A crash due to an assertion failure can be observed in an ASAN build of Wireshark, by feeding a malformed file to tshark ("$ ./tshark -nVxr /path/to/file"). External Referencies: https://www.wireshark.org/security/wnpa-sec-2019-14.html Upstream bug(s): https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15613
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1697948]
Upstream patch: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8cdc95842687feee32856afba8e7087396082158
An assertion is reachable in call_dissector_only() in epan/packet.c, which checks whether the handle passed as argument is not NULL. In debug builds, this may just crash the application, while in release builds a NULL pointer dereference, with following crash, is possible.
External References: https://www.wireshark.org/security/wnpa-sec-2019-14.html