Segfault in Tcptrace at names.c:179

[Ngiong]

Hello,
We are currently working on a new fuzz testing feature, and we found a crash in tcptrace.

Step to Reproduce
We configured and built libpcap-1.9.1 using CFLAGS="-g -O0" ./configure and make
and configured tcptrace using CFLAGS="-L${LIBPCAP_PATH}/lib -I${LIBPCAP_PATH}/include" LDFLAGS="-L${LIBPCAP_PATH}/lib -lpcap" ./configure and built using make, and run it with:

./tcptrace  --showtitle -d -d -d --nowarn_printtrunc --warn_ooo --noshowsacks <attached_file> -n --nores_addr

Attachment: poc_0002.txt

Environment

• OS: Ubuntu 18.04.4 LTS
• Compiler: gcc 7.5.0
• tcptrace version: 6.6.7 (http://www.tcptrace.org/download/tcptrace-6.6.7.tar.gz)
• libpcap version: 1.9.1 (https://www.tcpdump.org/release/libpcap-1.9.1.tar.gz)

Additional context
Here's the stack trace: stack_trace_0002.zip

Program received signal SIGSEGV, Segmentation fault.
_IO_vfprintf_internal (s=0x7fffff7ff540, format=0x47c8f3 "Searching cache for host '%s'\n", ap=0x7fffff801c00) at vfprintf.c:1320
1320	vfprintf.c: No such file or directory.
#0  _IO_vfprintf_internal (s=0x7fffff7ff540, format=0x47c8f3 "Searching cache for host '%s'\n", ap=0x7fffff801c00) at vfprintf.c:1320
#1  0x00007ffff76a4700 in buffered_vfprintf (s=s@entry=0x7ffff7a32680 <_IO_2_1_stderr_>, format=format@entry=0x47c8f3 "Searching cache for host '%s'\n", args=args@entry=0x7fffff801c00) at vfprintf.c:2329
#2  0x00007ffff76a17b6 in _IO_vfprintf_internal (s=0x7ffff7a32680 <_IO_2_1_stderr_>, format=0x47c8f3 "Searching cache for host '%s'\n", ap=ap@entry=0x7fffff801c00) at vfprintf.c:1301
#3  0x00007ffff76aaed4 in __fprintf (stream=<optimized out>, format=<optimized out>) at fprintf.c:32
#4  0x0000000000408cfa in HostName (ipaddress=...) at names.c:179
#5  0x00000000004118b8 in ParenHostName (addr=...) at print.c:630
#6  0x0000000000411039 in printipv4 (pip=0x6e7520, plast=0x6e7547) at print.c:208
#7  0x000000000040fd0e in printip_packet (pip=0x6e7520, plast=0x6e7547) at print.c:179
#8  0x000000000040fa61 in printpacket (len=100, tlen=100, phys=0x0, phystype=0, pip=0x6e7520, plast=0x6e7547, tcb=0x0) at print.c:596
#9  0x000000000042655a in findheader (ipproto=6, pip=0x6e7520, pphdr=0x7fffff8021b0, pplast=0x7fffff8021c8) at ipv6.c:158
#10 0x000000000042681a in gettcp (pip=0x6e7520, pptcp=0x7fffff8021b0, pplast=0x7fffff8021c8) at ipv6.c:306
#11 0x000000000040fd79 in printtcp_packet (pip=0x6e7520, plast=0x6e7547, thisdir=0x0) at print.c:362
... <more were omitted> ...

Thank you.