https://bz.apache.org/bugzilla/show_bug.cgi?id=66637
Bug ID: 66637 Summary: SEGV in apr_dbm_exists Product: Apache httpd-2 Version: 2.4.54 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: mod_authn_dbm Assignee: bugs@httpd.apache.org Reporter: sihan2...@iscas.ac.cn Target Milestone: --- Hello, Httpd developers! We recently ran some fuzz testing on htdbm 2.4.54 and encountered a SEGV bug. ## Command To Reproduce the bug: ./htdbm -nx-B ## Environment - OS: Ubuntu 20.04 - gcc 9.4.0 - htdbm 2.4.54 ## ASAN Report ================================================================= ==957573==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc 0x7f807ea42304 bp 0x7fffb70745b0 sp 0x7fffb7074458 T0) ==957573==The signal is caused by a READ memory access. ==957573==Hint: address points to the zero page. #0 0x7f807ea42304 in apr_dbm_exists (/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x14304) #1 0x4cf224 in htdbm_del /home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:184:10 #2 0x4cd605 in main /home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:436:17 #3 0x7f807e64d082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16 #4 0x41d58d in _start (/home/root/sp/Dataset/Httpd/httpd_aflpp/install/bin/htdbm+0x41d58d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x14304) in apr_dbm_exists ==957573==ABORTING Many Thanks. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org