[prev in list] [next in list] [prev in thread] [next in thread]
List: wireshark-bugs
Subject: [Wireshark-bugs] [Bug 16745] New: Buildbot crash output: fuzz-2020-07-29-17486.pcap
From: bugzilla-daemon () wireshark ! org
Date: 2020-07-30 0:50:04
Message-ID: 010001739d329428-a5679320-e581-4082-a7e2-f6c821213752-000000 () us-east-1 ! amazonses ! com
[Download RAW message or body]
--15960702031.D9d7c.21724
Date: Thu, 30 Jul 2020 00:50:03 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.wireshark.org/bugzilla/
Auto-Submitted: auto-generated
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16745
Bug ID: 16745
Summary: Buildbot crash output: fuzz-2020-07-29-17486.pcap
Product: Wireshark
Version: unspecified
Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
Severity: Major
Priority: High
Component: Dissection engine (libwireshark)
Assignee: bugzilla-admin@wireshark.org
Reporter: buildbot-do-not-reply@wireshark.org
Target Milestone: ---
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2020-07-29-17486.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/produce.pcapng
Build host information:
Linux build6 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=5275
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_GOT_REVISION=28bec58f0557f949647537d04a9dcb9dab5e5f80
Return value: 0
Dissector bug: 0
Valgrind error count: 0
Git commit
commit 28bec58f0557f949647537d04a9dcb9dab5e5f80
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date: Wed Jul 29 14:44:55 2020 +0200
CDP: Improve CDP port ID TLV hack heuristic
The heuristic used for dissection of the port ID TLV breaks in the face
of subsequent TLVs with tags starting with 0x10xx. This change fixes the
heuristic to allow these new TLVs to follow the port ID TLV without
triggering the workaround for buggy CDP senders.
Bug: 16742
Change-Id: I40c7ce790263c6de9b59ce543485cf3827f77fe7
Reviewed-on: https://code.wireshark.org/review/37985
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Command and args:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark
-nVxr
** (process:19435): WARNING **: 00:43:07.949: Dissector bug, protocol Kafka, in
packet 11: ../epan/proto.c:4272: failed assertion "start_ptr != ((void*)0) ||
length == 0"
AddressSanitizer:DEADLYSIGNAL
=================================================================
==19435==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x7f3ba7713661 bp 0x7fff9b1ab230 sp 0x7fff9b1ab210 T0)
==19435==The signal is caused by a READ memory access.
==19435==Hint: address points to the zero page.
#0 0x7f3ba7713660 in value_get
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/ftypes/ftype-bytes.c
#1 0x7f3ba7711023 in fvalue_get
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/ftypes/ftypes.c:627:9
#2 0x7f3ba78ef428 in proto_item_fill_label
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:8791:18
#3 0x7f3ba7868a1f in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:186:9
#4 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#5 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#6 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#7 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#8 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#9 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#10 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#11 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#12 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#13 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#14 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#15 0x7f3ba7868585 in proto_tree_print
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:155:5
#16 0x563b1f38a783 in print_packet
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:4140:12
#17 0x563b1f38a422 in process_packet_single_pass
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3773:7
#18 0x563b1f38dba7 in process_cap_file_single_pass
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3412:9
#19 0x563b1f387640 in process_cap_file
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3567:26
#20 0x563b1f381341 in main
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:2051:16
#21 0x7f3b99806b96 in __libc_start_main
/build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310
#22 0x563b1f27dcd9 in _start
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark+0x59cd9)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/ftypes/ftype-bytes.c
in value_get
==19435==ABORTING
[ no debug trace ]
--
You are receiving this mail because:
You are watching all bug changes.
--15960702031.D9d7c.21724
Date: Thu, 30 Jul 2020 00:50:03 +0000
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.wireshark.org/bugzilla/
Auto-Submitted: auto-generated
<html>
<head>
<base href="https://bugs.wireshark.org/bugzilla/" />
<style>
body, th, td {
font-size: 12px;
font-family: Arial, Helvetica, sans-serif; }
p, pre { margin-top: 1em; }
pre {
font-family: Bitstream Vera Sans Mono, Consolas, Lucida Console, \
monospace; white-space: pre-wrap;
}
table { border: 0; border-spacing: 0; border-collapse: collapse; }
th, td {
padding: 0.25em;
padding-left: 0.5em;
padding-right: 0.5em;
}
th { background: rgb(240, 240, 240); }
th.th_top { border-bottom: 1px solid rgb(116, 126, 147); }
th.th_left { border-right: 1px solid rgb(116, 126, 147); }
td.removed { background-color: #ffcccc; }
td.added { background-color: #e4ffc7; }
</style>
</head>
<body><table>
<tr>
<th class="th_left">Bug ID</th>
<td><a class="bz_bug_link
bz_status_CONFIRMED "
title="CONFIRMED - Buildbot crash output: fuzz-2020-07-29-17486.pcap"
href="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16745">16745</a>
</td>
</tr>
<tr>
