[OpenSIPS-Devel] [OpenSIPS/opensips] 209218: Parser: Be more fuzzer friendly, using -DFUZZ_BUILD
Liviu Chircu
noreply at github.com
Mon Mar 28 17:53:25 UTC 2022
Branch: refs/heads/3.2
Home: https://github.com/OpenSIPS/opensips
Commit: 209218c91e64d9fb5e192ccaf5466c4140ba226d
https://github.com/OpenSIPS/opensips/commit/209218c91e64d9fb5e192ccaf5466c4140ba226d
Author: Liviu Chircu <liviu at opensips.org>
Date: 2022-03-28 (Mon, 28 Mar 2022)
Changed paths:
M Makefile.conf.template
M parser/case_acce.h
M parser/case_allo.h
M parser/case_auth.h
M parser/case_call.h
M parser/case_cont.h
M parser/case_dive.h
M parser/case_even.h
M parser/case_expi.h
M parser/case_feat.h
M parser/case_max.h
M parser/case_min_.h
M parser/case_orga.h
M parser/case_p_as.h
M parser/case_p_pr.h
M parser/case_prio.h
M parser/case_priv.h
M parser/case_prox.h
M parser/case_reco.h
M parser/case_refe.h
M parser/case_remo.h
M parser/case_repl.h
M parser/case_retr.h
M parser/case_rout.h
M parser/case_sess.h
M parser/case_subj.h
M parser/case_supp.h
M parser/case_unsu.h
M parser/case_user.h
M parser/case_www.h
M parser/digest/param_parser.c
M parser/parse_hname2.c
Log Message:
-----------
Parser: Be more fuzzer friendly, using -DFUZZ_BUILD
Since fuzzers typically use the system allocator in order to run ASan
checks (i.e. -DPKG_MALLOC is not enabled), they will often run into
false-positive crashes in the parse_hname2() function due to various
read overflows which are harmless in production, thanks to the
pre-allocated nature of the PKG memory chunk.
This patch adds the HAVE() parser macro (tied to -DFUZZ_BUILD), which
will be optimized (removed) in the public build (0 changes), while
protecting against any read overflow when building with -DFUZZ_BUILD.
Issue discovered during OpenSIPS Security Audit 2021/2022,
by Alfred Farrugia & Sandro Gauci (Enable Security)
(cherry picked from commit 7312678bb5b2e9fd602fefbb869896a1875589ed)
More information about the Devel
mailing list