wireshark: Heap-buffer-overflow in bootp_option

2017-04-19T20:40:31
ID OSSFUZZ-1183
Type ossfuzz
Reporter Google
Modified 2017-05-26T13:04:43

Description

Project: https://code.wireshark.org/review/wireshark

Detailed report: https://oss-fuzz.com/testcase?key=6216983760601088

Project: wireshark Fuzzer: libFuzzer_wireshark_fuzzshark_udp_port-bootp Fuzz target binary: fuzzshark_udp_port-bootp Job Type: libfuzzer_asan_wireshark Platform Id: linux

Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6130000006e4 Crash State: bootp_option bootp_option dissect_bootp

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_wireshark&range=201704181620:201704191700

Reproducer Testcase: https://oss-fuzz.com/download/AMIfv97KNaxgDs1gXxOILQzemmRwoJ6gxTeo2b7jUMcCm8P5xvqXFKCYbQBokoi2af6y-ZKnqpva2yfU6ZHWAmMFGMa7OUOg8ev_zFqGosinDhzihosk_uDue3XvYUwcEvNhaBwTUzgaUnyq9Ebe1lFMVbYt1NIAuOyVOSJSKOHMAntQNDgGyvlk_s3qmxgXrQefJ33lGqQaBP2Laab_bqQXqX9vuY9U6UPgSlCBcHygxnPjuutR5tbgdYM2lQdL-B99XkEzSvWqti5tC3pwYnegtYqUC-4DcAJnDICKfQpivkaeQPFpt7KBtHHGeewaGeuP31DwYOAJvkr3ig7i3VUMW4Yqd10p7IoZB64raGMHkHbfxHNgBl1jHYoV6Bq1i1PCXi_MmHw1npC9f1ki4WCw8hwwHU46KzCEm8rnk0BK-pRCLFRk3ME?testcase_id=6216983760601088

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.