Actions
Bug #3567
closedrules/bsize: memory issue during parsing
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0
Description
$ ./src/fuzz_siginit ~/Downloads/clusterfuzz-testcase-minimized-fuzz_siginit-5086076374089728 ================================================================= ==29775==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffeb56ab16b at pc 0x7f638898666e bp 0x7ffeb56a7c10 sp 0x7ffeb56a73b8 READ of size 12 at 0x7ffeb56ab16b thread T0 (Suricata-Main) #0 0x7f638898666d (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x5166d) #1 0x55fd20fcab31 in ParseSizeString /home/victor/sync/devel/suricata-afl/src/util-misc.c:90 #2 0x55fd20fcc07a in ParseSizeStringU64 /home/victor/sync/devel/suricata-afl/src/util-misc.c:208 #3 0x55fd2045343f in DetectBsizeParse /home/victor/sync/devel/suricata-afl/src/detect-bsize.c:193 #4 0x55fd20454eff in DetectBsizeSetup /home/victor/sync/devel/suricata-afl/src/detect-bsize.c:291 #5 0x55fd20b0ba95 in SigParseOptions /home/victor/sync/devel/suricata-afl/src/detect-parse.c:805 #6 0x55fd20b0e6b6 in SigParse /home/victor/sync/devel/suricata-afl/src/detect-parse.c:1241 #7 0x55fd20b17a2e in SigInitHelper /home/victor/sync/devel/suricata-afl/src/detect-parse.c:1865 #8 0x55fd20b18b21 in SigInit /home/victor/sync/devel/suricata-afl/src/detect-parse.c:2032 #9 0x55fd20024d25 in LLVMFuzzerTestOneInput tests/fuzz/fuzz_siginit.c:39 #10 0x55fd210f50d3 in main tests/fuzz/onefile.c:51 #11 0x7f6385dc3b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) #12 0x55fd20024ae9 in _start (/home/victor/sync/devel/suricata-afl/src/fuzz_siginit+0x1f9ae9)
Probably needs backporting.
Files
Updated by Victor Julien almost 5 years ago
Updated by Jeff Lucovsky over 4 years ago
- Status changed from Assigned to In Review
Updated by Jeff Lucovsky over 4 years ago
Updated by Victor Julien over 4 years ago
- Status changed from In Review to Closed
- Priority changed from High to Normal
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3612: rules/bsize: memory issue during parsing added
Actions