Buildbot crash output: fuzz-2017-04-03-23840.pcap

This issue was migrated from bug 13559 in our old bug tracker.

Original bug information:

Reporter: Buildbot Builder
Status: RESOLVED FIXED
Product: Wireshark
Component: Dissection engine (libwireshark)
OS: Ubuntu
Platform: x86-64
Version: unspecified

Buildbot Builder said:

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2017-04-03-23840.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/14426-traffic_mipn2.pcap

Build host information:
Linux wsbb04 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:	Ubuntu
Description:	Ubuntu 16.04.2 LTS
Release:	16.04
Codename:	xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3966
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=877b9a0d52c9b28c0169565add6f8bf6a6f3915c

Return value:  0

Dissector bug:  0

Valgrind error count:  190



Git commit
commit 877b9a0d52c9b28c0169565add6f8bf6a6f3915c
Author: Martin Kaiser <wireshark@kaiser.cx>
Date:   Sat Apr 1 12:00:47 2017 +0200

    tcp: (trivial) remove some unnecessary if (tree) checks

    Doing the checks ourselves doesn't save a lot of time.

    Change-Id: Icd96d6487ba88bc8a0f9d475e8f569803b40cf1a
    Reviewed-on: https://code.wireshark.org/review/20859
    Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
    Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
    Reviewed-by: Michael Mann <mmann78@netscape.net>


==29283== Memcheck, a memory error detector
==29283== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==29283== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==29283== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark -Vx -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2017-04-03-23840.pcap
==29283==
==29283== Use of uninitialised value of size 8
==29283==    at 0x6A2780A: low_nibble_of_octet_to_hex (to_str.c:58)
==29283==    by 0x6A2780A: byte_to_hex (to_str.c:64)
==29283==    by 0x6A2780A: bytes_to_hexstr (to_str.c:156)
==29283==    by 0x6A2780A: bytes_to_str (to_str.c:246)
==29283==    by 0x6A12D70: proto_item_fill_label (proto.c:7664)
==29283==    by 0x6A12300: proto_item_append_text (proto.c:5685)
==29283==    by 0x701F1E7: dissect_pbb_addressblock (packet-packetbb.c:735)
==29283==    by 0x701F1E7: dissect_pbb_message (packet-packetbb.c:889)
==29283==    by 0x701F1E7: dissect_packetbb (packet-packetbb.c:966)
==29283==    by 0x69F0FF0: call_dissector_through_handle (packet.c:668)
==29283==    by 0x69F0FF0: call_dissector_work (packet.c:743)
==29283==    by 0x69F10C9: dissector_try_uint_new (packet.c:1307)
==29283==    by 0x69F10C9: dissector_try_uint (packet.c:1333)
==29283==    by 0x723333E: decode_udp_ports (packet-udp.c:673)
==29283==    by 0x7234CE0: dissect (packet-udp.c:1131)
==29283==    by 0x7233CCD: dissect_udp (packet-udp.c:1137)
==29283==    by 0x69F0FF0: call_dissector_through_handle (packet.c:668)
==29283==    by 0x69F0FF0: call_dissector_work (packet.c:743)
==29283==    by 0x69F0E9E: dissector_try_uint_new (packet.c:1307)
==29283==    by 0x6E2D63D: ip_try_dissect (packet-ip.c:1853)
==29283==    by 0x6E2D63D: dissect_ip_v4 (packet-ip.c:2314)
==29283==
==29283== Use of uninitialised value of size 8
==29283==    at 0x6A27812: low_nibble_of_octet_to_hex (to_str.c:58)
==29283==    by 0x6A27812: byte_to_hex (to_str.c:65)
==29283==    by 0x6A27812: bytes_to_hexstr (to_str.c:156)
==29283==    by 0x6A27812: bytes_to_str (to_str.c:246)
==29283==    by 0x6A12D70: proto_item_fill_label (proto.c:7664)
==29283==    by 0x6A12300: proto_item_append_text (proto.c:5685)
==29283==    by 0x701F1E7: dissect_pbb_addressblock (packet-packetbb.c:735)
==29283==    by 0x701F1E7: dissect_pbb_message (packet-packetbb.c:889)
==29283==    by 0x701F1E7: dissect_packetbb (packet-packetbb.c:966)
==29283==    by 0x69F0FF0: call_dissector_through_handle (packet.c:668)
==29283==    by 0x69F0FF0: call_dissector_work (packet.c:743)
==29283==    by 0x69F10C9: dissector_try_uint_new (packet.c:1307)
==29283==    by 0x69F10C9: dissector_try_uint (packet.c:1333)
==29283==    by 0x723333E: decode_udp_ports (packet-udp.c:673)
==29283==    by 0x7234CE0: dissect (packet-udp.c:1131)
==29283==    by 0x7233CCD: dissect_udp (packet-udp.c:1137)
==29283==    by 0x69F0FF0: call_dissector_through_handle (packet.c:668)
==29283==    by 0x69F0FF0: call_dissector_work (packet.c:743)
==29283==    by 0x69F0E9E: dissector_try_uint_new (packet.c:1307)
==29283==    by 0x6E2D63D: ip_try_dissect (packet-ip.c:1853)
==29283==    by 0x6E2D63D: dissect_ip_v4 (packet-ip.c:2314)
==29283==
==29283==
==29283== HEAP SUMMARY:
==29283==     in use at exit: 127,182 bytes in 790 blocks
==29283==   total heap usage: 310,737 allocs, 309,947 frees, 41,193,514 bytes allocated
==29283==
==29283== LEAK SUMMARY:
==29283==    definitely lost: 6,515 bytes in 629 blocks
==29283==    indirectly lost: 72 bytes in 3 blocks
==29283==      possibly lost: 0 bytes in 0 blocks
==29283==    still reachable: 1,184 bytes in 39 blocks
==29283==         suppressed: 119,411 bytes in 119 blocks
==29283== Rerun with --leak-check=full to see details of leaked memory
==29283==
==29283== For counts of detected and suppressed errors, rerun with: -v
==29283== Use --track-origins=yes to see where uninitialised values come from
==29283== ERROR SUMMARY: 190 errors from 2 contexts (suppressed: 0 from 0)

