Project

General

Profile

Actions

Bug #5145

closed

nfs: Integer underflow in NFS

Added by Philippe Antoine almost 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport, Needs backport to 5.0, Needs backport to 6.0

Description

Found by ClusterFuzzLite, then oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44185

The whole NFSv3 logic for writes seems wrong (like ts_chunk_left should always be 0, we do not know the final size of the file)
This is not about the full filesize, but only about the current chunk that we're processing.


Related issues 3 (0 open3 closed)

Related to Suricata - Bug #5280: nfs: ASSERT: attempt to subtract with overflow (compound)ClosedPhilippe AntoineActions
Copied to Suricata - Bug #5149: nfs: Integer underflow in NFSClosedShivani BhardwajActions
Copied to Suricata - Bug #5150: nfs: Integer underflow in NFSClosedJason IshActions
Actions #1

Updated by Victor Julien almost 3 years ago

  • Subject changed from Integer underflow in NFS to nfs: Integer underflow in NFS
  • Status changed from New to In Progress
  • Private changed from Yes to No
Actions #2

Updated by Jeff Lucovsky almost 3 years ago

  • Copied to Bug #5149: nfs: Integer underflow in NFS added
Actions #3

Updated by Jeff Lucovsky almost 3 years ago

  • Copied to Bug #5150: nfs: Integer underflow in NFS added
Actions #4

Updated by Victor Julien almost 3 years ago

  • Status changed from In Progress to Closed
Actions #5

Updated by Victor Julien almost 3 years ago

  • Description updated (diff)
Actions #6

Updated by Philippe Antoine over 2 years ago

  • Status changed from Closed to Assigned
Actions #7

Updated by Victor Julien over 2 years ago

Closing in favor of a new ticket #5280 to not confuse the backports process.

Actions #8

Updated by Victor Julien over 2 years ago

  • Status changed from Assigned to Closed
Actions #9

Updated by Philippe Antoine over 2 years ago

  • Related to Bug #5280: nfs: ASSERT: attempt to subtract with overflow (compound) added
Actions

Also available in: Atom PDF