Project

General

Profile

Actions

Bug #4972

closed

Null deference in ConfigApplyTx

Added by Philippe Antoine almost 3 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43733

Reproducer is with rule
alert ip any any -> any any (config:logging disable,type tx,scope tx;sid:1;)
and with lolc.pcap

Stack trace is

AddressSanitizer:DEADLYSIGNAL
=================================================================
==47909==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000026 (pc 0x000103aad24a bp 0x700006d33980 sp 0x700006d33930 T2)
==47909==The signal is caused by a READ memory access.
==47909==Hint: address points to the zero page.
    #0 0x103aad24a in ConfigApplyTx detect-config.c:92
    #1 0x103aad1c2 in ConfigApply detect-config.c:136
    #2 0x103aac742 in DetectConfigPostMatch detect-config.c:149
    #3 0x103b05cd1 in IPOnlyMatchPacket detect-engine-iponly.c:1110
    #4 0x103aa407d in DetectRunInspectIPOnly detect.c:557
    #5 0x103aa352a in DetectRun detect.c:118
    #6 0x103aa3143 in DetectNoFlow detect.c:1573
    #7 0x103aa2975 in Detect detect.c:1633
    #8 0x103c00756 in FlowWorker flow-worker.c:551


Files

lolc.pcap (80 Bytes) lolc.pcap Philippe Antoine, 01/17/2022 01:44 PM

Related issues 2 (0 open2 closed)

Copied to Suricata - Bug #5003: Null deference in ConfigApplyTxClosedShivani BhardwajActions
Copied to Suricata - Bug #5004: Null deference in ConfigApplyTxRejectedJeff LucovskyActions
Actions #1

Updated by Jeff Lucovsky almost 3 years ago

  • Copied to Bug #5003: Null deference in ConfigApplyTx added
Actions #2

Updated by Jeff Lucovsky almost 3 years ago

  • Copied to Bug #5004: Null deference in ConfigApplyTx added
Actions #3

Updated by Philippe Antoine almost 3 years ago

  • Status changed from New to In Review
Actions #4

Updated by Philippe Antoine almost 3 years ago

  • Status changed from In Review to Closed
Actions #5

Updated by Philippe Antoine almost 3 years ago

  • Status changed from Closed to In Review
Actions #7

Updated by Philippe Antoine over 2 years ago

  • Status changed from In Review to Closed
Actions #8

Updated by Philippe Antoine over 2 years ago

  • Status changed from Closed to In Review
Actions #9

Updated by Philippe Antoine over 2 years ago

  • Status changed from In Review to Closed
Actions #10

Updated by Victor Julien over 2 years ago

Git hashes:
c3a220647b31b453b0fc14ecfb028defad2778dc
00da0d3420fd6ebbdbe7990b26eebf7650856eca
0cba561fecffe93596d38691561d4316c3b8efb2
dccf2e4c30b968477d9cc7e7a86b64b97893831c

Actions #11

Updated by Victor Julien about 2 years ago

  • Private changed from Yes to No
  • Label deleted (Needs backport, Needs backport to 5.0, Needs backport to 6.0)
Actions

Also available in: Atom PDF