Project

General

Profile

Actions

Bug #6934

open

UBSAN: null pointer passed as argument to memcpy in unit test

Added by Leks Martini 9 months ago. Updated 9 months ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Unit test HTPBodyReassemblyTest01 causes UndefinedBehaviorSanitizer runtime error: null pointer passed as argument 2, which is declared to never be null
while calling memcpy function with null pointer variable htud->boundary as argument 2 and zero length at HtpRequestBodySetupBoundary (app-layer-htp.c).

Full log:

# ASAN_OPTIONS=detect_leaks=0 UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:symbolize=1:dedup_token_length=3 ./src/suricata -u -U HTPBodyReassemblyTest01

Test HTPBodyReassemblyTest01                                      : app-layer-htp.c:1371:26: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:44:28: note: nonnull attribute specified here
    #0 0x5a6e360f2312 in HtpRequestBodySetupBoundary app-layer-htp.c
    #1 0x5a6e360ec736 in HtpRequestBodyHandleMultipart app-layer-htp.c
    #2 0x5a6e3612ac9c in HTPBodyReassemblyTest01 app-layer-htp.c
    #3 0x5a6e35f4905b in UtRunTests (/test-target/suricata/src/.libs/suricata+0x113b05b) (BuildId: 3876c85034711eefc9f2fce8b561e929e354baf9)
    #4 0x5a6e370c41e0 in RunUnittests (/test-target/suricata/src/.libs/suricata+0x22b61e0) (BuildId: 3876c85034711eefc9f2fce8b561e929e354baf9)
    #5 0x5a6e35ddd1a4 in SCStartInternalRunMode (/test-target/suricata/src/.libs/suricata+0xfcf1a4) (BuildId: 3876c85034711eefc9f2fce8b561e929e354baf9)
    #6 0x5a6e35dca117 in main (/test-target/suricata/src/.libs/suricata+0xfbc117) (BuildId: 3876c85034711eefc9f2fce8b561e929e354baf9)
    #7 0x700345f7e082 in __libc_start_main /build/glibc-wuryBv/glibc-2.31/csu/../csu/libc-start.c:308:16
    #8 0x5a6e35cf6bdd in _start (/test-target/suricata/src/.libs/suricata+0xee8bdd) (BuildId: 3876c85034711eefc9f2fce8b561e929e354baf9)

DEDUP_TOKEN: HtpRequestBodySetupBoundary--HtpRequestBodyHandleMultipart--HTPBodyReassemblyTest01
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior app-layer-htp.c:1371:26 in 
pass
==== TEST RESULTS ====
PASSED: 1
FAILED: 0
======================

Compiled with:
./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address,undefined" CXXFLAGS="-fsanitize=address,undefined" --enable-unittests --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/

Actions

Also available in: Atom PDF