Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS: fix extraction of transactionID field #2703

Merged
merged 1 commit into from
Jan 31, 2025
Merged

DNS: fix extraction of transactionID field #2703

merged 1 commit into from
Jan 31, 2025

Conversation

IvanNardi
Copy link
Collaborator

We can't write to flow->protos.dns until we are sure this is a valid DNS packet

AddressSanitizer:DEADLYSIGNAL
=================================================================
==14729==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x60e876372a86 bp 0x000000000000 sp 0x79392fdf90e0 T1)
==14729==The signal is caused by a READ memory access.
==14729==Hint: this fault was caused by a dereference of a high value address (see register values below).  Disassemble the provided pc to learn which register was used.
    #0 0x60e876372a86 in __asan::Allocator::Deallocate(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType) (/home/ivan/svnrepos/nDPI/example/ndpiReader+0x8b0a86) (BuildId: a9c4718bcd5c3947812b6fd704e203b8bb6f633c)
    #1 0x60e87640b29f in free (/home/ivan/svnrepos/nDPI/example/ndpiReader+0x94929f) (BuildId: a9c4718bcd5c3947812b6fd704e203b8bb6f633c)
    #2 0x60e87647b0ec in free_wrapper /home/ivan/svnrepos/nDPI/example/ndpiReader.c:348:3
    #3 0x60e876865454 in ndpi_free /home/ivan/svnrepos/nDPI/src/lib/ndpi_memory.c:82:7
    #4 0x60e8767f0d4f in ndpi_free_flow_data /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:6752:2
    #5 0x60e8767abd67 in ndpi_free_flow /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:10449:5

Found by oss-fuzz

@IvanNardi
DNS: fix extraction of transactionID field
ab74443 
We can't write to `flow->protos.dns` until we are sure this is a valid
DNS packet

```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==14729==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x60e876372a86 bp 0x000000000000 sp 0x79392fdf90e0 T1)
==14729==The signal is caused by a READ memory access.
==14729==Hint: this fault was caused by a dereference of a high value address (see register values below).  Disassemble the provided pc to learn which register was used.
    #0 0x60e876372a86 in __asan::Allocator::Deallocate(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType) (/home/ivan/svnrepos/nDPI/example/ndpiReader+0x8b0a86) (BuildId: a9c4718bcd5c3947812b6fd704e203b8bb6f633c)
    ntop#1 0x60e87640b29f in free (/home/ivan/svnrepos/nDPI/example/ndpiReader+0x94929f) (BuildId: a9c4718bcd5c3947812b6fd704e203b8bb6f633c)
    ntop#2 0x60e87647b0ec in free_wrapper /home/ivan/svnrepos/nDPI/example/ndpiReader.c:348:3
    ntop#3 0x60e876865454 in ndpi_free /home/ivan/svnrepos/nDPI/src/lib/ndpi_memory.c:82:7
    ntop#4 0x60e8767f0d4f in ndpi_free_flow_data /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:6752:2
    ntop#5 0x60e8767abd67 in ndpi_free_flow /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:10449:5

```
Found by oss-fuzz
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@IvanNardi IvanNardi merged commit 4113363 into ntop:dev Jan 31, 2025
30 checks passed
@IvanNardi IvanNardi deleted the dns-transaction branch January 31, 2025 09:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@IvanNardi