3c2 in dissect_http_on_stream
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3504:9
#12 0x7f5ad2107933 in dissect_http_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3559:2
#13 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#14 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#15 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#16 0x7f5ad2f365cf in decode_tcp_ports
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5771:9
#17 0x7f5ad2f3d1a9 in process_tcp_payload
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5840:13
#18 0x7f5ad2f49229 in dissect_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:6696:21
#19 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#20 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#21 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#22 0x7f5ad22565f2 in ip_try_dissect
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:1832:7
#23 0x7f5ad225d5e3 in dissect_ip_v4
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:2290:10
#24 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#25 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#26 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#27 0x7f5ad44210fb in dissector_try_uint
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1423:9
#28 0x7f5ad1e123f0 in dissect_ethertype
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ethertype.c:261:21
#29 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
SUMMARY: AddressSanitizer: bad-free
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x108ec2)
in __interceptor_free
==6884==ABORTING
[ no debug trace ]
--
You are receiving this mail because:
You are watching all bug changes.
--15959826031.c2B97.20677
Date: Wed, 29 Jul 2020 00:30:03 +0000
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.wireshark.org/bugzilla/
Auto-Submitted: auto-generated
<html>
<head>
<base href="https://bugs.wireshark.org/bugzilla/" />
<style>
body, th, td {
font-size: 12px;
font-family: Arial, Helvetica, sans-serif; }
p, pre { margin-top: 1em; }
pre {
font-family: Bitstream Vera Sans Mono, Consolas, Lucida Console, \
monospace; white-space: pre-wrap;
}
table { border: 0; border-spacing: 0; border-collapse: collapse; }
th, td {
padding: 0.25em;
padding-left: 0.5em;
padding-right: 0.5em;
}
th { background: rgb(240, 240, 240); }
th.th_top { border-bottom: 1px solid rgb(116, 126, 147); }
th.th_left { border-right: 1px solid rgb(116, 126, 147); }
td.removed { background-color: #ffcccc; }
td.added { background-color: #e4ffc7; }
</style>
</head>
<body><table>
<tr>
<th class="th_left">Bug ID</th>
<td><a class="bz_bug_link
bz_status_CONFIRMED "
title="CONFIRMED - Buildbot crash output: fuzz-2020-07-28-5905.pcap"
href="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16741">16741</a>
</td>
</tr>
<tr>
<th class="th_left">Summary</th>
<td>Buildbot crash output: fuzz-2020-07-28-5905.pcap
</td>
</tr>
<tr>
<th class="th_left">Product</th>
<td>Wireshark
</td>
</tr>
<tr>
<th class="th_left">Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th class="th_left">Hardware</th>
<td>x86-64
</td>
</tr>
<tr>
<th class="th_left">OS</th>
<td>Ubuntu
</td>
</tr>
<tr>
<th class="th_left">Status</th>
<td>CONFIRMED
</td>
</tr>
<tr>
<th class="th_left">Severity</th>
<td>Major
</td>
</tr>
<tr>
<th class="th_left">Priority</th>
<td>High
</td>
</tr>
<tr>
<th class="th_left">Component</th>
<td>Dissection engine (libwireshark)
</td>
</tr>
<tr>
<th class="th_left">Assignee</th>
<td>bugzilla-admin@wireshark.org
</td>
</tr>
<tr>
<th class="th_left">Reporter</th>
<td>buildbot-do-not-reply@wireshark.org
</td>
</tr>
<tr>
<th class="th_left">Target Milestone</th>
<td>---
</td>
</tr></table>
<p>
<div>
<pre>Problems have been found with the following capture file:
<a href="https://www.wireshark.org/download/automated/captures/fuzz-2020-07-28-5905.pc \
ap">https://www.wireshark.org/download/automated/captures/fuzz-2020-07-28-5905.pcap</a>
stderr:
Input file: /home/wireshark/menagerie/menagerie/14213-servermanager_test.pcapng
Build host information:
Linux build6 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=fuzz-test
BUILDBOT_BUILDNUMBER=211
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_URL=<a href="http://buildbot.wireshark.org/wireshark-3.0/">http://buildbot.wireshark.org/wireshark-3.0/</a>
BUILDBOT_REPOSITORY=ssh://<a \
href="mailto:wireshark-buildbot@code.wireshark.org">wireshark-buildbot@code.wireshark.org</a>:29418/wireshark
BUILDBOT_GOT_REVISION=97c3ed7878a37a0ebaf6bc11f8ac32d2bde6a079
Return value: 0
Dissector bug: 0
Valgrind error count: 0
Git commit
<a href="https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=97c3ed7878a37a0ebaf6bc11f8ac32d2bde6a079">commit \
97c3ed7878a37a0ebaf6bc11f8ac32d2bde6a079</a>
Author: Jaap Keuter <<a \
href="mailto:jaap.keuter@xs4all.nl">jaap.keuter@xs4all.nl</a>>
Date: Sun Jul 26 11:17:38 2020 +0200
MQ: Fix short NameValue presentation
Patch from Robert Grange
Bug: 16733
Change-Id: <a href="https://code.wireshark.org/review/#/q/I7a11e060bb89aa1279a212f9dd958931c1031846">I7a11e060bb89aa1279a212f9dd958931c1031846</a>
Reviewed-on: <a href="https://code.wireshark.org/review/37967">https://code.wireshark.org/review/37967</a>
Reviewed-by: Jaap Keuter <<a \
href="mailto:jaap.keuter@xs4all.nl">jaap.keuter@xs4all.nl</a>> \
Petri-Dish: Jaap Keuter <<a \
href="mailto:jaap.keuter@xs4all.nl">jaap.keuter@xs4all.nl</a>> Tested-by: \
Petri Dish Buildbot Reviewed-by: Anders Broman <<a \
href="mailto:a.broman58@gmail.com">a.broman58@gmail.com</a>> (cherry \
picked from <a href="https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dba5465f1173bcb5992854e74b610aaef14a4989">commit \
dba5465f1173bcb5992854e74b610aaef14a4989</a>) Reviewed-on: <a \
href="https://code.wireshark.org/review/37969">https://code.wireshark.org/review/37969</a>
Command and args:
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark
-nVxr
=================================================================
==6884==ERROR: AddressSanitizer: attempting free on address which was not
malloc()-ed: 0x61b00004bba0 in thread T0
#0 0x5574ac921ec2 in __interceptor_free
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x108ec2)
#1 0x7f5ad268c0b3 in get_multipart_info
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:349:13
#2 0x7f5ad268b741 in dissect_multipart
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:815:32
#3 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#4 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#5 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#6 0x7f5ad21119cb in dissect_http_message
