Project

General

Profile

Actions

Bug #3612

closed

rules/bsize: memory issue during parsing

Added by Jeff Lucovsky almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

$ ./src/fuzz_siginit ~/Downloads/clusterfuzz-testcase-minimized-fuzz_siginit-5086076374089728 
=================================================================
==29775==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffeb56ab16b at pc 0x7f638898666e bp 0x7ffeb56a7c10 sp 0x7ffeb56a73b8
READ of size 12 at 0x7ffeb56ab16b thread T0 (Suricata-Main)
    #0 0x7f638898666d  (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x5166d)
    #1 0x55fd20fcab31 in ParseSizeString /home/victor/sync/devel/suricata-afl/src/util-misc.c:90
    #2 0x55fd20fcc07a in ParseSizeStringU64 /home/victor/sync/devel/suricata-afl/src/util-misc.c:208
    #3 0x55fd2045343f in DetectBsizeParse /home/victor/sync/devel/suricata-afl/src/detect-bsize.c:193
    #4 0x55fd20454eff in DetectBsizeSetup /home/victor/sync/devel/suricata-afl/src/detect-bsize.c:291
    #5 0x55fd20b0ba95 in SigParseOptions /home/victor/sync/devel/suricata-afl/src/detect-parse.c:805
    #6 0x55fd20b0e6b6 in SigParse /home/victor/sync/devel/suricata-afl/src/detect-parse.c:1241
    #7 0x55fd20b17a2e in SigInitHelper /home/victor/sync/devel/suricata-afl/src/detect-parse.c:1865
    #8 0x55fd20b18b21 in SigInit /home/victor/sync/devel/suricata-afl/src/detect-parse.c:2032
    #9 0x55fd20024d25 in LLVMFuzzerTestOneInput tests/fuzz/fuzz_siginit.c:39
    #10 0x55fd210f50d3 in main tests/fuzz/onefile.c:51
    #11 0x7f6385dc3b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #12 0x55fd20024ae9 in _start (/home/victor/sync/devel/suricata-afl/src/fuzz_siginit+0x1f9ae9)

Probably needs backporting.


Files


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3567: rules/bsize: memory issue during parsingClosedJeff LucovskyActions
Actions #1

Updated by Jeff Lucovsky almost 4 years ago

  • Copied from Bug #3567: rules/bsize: memory issue during parsing added
Actions #2

Updated by Jeff Lucovsky almost 4 years ago

  • Status changed from Assigned to In Review
Actions #3

Updated by Jeff Lucovsky almost 4 years ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF