Andrey Slepykh created DIRAPI-401:
-------------------------------------
Summary: Unhandled Exception (NegativeArraySizeException) in
Asn1Decoder
Key: DIRAPI-401
URL: https://issues.apache.org/jira/browse/DIRAPI-401
Project: Directory Client API
Issue Type: Bug
Affects Versions: 2.1.6
Reporter: Andrey Slepykh
Attachments: NegativeSizeReproducer.java
Hello, we think we have found a problem in Asn1Decoder implementation for LDAP
messages while fuzzing in version 2.1.6. This problem is unhandled exception
(NegativeArraySizeException).
Steps to reproduce:
1. Download Apache Directory LDAP API v2.1.6:
```
wget wget
[https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.6.tar.gz]
tar xf 2.1.6.tar.gz && rm 2.1.6.tar.gz
```
2. Compile the project (we used jdk-11 and mvn-3.9.6):
```
cd directory-ldap-api-2.1.6
mvn clean package
```
3. Get the reproducer:
```
mkdir fuzz && cd fuzz
mv <path/to/reproducer>/NegativeSizeReproducer.java .
```
4. Compile the reproducer
```
javac -cp
.:../asn1/ber/target/classes/:../asn1/api/target/classes/:../ldap/codec/core/target/classes/:../ldap/model/target/classes/:../ldap/codec/core/target/classes/
./NegativeSizeReproducer.java
```
5. Reproduce the exception:
```
java -cp
.:../asn1/ber/target/classes/:../asn1/api/target/classes/:../ldap/codec/core/target/classes/:../ldap/model/target/classes/:../ldap/codec/core/target/classes/:../util/target/classes/:../util/target/classes/:../integ-osgi/target/dependency/slf4j-api-1.7.36.jar:../i18n/target/classes/:../integ-osgi/target/dependency/mina-core-2.2.3.jar
NegativeSizeReproducer
```
Found by Linux Verification Center (portal.linuxtesting.ru) with jazzer.
Author L.Reviakin (l.revia...@fobos-nt.ru)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
