You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2020/09/09 11:51:04 UTC
[Bug 64728] New: NPD bug caused by function dav_get_liveprop_info
https://bz.apache.org/bugzilla/show_bug.cgi?id=64728
Bug ID: 64728
Summary: NPD bug caused by function dav_get_liveprop_info
Product: Apache httpd-2
Version: 2.4-HEAD
Hardware: PC
OS: Mac OS X 10.1
Status: NEW
Severity: normal
Priority: P2
Component: mod_dav
Assignee: bugs@httpd.apache.org
Reporter: cwangch@connect.ust.hk
CC: byshen@eng.ucsd.edu
Target Milestone: ---
Created attachment 37442
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37442&action=edit
Clear explanation of bug trace
Hi guys,
We have found a NULL Pointer Dereference Bug as follows.
Bug description: `dav_fs_insert_prop` dereferences `info` at line 2000 in the
form `info->name`, while `info` can be null.
Root cause: Although it is claimed that info is not equal to NULL in the
annotation, we check the feasibility of the control flow path and find that
`modules/dav/main/liveprop.c` can set `*info = NULL` at line 127 in
`dav_get_liveprop_info` defined in `modules/dav/main/liveprop.c`
It would be better if `info` is checked to determined whether it is NULL or not
exactly before line 1991 in modules/dav/fs/repos.c.
For the convenience, we attach the calling traces in the attachements. The
marks can demonstrate that it is a true bug.
Looking forward to your reply. Hope it can be fixed to assure the security and
quality of the software. Thank you for your effort and have a nice day.
Best regards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 64728] NPD bug caused by function dav_get_liveprop_info
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64728
Bingyu Shen <by...@eng.ucsd.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC|byshen@eng.ucsd.edu |
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 64728] NPD bug caused by function dav_get_liveprop_info
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64728
Joe Orton <jo...@redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Joe Orton <jo...@redhat.com> ---
Again: please STOP filing this stuff in Bugzilla.
To demonstrate to us that a bug exists, you need to show us HOW to reproduce
the issue using a sequence of HTTP requests. If all you have is the output of
a static analyzer, you have not even started work. You need to understand the
code paths, work out how (or whether) they can be triggered using an HTTP (or
WebDAV) client.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org