[jira] [Created] (DIRAPI-414) NullPointerException in LdapEncoder.encodeMessage

Mon, 11 Nov 2024 05:52:21 -0800 

Andrey Slepykh created DIRAPI-414:
-------------------------------------

             Summary: NullPointerException in LdapEncoder.encodeMessage
                 Key: DIRAPI-414
                 URL: https://issues.apache.org/jira/browse/DIRAPI-414
             Project: Directory Client API
          Issue Type: Bug
    Affects Versions: 2.1.7
            Reporter: Andrey Slepykh
         Attachments: ReproducerNullPointerException.java

Hi, we were fuzzing Asn1Decoder and have found NullPointerException in encoding.

Steps to reproduce:
1. Download Apache Directory LDAP API v2.1.7:
{{{code:bash}}}
{{wget wget 
[https://github.com/apache/directory-ldap-api/archive/refs/tags/2.1.7.tar.gz]}}
{{tar xf 2.1.7.tar.gz && rm 2.1.7.tar.gz}}
{{{code}}}

2. Compile the project (we used jdk-11 and mvn-3.9.6):

{{{code:bash}}}
{{cd directory-ldap-api-2.1.7}}
{{mvn clean package}}
{{{code}}}

3. Get the reproducer:

{{{code:bash}}}
{{mkdir fuzz && cd fuzz}}
{{mv <path/to/reproducer>/ReproducerNullPointerException.java .}}

{{{code}}}

4. Compile the reproducer:

{{{}{}}}{{{}{code:bash}{}}}
javac -cp 
.:../../asn1/ber/target/classes/:../../asn1/api/target/classes/:../../ldap/codec/core/target/classes/:../../ldap/model/target/classes/:../../ldap/codec/core/target/classes/
 ./{{{}ReproducerNullPointerException.java{}}}
{{{code}}}

5. Reproduce the exception:

{{{code:bash}}}

java -cp 
.:../../asn1/ber/target/classes/:../../asn1/api/target/classes/:../../ldap/codec/core/target/classes/:../../ldap/model/target/classes/:../../ldap/codec/core/target/classes/:../../util/target/classes/:../../util/target/classes/:../../integ-osgi/target/dependency/slf4j-api-1.7.36.jar:../../i18n/target/classes/:../../integ-osgi/target/dependency/mina-core-2.2.3.jar
 ReproducerNullPointerException{{{}{}}}

{{{}{}}}{{{}{code}{}}}

{{{}{}}}Found by Linux Verification Center (portal.linuxtesting.ru) with jazzer.
Author L.Reviakin (l.revia...@fobos-nt.ru){{{}{}}}{{{}{}}}

{{{}{}}}{{{}{}}}

{{{}{}}}{{{}{}}}

{{}}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org

Reply via email to