On Sun, Aug 24, 2025 at 6:20 AM Ruediger Pluem <rpl...@apache.org> wrote: > > > > On 8/23/25 5:43 PM, Eric Covener wrote: > > crashing in OSS fuzz of httpd (I guess it uses apr-trunk) > > > > ssipuuO://[ ]: %25 ˇˇ > > Can you provide more details about this failure? Which test fails exactly?
I am not sure, there seems to be a failure for both fuzzing httpd APIS and the APR APis directly. Presumably the APR tests look a like the unit tests. Null-dereference READ Fri, Aug 22, 2025, 7:29 AM Project apache-httpd Platform linux Reliably reproduces Security apr_uri_parse ap_parse_uri ap_assign_request_line Issue 440585445 Null-dereference READ Fri, Aug 22, 2025, 3:39 AM Project apache-httpd Platform linux Reliably reproduces Security apr_uri_parse fuzz_uri.c UndefinedBehaviorSanitizer:DEADLYSIGNAL ==400==ERROR: UndefinedBehaviorSanitizer: SEGV on unknown address 0x000000000003 (pc 0x7e04e9cf4a80 bp 0x7fff5b49b390 sp 0x7fff5b49b328 T400) ==400==The signal is caused by a READ memory access. ==400==Hint: address points to the zero page. #0 0x7e04e9cf4a80 in memmove-vec-unaligned-erms.S:383 /build/glibc-LcI20x/glibc-2.31/sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:383 #1 0x5ae658fb6116 in percent_decode_scope_zone_id httpd/srclib/apr/uri/apr_uri.c:124:5 #2 0x5ae658fb6116 in apr_uri_parse httpd/srclib/apr/uri/apr_uri.c:986:13 #3 0x5ae658ec970d in LLVMFuzzerTestOneInput /src/fuzz_uri.c:54:9
