Project

General

Profile

Download (6.07 KB)

Security #8143 » 0a0a41066d85d4d1d254ccff304972c42791fe9d-alignment.log

Log ethernet - Sergey Zhidkih, 11/27/2025 09:35 AM

 
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 2225186478
/artifacts/cov_workdir/fuzz_sigpcap: Running 1 inputs 1 time(s) each.
Running: /artifacts/afl_workdir//fuzz_sigpcap.d/./0a0a41066d85d4d1d254ccff304972c42791fe9d
util-hash-string.c:27:23: runtime error: left shift of 193458092 by 5 places cannot be represented in type 'uint32_t' (aka 'unsigned int')
#0 0x5581342fa18c in StringHashDjb2 /artifacts/suricata/src/util-hash-string.c:27:23
#1 0x55813437b54b in ProtoNameHashFunc /artifacts/suricata/src/util-proto-name.c:364:12
#2 0x5581342fb87c in HashTableAdd /artifacts/suricata/src/util-hash.c:125:21
#3 0x55813437c17b in ProtoNameAddEntry /artifacts/suricata/src/util-proto-name.c:399:14
#4 0x55813437b093 in SCProtoNameInit /artifacts/suricata/src/util-proto-name.c:427:13
#5 0x5581342029d1 in GlobalsInitPreConfig /artifacts/suricata/src/suricata.c:387:5
#6 0x558133ea1639 in LLVMFuzzerTestOneInput /artifacts/suricata/src/tests/fuzz/fuzz_sigpcap.c:65:9
#7 0x558133d9e1db in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:619:13
#8 0x558133d8611f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:328:6
#9 0x558133d8c2b1 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:863:9
#10 0x558133db8442 in main /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#11 0x7fd6d6785c8b (/lib64/libc.so.6+0x27c8b) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#12 0x7fd6d6785d44 in __libc_start_main (/lib64/libc.so.6+0x27d44) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#13 0x558133d80900 in _start (/artifacts/cov_workdir/fuzz_sigpcap+0xb9d900) (BuildId: 2d54185a0c9980f187373529b44d9b404c55e377)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior util-hash-string.c:27:23
util-hash-string.c:27:29: runtime error: unsigned integer overflow: 2428284768 + 2089149819 cannot be represented in type 'uint32_t' (aka 'unsigned int')
#0 0x5581342fa1c3 in StringHashDjb2 /artifacts/suricata/src/util-hash-string.c:27:29
#1 0x55813437b54b in ProtoNameHashFunc /artifacts/suricata/src/util-proto-name.c:364:12
#2 0x5581342fb87c in HashTableAdd /artifacts/suricata/src/util-hash.c:125:21
#3 0x55813437c17b in ProtoNameAddEntry /artifacts/suricata/src/util-proto-name.c:399:14
#4 0x55813437b093 in SCProtoNameInit /artifacts/suricata/src/util-proto-name.c:427:13
#5 0x5581342029d1 in GlobalsInitPreConfig /artifacts/suricata/src/suricata.c:387:5
#6 0x558133ea1639 in LLVMFuzzerTestOneInput /artifacts/suricata/src/tests/fuzz/fuzz_sigpcap.c:65:9
#7 0x558133d9e1db in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:619:13
#8 0x558133d8611f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:328:6
#9 0x558133d8c2b1 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:863:9
#10 0x558133db8442 in main /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#11 0x7fd6d6785c8b (/lib64/libc.so.6+0x27c8b) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#12 0x7fd6d6785d44 in __libc_start_main (/lib64/libc.so.6+0x27d44) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#13 0x558133d80900 in _start (/artifacts/cov_workdir/fuzz_sigpcap+0xb9d900) (BuildId: 2d54185a0c9980f187373529b44d9b404c55e377)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior util-hash-string.c:27:29
==8199== ERROR: libFuzzer: deadly signal
#0 0x558133e67a31 in __sanitizer_print_stack_trace /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/asan/asan_stack.cpp:87:3
#1 0x558133db7938 in fuzzer::PrintStackTrace() /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5
#2 0x558133d9cc53 in fuzzer::Fuzzer::CrashCallback() /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:231:3
#3 0x7fd6d679ba1f (/lib64/libc.so.6+0x3da1f) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#4 0x5581345ce95b in DecodeIPV6Packet /artifacts/suricata/src/decode-ipv6.c:551:9
#5 0x5581345cb0e8 in DecodeIPV6 /artifacts/suricata/src/decode-ipv6.c:570:27
#6 0x558134588824 in DecodeNetworkLayer /artifacts/suricata/src/./decode.h:1466:13
#7 0x558134587981 in DecodeEthernet /artifacts/suricata/src/decode-ethernet.c:61:5
#8 0x5581340ad6fd in DecodePcapFile /artifacts/suricata/src/source-pcap-file.c:444:9
#9 0x558133ea2bc2 in LLVMFuzzerTestOneInput /artifacts/suricata/src/tests/fuzz/fuzz_sigpcap.c:174:29
#10 0x558133d9e1db in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:619:13
#11 0x558133d8611f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:328:6
#12 0x558133d8c2b1 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:863:9
#13 0x558133db8442 in main /usr/src/RPM/BUILD/llvm-project-20/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#14 0x7fd6d6785c8b (/lib64/libc.so.6+0x27c8b) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#15 0x7fd6d6785d44 in __libc_start_main (/lib64/libc.so.6+0x27d44) (BuildId: 22555ae827f9b29f1149acf2fe0887aa8760c393)
#16 0x558133d80900 in _start (/artifacts/cov_workdir/fuzz_sigpcap+0xb9d900) (BuildId: 2d54185a0c9980f187373529b44d9b404c55e377)

NOTE: libFuzzer has rudimentary signal handlers.
Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
(2-2/4)