Project

General

Profile

Actions

Security #7966

open

Relevance of QA UBSan article

Added by Sergey Zhidkih 2 days ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Label:
CVE:
Git IDs:

9378707700832052889bb9b76753bd100279b701

Severity:
MODERATE
Disclosure Date:

Description

I fuzz suricata 7.0.10 and recently I decided to enable some of undefined behavior sanitizers which led to a bunch of errors (mostly integer overflow). So I was looking for similar exsting issues and found QA UBSan article.

This excludes 3 tests from being fatal:
  1. vptr, because clang errors out otherwise
  2. unsigned-integer-overflow, because we rely on this in the TCP sequence number tracking.
  3. unaligned, because this is a minor issue on the platforms we are most used on and there are some open issues
  1. I don't have any problems with enabling vptr.
  2. This doesn't look good to me. Any undefined behavior must be properly handled. If wraping value around integer range is desired there's better way to do it.
  3. UBSan report also doesn't look good to me and so I guess for my regulators too.

This article seems to be very old, so basicly I want to know if this changed or fixed in never versions of suricata or if there a serious reason why it won't be fixed.

Sanitizers I use

No data to display

Actions

Also available in: Atom PDF