[jira] [Commented] (DIRAPI-400) Hang in LDAP URL parser
[ https://issues.apache.org/jira/browse/DIRAPI-400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849937#comment-17849937 ] Emmanuel Lécharny commented on DIRAPI-400: -- Ok, got an infinite loop because a boundary check is missing in many parts of the code... Just added them, running the tests. Good catch! > Hang in LDAP URL parser > --- > > Key: DIRAPI-400 > URL: https://issues.apache.org/jira/browse/DIRAPI-400 > Project: Directory Client API > Issue Type: Bug >Affects Versions: 2.1.6 >Reporter: Andrey Slepykh >Priority: Major > Attachments: Reproducer.java > > > Hello, we have found a problem in LDAP URL parser in version 2.1.6 while > fuzzing. The problem is that LDAP parser can not properly handle specially > crafted inputs and just hangs. > {{Steps to reproduce:}} > ~1. Download Apache Directory LDAP API v2.1.6:~ > ^wget wget > [https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.6.tar.gz]^ > ^tar xf 2.1.6.tar.gz && rm 2.1.6.tar.gz^ > {{2. Compile the project (we used jdk-11 and mvn-3.9.6):}} > {{^cd directory-ldap-api-2.1.6^}} > {{^mvn clean package^}} > {{3. Get the reproducer:}} > {{^mkdir fuzz && cd fuzz^}} > {{^mv /Reproducer.java .^}} > {{4. Compile the reproducer:}} > {{^javac -cp ../ldap/model/target/classes/ ./Reproducer.java^}} > {{5. Reproduce the hang:}} > {{^java -cp > ../ldap/model/target/classes/:.:../util/target/classes/:../integ-osgi/target/dependency/slf4j-api-1.7.26.jar:../i18n/target/classes/ > Reproducer^}} > We decided to fuzz this function, because it is used in Apache Directory > Server > Found by Linux Verification Center (portal.linuxtesting.ru) with Jazzer. > Author L.Reviakin (l.revia...@fobos-nt.ru) -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[jira] [Commented] (DIRAPI-400) Hang in LDAP URL parser
[ https://issues.apache.org/jira/browse/DIRAPI-400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849934#comment-17849934 ] Andrey Slepykh commented on DIRAPI-400: --- My bad I accidentally sent you a normal version of the testcase. Please replace input string in Reproducer.java with this: "ldap://[1:2:ldap:///o"; and try again. That should result in a hang. > Hang in LDAP URL parser > --- > > Key: DIRAPI-400 > URL: https://issues.apache.org/jira/browse/DIRAPI-400 > Project: Directory Client API > Issue Type: Bug >Affects Versions: 2.1.6 >Reporter: Andrey Slepykh >Priority: Major > Attachments: Reproducer.java > > > Hello, we have found a problem in LDAP URL parser in version 2.1.6 while > fuzzing. The problem is that LDAP parser can not properly handle specially > crafted inputs and just hangs. > {{Steps to reproduce:}} > ~1. Download Apache Directory LDAP API v2.1.6:~ > ^wget wget > [https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.6.tar.gz]^ > ^tar xf 2.1.6.tar.gz && rm 2.1.6.tar.gz^ > {{2. Compile the project (we used jdk-11 and mvn-3.9.6):}} > {{^cd directory-ldap-api-2.1.6^}} > {{^mvn clean package^}} > {{3. Get the reproducer:}} > {{^mkdir fuzz && cd fuzz^}} > {{^mv /Reproducer.java .^}} > {{4. Compile the reproducer:}} > {{^javac -cp ../ldap/model/target/classes/ ./Reproducer.java^}} > {{5. Reproduce the hang:}} > {{^java -cp > ../ldap/model/target/classes/:.:../util/target/classes/:../integ-osgi/target/dependency/slf4j-api-1.7.26.jar:../i18n/target/classes/ > Reproducer^}} > We decided to fuzz this function, because it is used in Apache Directory > Server > Found by Linux Verification Center (portal.linuxtesting.ru) with Jazzer. > Author L.Reviakin (l.revia...@fobos-nt.ru) -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[jira] [Commented] (DIRAPI-400) Hang in LDAP URL parser
[ https://issues.apache.org/jira/browse/DIRAPI-400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849829#comment-17849829 ] Emmanuel Lécharny commented on DIRAPI-400: -- The LDAP URUl you use is perfectly valid, why would you expect it to throw a {{LdapURLEncodingException}}? > Hang in LDAP URL parser > --- > > Key: DIRAPI-400 > URL: https://issues.apache.org/jira/browse/DIRAPI-400 > Project: Directory Client API > Issue Type: Bug >Affects Versions: 2.1.6 >Reporter: Andrey Slepykh >Priority: Major > Attachments: Reproducer.java > > > Hello, we have found a problem in LDAP URL parser in version 2.1.6 while > fuzzing. The problem is that LDAP parser can not properly handle specially > crafted inputs and just hangs. > {{Steps to reproduce:}} > ~1. Download Apache Directory LDAP API v2.1.6:~ > ^wget wget > [https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.6.tar.gz]^ > ^tar xf 2.1.6.tar.gz && rm 2.1.6.tar.gz^ > {{2. Compile the project (we used jdk-11 and mvn-3.9.6):}} > {{^cd directory-ldap-api-2.1.6^}} > {{^mvn clean package^}} > {{3. Get the reproducer:}} > {{^mkdir fuzz && cd fuzz^}} > {{^mv /Reproducer.java .^}} > {{4. Compile the reproducer:}} > {{^javac -cp ../ldap/model/target/classes/ ./Reproducer.java^}} > {{5. Reproduce the hang:}} > {{^java -cp > ../ldap/model/target/classes/:.:../util/target/classes/:../integ-osgi/target/dependency/slf4j-api-1.7.26.jar:../i18n/target/classes/ > Reproducer^}} > We decided to fuzz this function, because it is used in Apache Directory > Server > Found by Linux Verification Center (portal.linuxtesting.ru) with Jazzer. > Author L.Reviakin (l.revia...@fobos-nt.ru) -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org