[jira] [Resolved] (DIRAPI-414) NullPointerException in LdapEncoder.encodeMessage

Tue, 12 Nov 2024 00:18:05 -0800 


     [ 
https://issues.apache.org/jira/browse/DIRAPI-414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Emmanuel Lécharny resolved DIRAPI-414.
--------------------------------------
    Fix Version/s: 2.1.8
       Resolution: Fixed

Fixed witch commit 8af6418771a6a14e0753fded8d06727bf6f66e1f

> NullPointerException in LdapEncoder.encodeMessage
> -------------------------------------------------
>
>                 Key: DIRAPI-414
>                 URL: https://issues.apache.org/jira/browse/DIRAPI-414
>             Project: Directory Client API
>          Issue Type: Bug
>    Affects Versions: 2.1.7
>            Reporter: Andrey Slepykh
>            Priority: Major
>             Fix For: 2.1.8
>
>         Attachments: ReproducerNullPointerException.java
>
>
> Hi, we were fuzzing Asn1Decoder and have found NullPointerException in 
> encoding.
> Steps to reproduce:
> 1. Download Apache Directory LDAP API v2.1.7:
> {{{code:bash}}}
> {{wget wget 
> [https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.7.tar.gz]}}
> {{tar xf 2.1.7.tar.gz && rm 2.1.7.tar.gz}}
> {{{code}}}
> 2. Compile the project (we used jdk-11 and mvn-3.9.6):
> {{{code:bash}}}
> {{cd directory-ldap-api-2.1.7}}
> {{mvn clean package}}
> {{{code}}}
> 3. Get the reproducer:
> {{{code:bash}}}
> {{mkdir fuzz && cd fuzz}}
> {{mv <path/to/reproducer>/ReproducerNullPointerException.java .}}
> {{{code}}}
> 4. Compile the reproducer:
> {{{}{}}}{{{}{code:bash}{}}}
> javac -cp 
> .:../../asn1/ber/target/classes/:../../asn1/api/target/classes/:../../ldap/codec/core/target/classes/:../../ldap/model/target/classes/:../../ldap/codec/core/target/classes/
>  ./{{{}ReproducerNullPointerException.java{}}}
> {{{code}}}
> 5. Reproduce the exception:
> {{{code:bash}}}
> java -cp 
> .:../../asn1/ber/target/classes/:../../asn1/api/target/classes/:../../ldap/codec/core/target/classes/:../../ldap/model/target/classes/:../../ldap/codec/core/target/classes/:../../util/target/classes/:../../util/target/classes/:../../integ-osgi/target/dependency/slf4j-api-1.7.36.jar:../../i18n/target/classes/:../../integ-osgi/target/dependency/mina-core-2.2.3.jar
>  ReproducerNullPointerException{{{}{}}}
> {{{}{}}}{{{}{code}{}}}
> {{{}{}}}Found by Linux Verification Center (portal.linuxtesting.ru) with 
> jazzer.
> Author L.Reviakin ([email protected]){{{}{}}}{{{}{}}}
> {{{}{}}}{{{}{}}}
> {{{}{}}}{{{}{}}}
> {{}}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to