Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check that handler->isremote has been set before calling it. #1757

Merged
merged 1 commit into from
Mar 21, 2024
Merged

Check that handler->isremote has been set before calling it. #1757

merged 1 commit into from
Mar 21, 2024

Conversation

daviesrob
Copy link
Member

Failing to check this could cause an attempt to call a NULL pointer, where the plugin doesn't supply an isremote() implementation.

Credit to OSS-Fuzz
Fixes oss-fuzz 67349

@jmarshall
Copy link
Member

The protocol as designed is that plugins must always supply the open and isremote methods, and if priority >= 2000 they may also supply the vopen method.

So just like it doesn't check that handler->open is non-NULL or that the hFILE_backend methods (other than flush) are non-NULL before it calls them, checking here isn't really warranted either.

Presumably the problem detected by OSS-Fuzz was that hfile_plugin_init_crypt4gh_needed() has this as NULL. This is the bug; it should just set it to hfile_always_local() instead.

There is also a bug in hfile_plugin_init_mem(), which doesn't set the open method. It's under-documented, but presumably hopen("mem:", "r:", …) is intended to be always used with : in the mode string so that the vopen method will be used. IMHO crashing on hopen("mem:", "r") is borderline (a fuzz tester would probably agree!) and it would be better to set a dummy open method that always sets EINVAL and fails.

To ensure that such problems don't occur, hfile_add_scheme_handler() could validate that handlers do implement the required methods, e.g.,

--- a/hfile.c
+++ b/hfile.c
@@ -1022,6 +1022,10 @@ void hfile_add_scheme_handler(const char *scheme,
                               const struct hFILE_scheme_handler *handler)
 {
     int absent;
+    if (handler->open == NULL || handler->isremote == NULL) {
+        hts_log_warning("Couldn't register scheme handler for %s: missing method", scheme);
+        return;
+    }
     if (!schemes) {
         if (try_exe_add_scheme_handler(scheme, handler) != 0) {
             hts_log_warning("Couldn't register scheme handler for %s", scheme);

@daviesrob
Ensure hFILE_scheme_handler open and isremote are set
915e76f 
Check that hfile plugins have supplied open() and
isremote() functions in their hFILE_scheme_handler struct,
and refuse to add them if not.  Failing to check this
could lead to an attempt to call a NULL pointer when
the interfaces are used.

Fix up the "crypt4gh-needed" scheme handler, which did not
supply isremote(); and "mem" which failed to supply open().

Thanks to John Marshall for suggested validation code
in hfile_add_scheme_handler().

Credit to OSS-Fuzz
Fixes oss-fuzz 67349
@daviesrob
Copy link
Member Author

Agreed, while a bit more complicated, checking in hts_add_scheme_handler() is probably better. And good spot on mem missing the open interface. I have pushed a revised version which works as suggested.

As an aside, there's a bit of a muddle with the functions used to handle data: and mem: URIs. I'm tempted to rename some (in a separate pull request) to make what they're used for clearer.

@jkbonfield jkbonfield merged commit 78e507d into samtools:develop Mar 21, 2024
9 checks passed
@daviesrob daviesrob deleted the remoteness branch March 25, 2024 10:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jkbonfield jkbonfield

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@daviesrob @jmarshall @jkbonfield