Project

General

Profile

Actions
Copy link

Bug #1937

closed
XB

rules: crashes and hangs reported by AFL+ASAN

Bug #1937: rules: crashes and hangs reported by AFL+ASAN

Added by Xiangyu Bu over 9 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
low
Difficulty:
medium
Label:

Description

The attached tarball contains about 1000 crashes and 380 hangs found by AFL+ASAN when fuzzing --afl-rules argument.

For each crash / hang the associated output is also attached.

The --build-info of the Suricata binary is included in the text file.

Compiler: clang-3.9.

Suricata: 3.2dev, last commit is

commit c6134e007e0785bc9a3ef5b524fd03adf7fa2c09
Author: Victor Julien <victor@inliniac.net>
Date:   Wed Oct 12 12:30:19 2016 +0200
    doc: app-layer tls including no-reassemble

Please contact me if more info is needed.

Files

Download all files
suricata_build_info.txt (2.88 KB) suricata_build_info.txt Xiangyu Bu, 10/26/2016 02:52 PM
checked_rules.tar.gz (413 KB) checked_rules.tar.gz Xiangyu Bu, 10/26/2016 02:52 PM

Related issues 1 (0 open1 closed)

Related to Suricata - Feature #2859: Oss-fuzz integrationClosedPhilippe AntoineActions

VJ Updated by Victor Julien over 9 years ago Actions
Copy link
 #1

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Andreas Herz
  • Target version set to 70

AH Updated by Andreas Herz about 9 years ago Actions
Copy link
 #2

AH Updated by Andreas Herz over 7 years ago Actions
Copy link
 #3

  • Assignee changed from Andreas Herz to OISF Dev

AH Updated by Andreas Herz over 7 years ago Actions
Copy link
 #4

  • Effort set to low
  • Difficulty set to medium

PA Updated by Philippe Antoine almost 7 years ago Actions
Copy link
 #5

AH Updated by Andreas Herz over 6 years ago Actions
Copy link
 #6

  • Assignee changed from OISF Dev to Andreas Herz

I will recheck this list so we can strip it down to the remaining ones.

AH Updated by Andreas Herz over 6 years ago Actions
Copy link
 #7

I can't reproduce any of the crashes anymore when I run it like this:

./autogen.sh
CFLAGS="-ggdb3 -Werror -Wchar-subscripts -fno-strict-aliasing -fstack-protector-all -fsanitize=address -fno-omit-frame-pointer -Wno-unused-parameter -Wno-unused-function"  ac_cv_func_malloc_0_nonnull=yes ac_cv_func_realloc_0_nonnull=yes ./configure --enable-afl --disable-shared
make -j5
LSAN_OPTIONS=suppressions=qa/lsan.suppress ASAN_SYMBOLIZER_PATH=/usr/bin/llvm-symbolizer sudo src/suricata -l /tmp/ -S rules/crashes/id:000... -r ~/Downloads/empty.pcap -c suricata.yaml

VJ Updated by Victor Julien almost 6 years ago Actions
Copy link
 #8

  • Status changed from Assigned to Closed
  • Assignee deleted (Andreas Herz)
  • Target version deleted (70)

Closing this. We now have better rule fuzzing through oss-fuzz support, so we'll fix anything that comes in through that.

Actions
Copy link

Also available in: PDF Atom