New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Out of bound read in std::strtol while parsing HTTP requests #1193
Labels
Comments
Another good find @tyler92. If or when you're ready with a PR just let us know. |
@kiplingw Can I take an attempt at this? |
Yes, certainly @alexprabhat99 and thanks for showing initiative. @dgreatwood might have some thoughts on this too. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
std::strtol
requires the input string to be a zero-terminated string, but the HTTP parsing procedure works with a binary buffer and there is no guarantee that the last byte is zero. It may lead to out-of-bound read, which is an undefined behavior and might cause it to crash. The list of affected functions:Example of sanitizer report used in fuzzing test:
The text was updated successfully, but these errors were encountered: