You need to sign in or sign up before continuing.
Buildbot crash output: fuzz-2020-11-02-18998.pcap
Problems have been found with the following capture file:
https://www.wireshark.org/download/automated/captures/fuzz-2020-11-02-18998.pcap
stderr:
Input file: /home/wireshark/menagerie/menagerie/metadata.pcapng
Build host information:
Linux build6 4.15.0-122-generic #124-Ubuntu SMP Thu Oct 15 13:03:05 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
Buildbot information:
BUILDBOT_WORKERNAME=fuzz-test
BUILDBOT_BUILDNUMBER=18
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_URL=https://buildbot.wireshark.org/wireshark-3.4/
BUILDBOT_REPOSITORY=git@gitlab.com:wireshark/wireshark.git
BUILDBOT_GOT_REVISION=746cf80cceee99801e59ac5a99e64e0514d2bd69
Return value: 0
Dissector bug: 0
Valgrind error count: 32
Git commit
commit 746cf80cceee99801e59ac5a99e64e0514d2bd69
Author: Gerald Combs <gerald@wireshark.org>
Date: Sun Nov 1 09:29:34 2020 +0000
[Automatic update for 2020-11-01]
Update manuf, services enterprise numbers, translations, and other items.
Command and args: ./tools/valgrind-wireshark.sh -b /home/wireshark/builders/wireshark-3.4-fuzz/fuzztest/install.plain/bin
==19549== Memcheck, a memory error detector
==19549== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==19549== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==19549== Command: /home/wireshark/builders/wireshark-3.4-fuzz/fuzztest/install.plain/bin/tshark -nr /fuzz/buildbot/fuzztest/valgrind-fuzz-3.4/fuzz-2020-11-02-18998.pcap
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x860BA2D: tvb_get_string_enc (tvbuff.c:2880)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549== by 0x7471648: dissect_kafka_tcp (packet-kafka.c:9302)
==19549== by 0x85AA127: call_dissector_through_handle (packet.c:720)
==19549== by 0x85A5C2C: call_dissector_work (packet.c:813)
==19549== by 0x85A5A07: dissector_try_uint_new (packet.c:1413)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x8607B13: compute_offset (tvbuff.c:235)
==19549== by 0x86076CB: check_offset_length_no_exception (tvbuff.c:307)
==19549== by 0x860B31A: ensure_contiguous_no_exception (tvbuff.c:758)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x8607B23: compute_offset (tvbuff.c:237)
==19549== by 0x86076CB: check_offset_length_no_exception (tvbuff.c:307)
==19549== by 0x860B31A: ensure_contiguous_no_exception (tvbuff.c:758)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x86076E8: check_offset_length_no_exception (tvbuff.c:311)
==19549== by 0x860B31A: ensure_contiguous_no_exception (tvbuff.c:758)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x86076FE: check_offset_length_no_exception (tvbuff.c:317)
==19549== by 0x860B31A: ensure_contiguous_no_exception (tvbuff.c:758)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x860773D: check_offset_length_no_exception (tvbuff.c:330)
==19549== by 0x860B31A: ensure_contiguous_no_exception (tvbuff.c:758)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x860E225: validate_offset (tvbuff.c:164)
==19549== by 0x860775A: check_offset_length_no_exception (tvbuff.c:333)
==19549== by 0x860B31A: ensure_contiguous_no_exception (tvbuff.c:758)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x860B34D: ensure_contiguous_no_exception (tvbuff.c:769)
==19549== by 0x860713B: ensure_contiguous (tvbuff.c:793)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549== by 0x7471648: dissect_kafka_tcp (packet-kafka.c:9302)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x8607145: ensure_contiguous (tvbuff.c:794)
==19549== by 0x860C074: tvb_get_utf_8_string (tvbuff.c:2582)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549== by 0x7471648: dissect_kafka_tcp (packet-kafka.c:9302)
