Bug #5345
closedBug #5309: CIDR prefix calculation fails on big endian archs
CIDR prefix calculation fails on big endian archs (5.0.x backport)
Description
While trying to build 6.0.5 on Debian's s390x port, we noticed that tests segfault in the new version (see https://ci.debian.net/data/autopkgtest/testing/s390x/s/suricata/21160408/log.gz). Tracking this down, it seems that CIDRFromMask()
returns -1 when trying to determine a network prefix length for a given netmask (e.g. 24 for 255.255.255.0). This causes DetectAddressParseSingle()
to return NULL
and hence the test to try and dereference a null pointer, causing the segfault.
I compared values passed into CIDRFromMask()
via gdb on amd64 and s390x and found that they are different:
amd64
...
Test AddressTestCutIPv401 :
Breakpoint 1, CIDRFromMask (netmask=16777215) at util-cidr.c:34
...
s390x
...
Test AddressTestCutIPv401 :
Breakpoint 1, CIDRFromMask (netmask=4294967040) at util-cidr.c:34
...
My patch at https://gist.github.com/satta/7406fe735d8b449a4c9af73822d2bc9a fixes the code for both architectures.
Updated by Jeff Lucovsky over 2 years ago
- Copied from Bug #5309: CIDR prefix calculation fails on big endian archs added
Updated by Jeff Lucovsky over 2 years ago
- Subject changed from CIDR prefix calculation fails on big endian archs to Backport 5.0.x: CIDR prefix calculation fails on big endian archs
- Parent task set to #5309
Updated by Jeff Lucovsky over 2 years ago
- Subject changed from Backport 5.0.x: CIDR prefix calculation fails on big endian archs to CIDR prefix calculation fails on big endian archs (5.0.x backport)
Updated by Jeff Lucovsky over 2 years ago
- Status changed from Assigned to In Progress
Cherry-pick commit(s):
- 394356f73c026879672843fbb20b4de68a09d0ac
- 5ec6f3ba51c449f7588afac0820ad57b1cea5de9
Updated by Jeff Lucovsky over 2 years ago
- Status changed from In Progress to In Review
Updated by Jeff Lucovsky over 2 years ago
- Status changed from In Review to Closed