[ no debug trace ]

added crash libwireshark osubuntu labels

Pascal Quantin said:

*** Bug #13565 (closed) has been marked as a duplicate of this bug. ***

Gerrit Code Review said:

Change 20992 had a related patch set uploaded by Pascal Quantin: PacketBB: do not add more bytes to the protocol tree than the real addr array length

https://code.wireshark.org/review/20992

Pascal Quantin said:

*** Bug #13583 (closed) has been marked as a duplicate of this bug. ***

Gerrit Code Review said:

Change 20992 merged by Michael Mann: PacketBB: do not add more bytes to the protocol tree than the real addr array length

https://code.wireshark.org/review/20992

Gerrit Code Review said:

Change 21008 had a related patch set uploaded by Michael Mann: PacketBB: do not add more bytes to the protocol tree than the real addr array length

https://code.wireshark.org/review/21008

Gerrit Code Review said:

Change 21009 had a related patch set uploaded by Michael Mann: PacketBB: do not add more bytes to the protocol tree than the real addr array length

https://code.wireshark.org/review/21009

Gerrit Code Review said:

Change 21009 merged by Michael Mann: PacketBB: do not add more bytes to the protocol tree than the real addr array length

https://code.wireshark.org/review/21009

Gerrit Code Review said:

Change 21008 merged by Michael Mann: PacketBB: do not add more bytes to the protocol tree than the real addr array length

https://code.wireshark.org/review/21008

closed

mentioned in issue #13565 (closed)

mentioned in issue #13583 (closed)