https://bz.apache.org/bugzilla/show_bug.cgi?id=66638
Bug ID: 66638
Summary: SEGV in in apr_dbm_firstkey
Product: Apache httpd-2
Version: 2.4.54
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_authz_dbm
Assignee: bugs@httpd.apache.org
Reporter: sihan2...@iscas.ac.cn
Target Milestone: ---
Hello, Httpd developers! We recently ran some fuzz testing on htdbm 2.4.54 and
encountered a SEGV bug.
## Command To Reproduce the bug:
./htdbm -ndlcc
## Environment
- OS: Ubuntu 20.04
- gcc 9.4.0
- htdbm 2.4.54
## ASAN Report
=================================================================
==957611==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc
0x7fe3a2f7e314 bp 0x7ffd58c7a2d0 sp 0x7ffd58c7a0f8 T0)
==957611==The signal is caused by a READ memory access.
==957611==Hint: address points to the zero page.
#0 0x7fe3a2f7e314 in apr_dbm_firstkey
(/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x14314)
#1 0x4cf56b in htdbm_list
/home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:218:10
#2 0x4cd7e0 in main
/home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:444:13
#3 0x7fe3a2b89082 in __libc_start_main
/build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#4 0x41d58d in _start
(/home/root/sp/Dataset/Httpd/httpd_aflpp/install/bin/htdbm+0x41d58d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
(/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x14314) in apr_dbm_firstkey
==957611==ABORTING
Many Thanks.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
