https://bz.apache.org/bugzilla/show_bug.cgi?id=66637
Bug ID: 66637
Summary: SEGV in apr_dbm_exists
Product: Apache httpd-2
Version: 2.4.54
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_authn_dbm
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Hello, Httpd developers! We recently ran some fuzz testing on htdbm 2.4.54 and
encountered a SEGV bug.
## Command To Reproduce the bug:
./htdbm -nx-B
## Environment
- OS: Ubuntu 20.04
- gcc 9.4.0
- htdbm 2.4.54
## ASAN Report
=================================================================
==957573==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc
0x7f807ea42304 bp 0x7fffb70745b0 sp 0x7fffb7074458 T0)
==957573==The signal is caused by a READ memory access.
==957573==Hint: address points to the zero page.
#0 0x7f807ea42304 in apr_dbm_exists
(/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x14304)
#1 0x4cf224 in htdbm_del
/home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:184:10
#2 0x4cd605 in main
/home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:436:17
#3 0x7f807e64d082 in __libc_start_main
/build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#4 0x41d58d in _start
(/home/root/sp/Dataset/Httpd/httpd_aflpp/install/bin/htdbm+0x41d58d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
(/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x14304) in apr_dbm_exists
==957573==ABORTING
Many Thanks.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
