Bug #6212: file.magic: rule reload can lead to crashes - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #6212

closed

file.magic: rule reload can lead to crashes

Added by Victor Julien 10 months ago. Updated 7 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

7.0.0

Affected Versions:

Effort:

Difficulty:

Label:

Description

AddressSanitizer:DEADLYSIGNAL
=================================================================
==26396==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x55f9350655f4 bp 0x000000000000 sp 0x7ffefd30d590 T0)
==26396==The signal is caused by a READ memory access.
==26396==Hint: this fault was caused by a dereference of a high value address (see register values below).  Disassemble the provided pc to learn which register was used.
    #0 0x55f9350655f4 in __covrec_CC647400F6E634E8u (/__w/suricata/suricata/src/fuzz_sigpcap+0x3275f4) (BuildId: 0bde18370e8e1ac118fc6e03d6061c2ea04c75d2)
    #1 0x55f9350e5f95 in free (/__w/suricata/suricata/src/fuzz_sigpcap+0x3a7f95) (BuildId: 0bde18370e8e1ac118fc6e03d6061c2ea04c75d2)
    #2 0x7f78c2bfe304 in magic_buffer (/lib/x86_64-linux-gnu/libmagic.so.1+0xb304) (BuildId: 24355aa87024674d85dcf33cd4c12681fb550f93)
    #3 0x55f93546f716 in MagicThreadLookup /__w/suricata/suricata/src/util-magic.c:109:18
    #4 0x55f9356a9487 in FilemagicThreadLookup /__w/suricata/suricata/src/detect-filemagic.c:171:27
    #5 0x55f9356a9afc in FilemagicGetDataCallback /__w/suricata/suricata/src/detect-filemagic.c:305:9
    #6 0x55f9356aa059 in PrefilterTxFilemagic /__w/suricata/suricata/src/detect-filemagic.c:392:40
    #7 0x55f9351dd80e in __covrec_5587EC0C0251F8B2 /__w/suricata/suricata/src/detect-engine-prefilter.c:121:9
    #8 0x55f935634d87 in DetectRunTx /__w/suricata/suricata/src/detect.c:1349:13
    #9 0x55f93563026f in DetectRun /__w/suricata/suricata/src/detect.c:160:9
    #10 0x55f93562f6d6 in DetectFlow /__w/suricata/suricata/src/detect.c:1721:11
    #11 0x55f93562f18e in Detect /__w/suricata/suricata/src/detect.c:1793:9
    #12 0x55f9352639c3 in FlowWorker /__w/suricata/suricata/src/flow-worker.c:626:9
    #13 0x55f9351245e6 in __covrec_54A9976609C66DF5u /__w/suricata/suricata/src/tests/fuzz/fuzz_sigpcap.c:183:13
    #14 0x55f935125030 in __covrec_3A4FD90BD2E25E87u /__w/suricata/suricata/src/tests/fuzz/onefile.c:39:5
    #15 0x55f935124df7 in __covrec_2B0A08030B12FC57u /__w/suricata/suricata/src/tests/fuzz/onefile.c:76:21
    #16 0x7f78c2727d8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #17 0x7f78c2727e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #18 0x55f935063394 in _start (/__w/suricata/suricata/src/fuzz_sigpcap+0x325394) (BuildId: 0bde18370e8e1ac118fc6e03d6061c2ea04c75d2)

Related issues 1 (0 open — 1 closed)