<th class="th_left">Summary</th>
<td>Buildbot crash output: fuzz-2020-07-29-17486.pcap
</td>
</tr>
<tr>
<th class="th_left">Product</th>
<td>Wireshark
</td>
</tr>
<tr>
<th class="th_left">Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th class="th_left">Hardware</th>
<td>x86-64
</td>
</tr>
<tr>
<th class="th_left">OS</th>
<td>Ubuntu
</td>
</tr>
<tr>
<th class="th_left">Status</th>
<td>CONFIRMED
</td>
</tr>
<tr>
<th class="th_left">Severity</th>
<td>Major
</td>
</tr>
<tr>
<th class="th_left">Priority</th>
<td>High
</td>
</tr>
<tr>
<th class="th_left">Component</th>
<td>Dissection engine (libwireshark)
</td>
</tr>
<tr>
<th class="th_left">Assignee</th>
<td>bugzilla-admin@wireshark.org
</td>
</tr>
<tr>
<th class="th_left">Reporter</th>
<td>buildbot-do-not-reply@wireshark.org
</td>
</tr>
<tr>
<th class="th_left">Target Milestone</th>
<td>---
</td>
</tr></table>
<p>
<div>
<pre>Problems have been found with the following capture file:
<a href="https://www.wireshark.org/download/automated/captures/fuzz-2020-07-29-17486.p \
cap">https://www.wireshark.org/download/automated/captures/fuzz-2020-07-29-17486.pcap</a>
stderr:
Input file: /home/wireshark/menagerie/menagerie/produce.pcapng
Build host information:
Linux build6 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=5275
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_URL=<a href="http://buildbot.wireshark.org/wireshark-master/">http://buildbot.wireshark.org/wireshark-master/</a>
BUILDBOT_REPOSITORY=ssh://<a \
href="mailto:wireshark-buildbot@code.wireshark.org">wireshark-buildbot@code.wireshark.org</a>:29418/wireshark
BUILDBOT_GOT_REVISION=28bec58f0557f949647537d04a9dcb9dab5e5f80
Return value: 0
Dissector bug: 0
Valgrind error count: 0
Git commit
<a href="https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28bec58f0557f949647537d04a9dcb9dab5e5f80">commit \
28bec58f0557f949647537d04a9dcb9dab5e5f80</a>
Author: Jaap Keuter <<a \
href="mailto:jaap.keuter@xs4all.nl">jaap.keuter@xs4all.nl</a>>
Date: Wed Jul 29 14:44:55 2020 +0200
CDP: Improve CDP port ID TLV hack heuristic
The heuristic used for dissection of the port ID TLV breaks in the face
of subsequent TLVs with tags starting with 0x10xx. This change fixes the
heuristic to allow these new TLVs to follow the port ID TLV without
triggering the workaround for buggy CDP senders.
Bug: 16742
Change-Id: <a href="https://code.wireshark.org/review/#/q/I40c7ce790263c6de9b59ce543485cf3827f77fe7">I40c7ce790263c6de9b59ce543485cf3827f77fe7</a>
Reviewed-on: <a href="https://code.wireshark.org/review/37985">https://code.wireshark.org/review/37985</a>
Reviewed-by: Jaap Keuter <<a \
href="mailto:jaap.keuter@xs4all.nl">jaap.keuter@xs4all.nl</a>> \
Petri-Dish: Jaap Keuter <<a \
href="mailto:jaap.keuter@xs4all.nl">jaap.keuter@xs4all.nl</a>> Tested-by: \
Petri Dish Buildbot Reviewed-by: Alexis La Goutte <<a \
href="mailto:alexis.lagoutte@gmail.com">alexis.lagoutte@gmail.com</a>>
Command and args:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark
-nVxr
** (process:19435): WARNING **: 00:43:07.949: Dissector bug, protocol Kafka, in
packet 11: ../epan/proto.c:4272: failed assertion "start_ptr != ((void*)0) ||
length == 0"
AddressSanitizer:DEADLYSIGNAL
=================================================================
==19435==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x7f3ba7713661 bp 0x7fff9b1ab230 sp 0x7fff9b1ab210 T0)
==19435==The signal is caused by a READ memory access.
==19435==Hint: address points to the zero page.
#0 0x7f3ba7713660 in value_get
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/ftypes/ftype-bytes.c
#1 0x7f3ba7711023 in fvalue_get
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/ftypes/ftypes.c:627:9
#2 0x7f3ba78ef428 in proto_item_fill_label
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:8791:18
#3 0x7f3ba7868a1f in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:186:9
#4 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#5 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#6 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#7 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#8 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#9 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#10 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#11 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#12 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#13 0x7f3ba78694fc in proto_tree_print_node
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:241:13
#14 0x7f3ba78a96b7 in proto_tree_children_foreach
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/proto.c:722:3
#15 0x7f3ba7868585 in proto_tree_print
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:155:5
#16 0x563b1f38a783 in print_packet
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:4140:12
#17 0x563b1f38a422 in process_packet_single_pass
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3773:7
#18 0x563b1f38dba7 in process_cap_file_single_pass
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3412:9
#19 0x563b1f387640 in process_cap_file
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3567:26
#20 0x563b1f381341 in main
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:2051:16
#21 0x7f3b99806b96 in __libc_start_main
/build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310
#22 0x563b1f27dcd9 in _start
(/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark+0x59cd9)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/ftypes/ftype-bytes.c
in value_get
==19435==ABORTING
[ no debug trace ]</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>
--15960702031.D9d7c.21724--
[Attachment #3 (text/plain)]
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic