Skip to content

GitLab

Closed
Created by A Wireshark GitLab Utility@ws-gitlab-utilityDeveloper

Fuzz job crash output: fuzz-2021-11-18-10827.pcap

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2021-11-18-10827.pcap

stderr:

Branch: HEAD

Input file: /var/menagerie/menagerie/gryphon.cap

Build host information:
Linux 5.4.0-90-generic #101-Ubuntu SMP Fri Oct 15 20:00:55 UTC 2021 x86_64
Distributor ID:	Ubuntu
Description:	Ubuntu 20.04.3 LTS
Release:	20.04
Codename:	focal

CI job name: ASan Menagerie Fuzz, ID: 1797414117 

Return value:  0

Dissector bug:  0

Valgrind error count:  0

Latest (but not necessarily the problem) commit:
61e4529f tests: fix the test case running warning.
Command and args: /builds/wireshark/wireshark/_install/bin/tshark -2  -nVxr
Running as user "root" and group "root". This could be dangerous.
AddressSanitizer:DEADLYSIGNAL
=================================================================
==39470==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7fe77f67351f bp 0x7ffedc177450 sp 0x7ffedc177180 T0)
==39470==The signal is caused by a READ memory access.
==39470==Hint: address points to the zero page.
    #0 0x7fe77f67351f in decode_response /builds/wireshark/wireshark/build/../plugins/epan/gryphon/packet-gryphon.c:4008:33
    #1 0x7fe77f671051 in dissect_gryphon_message /builds/wireshark/wireshark/build/../plugins/epan/gryphon/packet-gryphon.c:4273:18
    #2 0x7fe77f6707da in dissect_gryphon_pdu /builds/wireshark/wireshark/build/../plugins/epan/gryphon/packet-gryphon.c:4334:5
    #3 0x7fe792d73084 in tcp_dissect_pdus /builds/wireshark/wireshark/build/../epan/dissectors/packet-tcp.c:4167:13
    #4 0x7fe77f67073f in dissect_gryphon /builds/wireshark/wireshark/build/../plugins/epan/gryphon/packet-gryphon.c:4341:5
    #5 0x7fe79431a53a in call_dissector_through_handle /builds/wireshark/wireshark/build/../epan/packet.c:757:9
    #6 0x7fe79430ff43 in call_dissector_work /builds/wireshark/wireshark/build/../epan/packet.c:850:9
    #7 0x7fe79430f8d3 in dissector_try_uint_new /builds/wireshark/wireshark/build/../epan/packet.c:1466:8
    #8 0x7fe792d74a42 in decode_tcp_ports /builds/wireshark/wireshark/build/../epan/dissectors/packet-tcp.c:6337:9
    #9 0x7fe792d7ad83 in process_tcp_payload /builds/wireshark/wireshark/build/../epan/dissectors/packet-tcp.c:6400:13
    #10 0x7fe792d7877c in desegment_tcp /builds/wireshark/wireshark/build/../epan/dissectors/packet-tcp.c:3635:9
    #11 0x7fe792d76581 in dissect_tcp_payload /builds/wireshark/wireshark/build/../epan/dissectors/packet-tcp.c:6473:9
    #12 0x7fe792d87982 in dissect_tcp /builds/wireshark/wireshark/build/../epan/dissectors/packet-tcp.c:7446:17
    #13 0x7fe79431a53a in call_dissector_through_handle /builds/wireshark/wireshark/build/../epan/packet.c:757:9
    #14 0x7fe79430ff43 in call_dissector_work /builds/wireshark/wireshark/build/../epan/packet.c:850:9
    #15 0x7fe79430f8d3 in dissector_try_uint_new /builds/wireshark/wireshark/build/../epan/packet.c:1466:8
    #16 0x7fe79207ef0e in ip_try_dissect /builds/wireshark/wireshark/build/../epan/dissectors/packet-ip.c:1817:7
    #17 0x7fe792084177 in dissect_ip_v4 /builds/wireshark/wireshark/build/../epan/dissectors/packet-ip.c:2306:10
    #18 0x7fe79431a53a in call_dissector_through_handle /builds/wireshark/wireshark/build/../epan/packet.c:757:9
    #19 0x7fe79430ff43 in call_dissector_work /builds/wireshark/wireshark/build/../epan/packet.c:850:9
    #20 0x7fe79430f8d3 in dissector_try_uint_new /builds/wireshark/wireshark/build/../epan/packet.c:1466:8
    #21 0x7fe7943102e2 in dissector_try_uint /builds/wireshark/wireshark/build/../epan/packet.c:1490:9
    #22 0x7fe791c5ed33 in dissect_ethertype /builds/wireshark/wireshark/build/../epan/dissectors/packet-ethertype.c:296:21
    #23 0x7fe79431a53a in call_dissector_through_handle /builds/wireshark/wireshark/build/../epan/packet.c:757:9
    #24 0x7fe79430ff43 in call_dissector_work /builds/wireshark/wireshark/build/../epan/packet.c:850:9
    #25 0x7fe7943170f0 in call_dissector_only /builds/wireshark/wireshark/build/../epan/packet.c:3290:8
    #26 0x7fe79430c2b4 in call_dissector_with_data /builds/wireshark/wireshark/build/../epan/packet.c:3303:8
    #27 0x7fe791c5bb30 in dissect_eth_common /builds/wireshark/wireshark/build/../epan/dissectors/packet-eth.c:576:5
    #28 0x7fe791c5a697 in dissect_eth /builds/wireshark/wireshark/build/../epan/dissectors/packet-eth.c:882:5
    #29 0x7fe79431a53a in call_dissector_through_handle /builds/wireshark/wireshark/build/../epan/packet.c:757:9
    #30 0x7fe79430ff43 in call_dissector_work /builds/wireshark/wireshark/build/../epan/packet.c:850:9
    #31 0x7fe7943170f0 in call_dissector_only /builds/wireshark/wireshark/build/../epan/packet.c:3290:8
    #32 0x7fe791ce8266 in dissect_frame /builds/wireshark/wireshark/build/../epan/dissectors/packet-frame.c:900:6
    #33 0x7fe79431a53a in call_dissector_through_handle /builds/wireshark/wireshark/build/../epan/packet.c:757:9
    #34 0x7fe79430ff43 in call_dissector_work /builds/wireshark/wireshark/build/../epan/packet.c:850:9
    #35 0x7fe7943170f0 in call_dissector_only /builds/wireshark/wireshark/build/../epan/packet.c:3290:8
    #36 0x7fe79430c2b4 in call_dissector_with_data /builds/wireshark/wireshark/build/../epan/packet.c:3303:8
    #37 0x7fe79430ba90 in dissect_record /builds/wireshark/wireshark/build/../epan/packet.c:624:3
    #38 0x7fe7942df1f8 in epan_dissect_run_with_taps /builds/wireshark/wireshark/build/../epan/epan.c:629:2
    #39 0x560b32725a35 in process_packet_second_pass /builds/wireshark/wireshark/build/../tshark.c:3246:5
    #40 0x560b32723e8d in process_cap_file_second_pass /builds/wireshark/wireshark/build/../tshark.c:3388:9
    #41 0x560b3271e2ac in process_cap_file /builds/wireshark/wireshark/build/../tshark.c:3658:28
    #42 0x560b3271845f in main /builds/wireshark/wireshark/build/../tshark.c:2098:16
    #43 0x7fe78690f0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #44 0x560b326454bd in _start (/builds/wireshark/wireshark/_install/bin/tshark+0x5f4bd)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /builds/wireshark/wireshark/build/../plugins/epan/gryphon/packet-gryphon.c:4008:33 in decode_response
==39470==ABORTING

fuzz-test.sh stderr:
Running as user "root" and group "root". This could be dangerous.

no debug trace

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information