[jira] [Commented] (DIRAPI-412) ArrayIndexOutOfBoundsException in Ldap Url parse

Thu, 07 Nov 2024 09:20:24 -0800 


    [ 
https://issues.apache.org/jira/browse/DIRAPI-412?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17896342#comment-17896342
 ] 

Emmanuel Lécharny commented on DIRAPI-412:
------------------------------------------

Hi!

Indeed, if the hostname starts with a nulber, it is considered as an IP 
address, and an error is generated.

I'm going to fix that.
Thanks for the report!

> ArrayIndexOutOfBoundsException in Ldap Url parse
> ------------------------------------------------
>
>                 Key: DIRAPI-412
>                 URL: https://issues.apache.org/jira/browse/DIRAPI-412
>             Project: Directory Client API
>          Issue Type: Bug
>    Affects Versions: 2.1.7
>            Reporter: Andrey Slepykh
>            Priority: Major
>         Attachments: ReproducerIndexOutOfRange.java
>
>
> Hi, we have found unhandled exception (ArrayIndexOutOfBoundsException) in 
> LDAP URL parser version 2.1.6.
> Steps to reproduce:
> 1. Download Apache Directory LDAP API v2.1.7:
> ```
> wget wget 
> https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.7.tar.gz
> tar xf 2.1.7.tar.gz && rm 2.1.7.tar.gz
> ```
> 2. Compile the project (we used jdk-11 and mvn-3.9.6):
> ```
> cd directory-ldap-api-2.1.7
> mvn clean package
> ```
> 3. Get the reproducer:
> ```
> mkdir fuzz && cd fuzz
> mv <path/to/reproducer>/ReproducerIndexOutOfRange.java .
> ```
> 4. Compile the reproducer:
> ```
> javac -cp ../ldap/model/target/classes/ ./ReproducerIndexOutOfRange.java
> ```
> 5. Reproduce the exception:
> ```
> java -cp 
> ../ldap/model/target/classes/:.:../util/target/classes/:../integ-osgi/target/dependency/slf4j-api-1.7.36.jar:../i18n/target/classes/:../integ-osgi/target/dependency/org.apache.servicemix.bundles.antlr-2.7.7_5.jar:./slf4j-nop-1.7.36.jar
>  ReproducerIndexOutOfRange
> ```
> Found by Linux Verification Center (portal.linuxtesting.ru) with jazzer.
> Author L.Reviakin (l.revia...@fobos-nt.ru)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org

Reply via email to