Ekaterina Zilotina created DIRSERVER-2409: ---------------------------------------------
Summary: Exception in StringSerializer.deserialize() Key: DIRSERVER-2409 URL: https://issues.apache.org/jira/browse/DIRSERVER-2409 Project: Directory ApacheDS Issue Type: Bug Components: jdbm Affects Versions: 2.0.0.AM26 Reporter: Ekaterina Zilotina Attachments: DeSerializeFuzzer.java.txt, StringSerializer-crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc, jazzer_output.txt Class: StringSerializer Method: deserialize() I performed fuzz testing of the [deserialize()|https://github.com/apache/directory-server/blob/8c9b56bdcc0703b04b8e2dbdc4f045ed5d83a064/jdbm-partition/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/StringSerializer.java#L54] method of StringSerializer class. In result of fuzzing test there is ArrayIndexOutOfBoundsException {code:java} INFO: A corpus is not provided, starting from an empty corpus == Java Exception: java.lang.ArrayIndexOutOfBoundsException: Index 1 out of bounds for length 1 at org.apache.directory.server.core.partition.impl.btree.jdbm.StringSerializer.deserialize(StringSerializer.java:66) at fuzzing.StringSerializer.DeSerializeFuzzer.fuzzerTestOneInput(DeSerializeFuzzer.java:33) DEDUP_TOKEN: 4c1c61d09464ed94 == libFuzzer crashing input == MS: 0 ; base unit: 0000000000000000000000000000000000000000 0xa, \012 artifact_prefix='StringSerializer-'; Test unit written to StringSerializer-crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc Base64: Cg== stat::number_of_executed_units: 2 stat::average_exec_per_sec: 0 stat::new_units_added: 0 stat::slowest_unit_time_sec: 0 stat::peak_rss_mb: 886 reproducer_path='fuzzing/StringSerializer/repro'; Java reproducer written to fuzzing/StringSerializer/repro/Crash_adc83b19e793491b1c6ea0fd8b46cd9f32e592fc.java {code} Perhaps should you add another exception types (or base Exception) to the deserialize() function signature, or wrap the specified methods in try/catch blocks? -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org