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:1832:16
#7 0x7f5ad210b3c2 in dissect_http_on_stream
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3504:9
#8 0x7f5ad2107933 in dissect_http_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3559:2
#9 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#10 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#11 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#12 0x7f5ad2f365cf in decode_tcp_ports
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5771:9
#13 0x7f5ad2f3d1a9 in process_tcp_payload
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5840:13
#14 0x7f5ad2f49229 in dissect_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:6696:21
#15 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#16 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#17 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#18 0x7f5ad22565f2 in ip_try_dissect
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:1832:7
#19 0x7f5ad225d5e3 in dissect_ip_v4
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:2290:10
#20 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#21 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#22 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#23 0x7f5ad44210fb in dissector_try_uint
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1423:9
#24 0x7f5ad1e123f0 in dissect_ethertype
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ethertype.c:261:21
#25 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#26 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#27 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#28 0x7f5ad441cf74 in call_dissector_with_data
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3180:8
#29 0x7f5ad1e0fad6 in dissect_eth_common
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-eth.c:527:5
#30 0x7f5ad1e0b513 in dissect_eth
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-eth.c:803:5
#31 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#32 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#33 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#34 0x7f5ad1ecb6ce in dissect_frame
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-frame.c:625:6
#35 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#36 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#37 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#38 0x7f5ad441cf74 in call_dissector_with_data
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3180:8
#39 0x7f5ad441c776 in dissect_record
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:580:3
#40 0x7f5ad43ec848 in epan_dissect_run_with_taps
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/epan.c:564:2
#41 0x5574ac9821f0 in process_packet_single_pass
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../tshark.c:3497:5
#42 0x5574ac97e139 in process_cap_file
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../tshark.c:3330:11
#43 0x5574ac978cc3 in main
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../tshark.c:2031:17
#44 0x7f5ac6c62b96 in __libc_start_main
/build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310
#45 0x5574ac876879 in _start
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x5d879)
0x61b00004bba0 is located 32 bytes inside of 1411-byte region
[0x61b00004bb80,0x61b00004c103)
allocated by thread T0 here:
#0 0x5574ac922243 in __interceptor_malloc
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x109243)
#1 0x7f5ac76c2ab8 in g_malloc
(/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51ab8)
#2 0x7f5ad4307162 in wmem_strict_alloc
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/wmem/wmem_allocator_strict.c:81:46
#3 0x7f5ad42fdbd9 in wmem_alloc
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/wmem/wmem_core.c:44:12
#4 0x7f5ad440c3c7 in ws_find_media_type_parameter
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/media_params.c:178:24
#5 0x7f5ad268c027 in get_multipart_info
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:341:22
#6 0x7f5ad268b741 in dissect_multipart
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-multipart.c:815:32
#7 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#8 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#9 0x7f5ad44280f0 in call_dissector_only
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:3167:8
#10 0x7f5ad21119cb in dissect_http_message
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:1832:16
#11 0x7f5ad210b3c2 in dissect_http_on_stream
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3504:9
#12 0x7f5ad2107933 in dissect_http_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-http.c:3559:2
#13 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#14 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#15 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#16 0x7f5ad2f365cf in decode_tcp_ports
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5771:9
#17 0x7f5ad2f3d1a9 in process_tcp_payload
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:5840:13
#18 0x7f5ad2f49229 in dissect_tcp
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-tcp.c:6696:21
#19 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#20 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#21 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#22 0x7f5ad22565f2 in ip_try_dissect
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:1832:7
#23 0x7f5ad225d5e3 in dissect_ip_v4
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ip.c:2290:10
#24 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
#25 0x7f5ad4420d29 in call_dissector_work
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:799:9
#26 0x7f5ad4420653 in dissector_try_uint_new
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1399:8
#27 0x7f5ad44210fb in dissector_try_uint
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:1423:9
#28 0x7f5ad1e123f0 in dissect_ethertype
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/dissectors/packet-ethertype.c:261:21
#29 0x7f5ad442b844 in call_dissector_through_handle
/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/build/cmbuild/../epan/packet.c:706:9
SUMMARY: AddressSanitizer: bad-free
(/home/wireshark/builders/wireshark-3.0-fuzz/fuzztest/install.asan/bin/tshark+0x108ec2)
in __interceptor_free
==6884==ABORTING
[ no debug trace ]</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>
--15959826031.c2B97.20677--
[Attachment #3 (text/plain)]
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic