[Bug 66690] New: AddressSanitizer: FPE (/lib/x86_64-linux-gnu/libdb-5.3.so+0x13f162) in __memp_fopen

Sat, 15 Jul 2023 01:00:06 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=66690

            Bug ID: 66690
           Summary: AddressSanitizer: FPE
                    (/lib/x86_64-linux-gnu/libdb-5.3.so+0x13f162) in
                    __memp_fopen
           Product: Apache httpd-2
           Version: 2.4.54
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_authz_dbm
          Assignee: bugs@httpd.apache.org
          Reporter: sihan2...@iscas.ac.cn
  Target Milestone: ---

Created attachment 38603
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=38603&action=edit
crash seed

Hello htdbm developers,
We recently conducted a fuzzing test on htdbm and discovered a FPE bug. We
would like to provide a detailed description of the bug and seek your
assistance in addressing it.

version:
htdbm: 2.4.54
gcc:gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
ubuntu: 20.04

command to reproduce:
htdbm -b FPE
FPE is attached to this report.


ASAN report:
=================================================================
==2664149==ERROR: AddressSanitizer: FPE on unknown address 0x7f36ba790162 (pc
0x7f36ba790162 bp 0x000000000000 sp 0x7ffefaed3f60 T0)
    #0 0x7f36ba790162 in __memp_fopen
(/lib/x86_64-linux-gnu/libdb-5.3.so+0x13f162)
    #1 0x7f36ba72fb80 in __env_mpool
(/lib/x86_64-linux-gnu/libdb-5.3.so+0xdeb80)
    #2 0x7f36ba72ff1f in __env_setup
(/lib/x86_64-linux-gnu/libdb-5.3.so+0xdef1f)
    #3 0x7f36ba74d563 in __db_open (/lib/x86_64-linux-gnu/libdb-5.3.so+0xfc563)
    #4 0x7f36ba74780f in __db_open_pp
(/lib/x86_64-linux-gnu/libdb-5.3.so+0xf680f)
    #5 0x7f36bb3a348b 
(/usr/lib/x86_64-linux-gnu/apr-util-1/apr_dbm_db-1.so+0x148b)
    #6 0x7f36bc49827b in apr_dbm_open_ex
(/lib/x86_64-linux-gnu/libaprutil-1.so.0+0x1427b)
    #7 0x4ce592 in htdbm_open
/home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:150:16
    #8 0x4ccb3d in main
/home/root/sp/Dataset/Httpd/httpd_aflpp/support/htdbm.c:395:19
    #9 0x7f36bc0a3082 in __libc_start_main
/build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    #10 0x41d58d in _start
(/home/root/sp/Fuzz/aflpp_fuzz/Httpd/document_group/mb/htdbm_1/htdbm+0x41d58d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: FPE (/lib/x86_64-linux-gnu/libdb-5.3.so+0x13f162) in
__memp_fopen
==2664149==ABORTING

Thank you for your attention and support.
Best regards,
Michael Zhang.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

Reply via email to