Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] NULL Pointer Dereference in parse_list() at list.c:81 #788

Closed
Marsman1996 opened this issue Mar 2, 2023 · 1 comment
Closed

[Bug] NULL Pointer Dereference in parse_list() at list.c:81 #788

Marsman1996 opened this issue Mar 2, 2023 · 1 comment

Comments

@Marsman1996
Copy link
Contributor

Describe the bug
There is a NULL Pointer Dereference in parse_list() when the user passes specific size (i.e., 2) of include string to tcpprep with option --include.

To Reproduce
Steps to reproduce the behavior:

  1. Get the Tcpreplay source code and compile it.
$ ./configure
$ make
  1. Run Command $ ./tcpprep --include="P "

Expected behavior
Program crashes with Segmentation fault.

$ gdb --args ./bin_normal/bin/tcpprep --include="P "

(gdb) r
Starting program: /home/ubuntu178/cvelibf/test/tcpreplay/latest/bin_normal/bin/tcpprep --include=P\ 

Program received signal SIGSEGV, Segmentation fault.
__strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
65      ../sysdeps/x86_64/multiarch/strlen-avx2.S: No such file or directory.
(gdb) bt
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
#1  0x00007ffff7e4982b in __GI___regexec (preg=0x7fffffffd650, string=0x0, nmatch=0, pmatch=0x0, eflags=0) at regexec.c:210
#2  0x000055555555ed19 in parse_list (listdata=0x55555556db38, ourstr=0x55555558dbf2 "") at list.c:81
#3  0x00005555555614a7 in parse_xX_str (xX=0x55555556db30, str=0x55555558dbf2 "", bpf=0x55555556db50) at xX.c:84
#4  0x00005555555581fc in doOptInclude (pOptions=0x55555556bc00 <tcpprepOptions>, pOptDesc=0x55555556b3c8 <optDesc+936>) at tcpprep_opts.c:1411
#5  0x00007ffff7f4011e in ?? () from /lib/x86_64-linux-gnu/libopts.so.25
#6  0x00007ffff7f48964 in ?? () from /lib/x86_64-linux-gnu/libopts.so.25
#7  0x00007ffff7f4b7c8 in optionProcess () from /lib/x86_64-linux-gnu/libopts.so.25
#8  0x000055555555899c in main (argc=2, argv=0x7fffffffde88) at tcpprep.c:89

System (please complete the following information):

  • OS: Ubuntu
  • OS version: 20.04, 64 bit
  • Tcpreplay Version: master bcb107a
$ ./bin_normal/bin/tcprewrite -V
tcprewrite version: 4.4.3 (build git:v4.4.3)
Copyright 2013-2022 by Fred Klassen <tcpreplay at appneta dot com> - AppNeta
Copyright 2000-2012 by Aaron Turner <aturner at synfin dot net>
The entire Tcpreplay Suite is licensed under the GPLv3
Cache file supported: 04
Not compiled with libdnet.
Compiled against libpcap: 1.9.1
64 bit packet counters: enabled
Verbose printing via tcpdump: enabled
Fragroute engine: disabled
@Marsman1996 Marsman1996 mentioned this issue Mar 2, 2023
Merged
fklassen added a commit that referenced this issue Jun 5, 2023
@fklassen
document PR #783 Bugs #782 #784 #785 #786 #787 #788
ecafaac
fklassen added a commit that referenced this issue Jun 5, 2023
@fklassen
Merge pull request #801 from appneta/Bug_#782_#784_#785_#786_#787_#78…
128ecaf 
…8_strtok_r_isuses

Bug #782 #784 #785 #786 #787 #788 strtok r isuses
@fklassen
Copy link
Member

fklassen commented Jun 5, 2023

Fixed in PR #783. Documented in PR #801.

@fklassen fklassen closed this as completed Jun 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fklassen @Marsman1996