https://bz.apache.org/bugzilla/show_bug.cgi?id=66692
Bug ID: 66692 Summary: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libdb-5.3.so+0x55a7b) in __ham_insertpair Product: Apache httpd-2 Version: 2.4.54 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: mod_authn_dbm Assignee: bugs@httpd.apache.org Reporter: sihan2...@iscas.ac.cn Target Milestone: --- Created attachment 38606 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38606&action=edit crash seed Hello htdbm developers, We recently conducted a fuzzing test on htdbm and discovered a SEGV bug. We would like to provide a detailed description of the bug and seek your assistance in addressing it. version: htdbm: 2.4.54 gcc:gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.1) ubuntu: 20.04 command to reproduce: htdbm -b SEGV_2 SEGV_2 is attached to this report. ASAN report: ================================================================= ==2664561==ERROR: AddressSanitizer: SEGV on unknown address 0x62100001295b (pc 0x7f9fa08a6a7b bp 0x62100000297a sp 0x7ffe19e35310 T0) ==2664561==The signal is caused by a WRITE memory access. #0 0x7f9fa08a6a7b in __ham_insertpair (/lib/x86_64-linux-gnu/libdb-5.3.so+0x55a7b) #1 0x7f9fa08a9523 in __ham_add_el (/lib/x86_64-linux-gnu/libdb-5.3.so+0x58523) #2 0x7f9fa08a0f46 (/lib/x86_64-linux-gnu/libdb-5.3.so+0x4ff46) #3 0x7f9fa0937669 in __dbc_iput (/lib/x86_64-linux-gnu/libdb-5.3.so+0xe6669) #4 0x7f9fa09323b9 in __db_put (/lib/x86_64-linux-gnu/libdb-5.3.so+0xe13b9) #5 0x7f9fa0947c25 in __db_put_pp (/lib/x86_64-linux-gnu/libdb-5.3.so+0xf6c25) #6 0x7f9fa15908f4 (/usr/lib/x86_64-linux-gnu/apr-util-1/apr_dbm_db-1.so+0x18f4) #7 0x4d0ab7 in htdbm_save /home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:175:12 #8 0x4cd974 in main /home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:453:19 #9 0x7f9fa2290082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16 #10 0x41d58d in _start (/home/root/sp/Fuzz/aflpp_fuzz/Httpd/document_group/mb/htdbm_1/htdbm+0x41d58d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libdb-5.3.so+0x55a7b) in __ham_insertpair ==2664561==ABORTING Thank you for your attention and support. Best regards, Michael Zhang. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org