You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2020/09/09 11:45:43 UTC

[Bug 64727] New: NPD bug caused by function dav_fs_dir_file_name

https://bz.apache.org/bugzilla/show_bug.cgi?id=64727

            Bug ID: 64727
           Summary: NPD bug caused by function dav_fs_dir_file_name
           Product: Apache httpd-2
           Version: 2.4-HEAD
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_dav
          Assignee: bugs@httpd.apache.org
          Reporter: cwangch@connect.ust.hk
                CC: byshen@eng.ucsd.edu
  Target Milestone: ---

Created attachment 37441
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37441&action=edit
Clear explanation of bug trace

Hi guys,

We have found a NULL Pointer Dereference Bug as follows.

Bug description: `dav_buffer_append` dereferences `str` at line 155 in
`modules/dav/main/util.c`, while `str` is potentially empty string

Root cause: `*fname_p = NULL` in the function `dav_fs_dir_file_name` defined in
`modules/dav/fs/repos.c`

It would be better if `str` is checked to determined whether it is NULL or not
exactly before line 155. For the convenience, we attach the calling traces in
the attachements. The marks can demonstrate that it is a true bug.

Looking forward to your reply. Hope it can be fixed to assure the security and
quality of the software. Thank you for your effort and have a nice day.

Best regards

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 64727] NPD bug caused by function dav_fs_dir_file_name

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64727

Bingyu Shen <by...@eng.ucsd.edu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|byshen@eng.ucsd.edu         |

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 64727] NPD bug caused by function dav_fs_dir_file_name

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64727

Joe Orton <jo...@redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Joe Orton <jo...@redhat.com> ---
Again: please STOP filing this stuff in Bugzilla.

To demonstrate to us that a bug exists, you need to show us HOW to reproduce
the issue using a sequence of HTTP requests.  If all you have is the output of
a static analyzer, you have not even started work.  You need to understand the
code paths, work out how (or whether) they can be triggered using an HTTP (or
WebDAV) client.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org