==19549== by 0x85AA127: call_dissector_through_handle (packet.c:720)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x853A208: wmem_strbuf_sized_new (wmem_strbuf.c:63)
==19549== by 0x857F1DB: get_utf_8_string (charsets.c:111)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549== by 0x7471648: dissect_kafka_tcp (packet-kafka.c:9302)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x8534D22: wmem_alloc (wmem_core.c:40)
==19549== by 0x853A254: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==19549== by 0x857F1DB: get_utf_8_string (charsets.c:111)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0xD496AA3: g_malloc (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==19549== by 0x8534CD3: wmem_alloc (wmem_core.c:35)
==19549== by 0x8537739: wmem_simple_alloc (wmem_allocator_simple.c:43)
==19549== by 0x8534D49: wmem_alloc (wmem_core.c:44)
==19549== by 0x853A254: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==19549== by 0x857F1DB: get_utf_8_string (charsets.c:111)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x4C2FABC: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19549== by 0xD496AB8: g_malloc (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
==19549== by 0x8534CD3: wmem_alloc (wmem_core.c:35)
==19549== by 0x8537739: wmem_simple_alloc (wmem_allocator_simple.c:43)
==19549== by 0x8534D49: wmem_alloc (wmem_core.c:44)
==19549== by 0x853A254: wmem_strbuf_sized_new (wmem_strbuf.c:66)
==19549== by 0x857F1DB: get_utf_8_string (charsets.c:111)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x857F1E4: get_utf_8_string (charsets.c:117)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549== by 0x7471648: dissect_kafka_tcp (packet-kafka.c:9302)
==19549== by 0x85AA127: call_dissector_through_handle (packet.c:720)
==19549==
==19549== Use of uninitialised value of size 8
==19549== at 0x857F1EE: get_utf_8_string (charsets.c:118)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549== by 0x7471648: dissect_kafka_tcp (packet-kafka.c:9302)
==19549== by 0x85AA127: call_dissector_through_handle (packet.c:720)
==19549==
==19549== Conditional jump or move depends on uninitialised value(s)
==19549== at 0x853A488: wmem_strbuf_grow (wmem_strbuf.c:107)
==19549== by 0x853A8CF: wmem_strbuf_append_c (wmem_strbuf.c:238)
==19549== by 0x857F217: get_utf_8_string (charsets.c:122)
==19549== by 0x860C088: tvb_get_utf_8_string (tvbuff.c:2583)
==19549== by 0x860BAAD: tvb_get_string_enc (tvbuff.c:2901)
==19549== by 0x74836EB: dissect_kafka_metadata_topic (packet-kafka.c:2641)
==19549== by 0x747A097: dissect_kafka_array_elements (packet-kafka.c:940)
==19549== by 0x747A6C2: dissect_kafka_regular_array (packet-kafka.c:965)
==19549== by 0x747A3DA: dissect_kafka_array (packet-kafka.c:1016)
==19549== by 0x747710B: dissect_kafka_metadata_response (packet-kafka.c:2689)
==19549== by 0x74724F2: dissect_kafka (packet-kafka.c:9134)
==19549== by 0x7A40A0E: tcp_dissect_pdus (packet-tcp.c:3887)
==19549==
==19549==
==19549== HEAP SUMMARY:
==19549== in use at exit: 41,204 bytes in 204 blocks
==19549== total heap usage: 329,895 allocs, 329,691 frees, 40,528,907 bytes allocated
==19549==
==19549== LEAK SUMMARY:
==19549== definitely lost: 0 bytes in 0 blocks
==19549== indirectly lost: 0 bytes in 0 blocks
==19549== possibly lost: 0 bytes in 0 blocks
==19549== still reachable: 40,409 bytes in 173 blocks
==19549== suppressed: 795 bytes in 31 blocks
==19549== Rerun with --leak-check=full to see details of leaked memory
==19549==
==19549== For counts of detected and suppressed errors, rerun with: -v
==19549== Use --track-origins=yes to see where uninitialised values come from
==19549== ERROR SUMMARY: 32 errors from 16 contexts (suppressed: 0 from 0)
no debug trace