[jira] [Created] (DIRSERVER-2409) Exception in StringSerializer.deserialize()

Tue, 23 Jul 2024 00:23:03 -0700 

Ekaterina Zilotina created DIRSERVER-2409:
---------------------------------------------

             Summary: Exception in StringSerializer.deserialize()
                 Key: DIRSERVER-2409
                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2409
             Project: Directory ApacheDS
          Issue Type: Bug
          Components: jdbm
    Affects Versions: 2.0.0.AM26
            Reporter: Ekaterina Zilotina
         Attachments: DeSerializeFuzzer.java.txt, 
StringSerializer-crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc, 
jazzer_output.txt

Class: StringSerializer
Method: deserialize()

I performed fuzz testing of the 
[deserialize()|https://github.com/apache/directory-server/blob/8c9b56bdcc0703b04b8e2dbdc4f045ed5d83a064/jdbm-partition/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/StringSerializer.java#L54]
 method of StringSerializer class. In result of fuzzing test there is 
ArrayIndexOutOfBoundsException 
{code:java}
INFO: A corpus is not provided, starting from an empty corpus

== Java Exception: java.lang.ArrayIndexOutOfBoundsException: Index 1 out of 
bounds for length 1
        at 
org.apache.directory.server.core.partition.impl.btree.jdbm.StringSerializer.deserialize(StringSerializer.java:66)
        at 
fuzzing.StringSerializer.DeSerializeFuzzer.fuzzerTestOneInput(DeSerializeFuzzer.java:33)
DEDUP_TOKEN: 4c1c61d09464ed94
== libFuzzer crashing input ==
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0xa,
\012
artifact_prefix='StringSerializer-'; Test unit written to 
StringSerializer-crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
Base64: Cg==
stat::number_of_executed_units: 2
stat::average_exec_per_sec:     0
stat::new_units_added:          0
stat::slowest_unit_time_sec:    0
stat::peak_rss_mb:              886
reproducer_path='fuzzing/StringSerializer/repro'; Java reproducer written to 
fuzzing/StringSerializer/repro/Crash_adc83b19e793491b1c6ea0fd8b46cd9f32e592fc.java
{code}

Perhaps should you add another exception types (or base Exception) to the 
deserialize() function signature, or wrap the specified methods in try/catch 
blocks?




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org

Reply via email to