Project

General

Profile

Actions

Bug #5344

closed

Bug #5309: CIDR prefix calculation fails on big endian archs

CIDR prefix calculation fails on big endian archs (6.0.x backport)

Added by Jeff Lucovsky 5 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

While trying to build 6.0.5 on Debian's s390x port, we noticed that tests segfault in the new version (see https://ci.debian.net/data/autopkgtest/testing/s390x/s/suricata/21160408/log.gz). Tracking this down, it seems that CIDRFromMask() returns -1 when trying to determine a network prefix length for a given netmask (e.g. 24 for 255.255.255.0). This causes DetectAddressParseSingle() to return NULL and hence the test to try and dereference a null pointer, causing the segfault.

I compared values passed into CIDRFromMask() via gdb on amd64 and s390x and found that they are different:

amd64


...
Test AddressTestCutIPv401                                         : 
Breakpoint 1, CIDRFromMask (netmask=16777215) at util-cidr.c:34
...

s390x


...
Test AddressTestCutIPv401                                         : 
Breakpoint 1, CIDRFromMask (netmask=4294967040) at util-cidr.c:34
...

My patch at https://gist.github.com/satta/7406fe735d8b449a4c9af73822d2bc9a fixes the code for both architectures.

Actions #1

Updated by Jeff Lucovsky 5 months ago

  • Copied from Bug #5309: CIDR prefix calculation fails on big endian archs added
Actions #2

Updated by Jeff Lucovsky 5 months ago

  • Subject changed from CIDR prefix calculation fails on big endian archs to Backport 6.0.x: CIDR prefix calculation fails on big endian archs
  • Parent task set to #5309
Actions #3

Updated by Jeff Lucovsky 5 months ago

  • Subject changed from Backport 6.0.x: CIDR prefix calculation fails on big endian archs to CIDR prefix calculation fails on big endian archs (6.0.x backport)
Actions #4

Updated by Jeff Lucovsky 4 months ago

  • Status changed from Assigned to In Progress
  • Assignee changed from Shivani Bhardwaj to Jeff Lucovsky

Cherry-pick commit(s):
- 394356f73c026879672843fbb20b4de68a09d0ac
- 5ec6f3ba51c449f7588afac0820ad57b1cea5de9

Actions #5

Updated by Jeff Lucovsky 4 months ago

  • Status changed from In Progress to In Review
Actions #7

Updated by Jeff Lucovsky 4 months ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF