[Bug 64727] New: NPD bug caused by function dav_fs_dir_file_name

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 64727] New: NPD bug caused by function dav_fs_dir_file_name

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=64727

            Bug ID: 64727
           Summary: NPD bug caused by function dav_fs_dir_file_name
           Product: Apache httpd-2
           Version: 2.4-HEAD
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_dav
          Assignee: [hidden email]
          Reporter: [hidden email]
                CC: [hidden email]
  Target Milestone: ---

Created attachment 37441
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37441&action=edit
Clear explanation of bug trace

Hi guys,

We have found a NULL Pointer Dereference Bug as follows.

Bug description: `dav_buffer_append` dereferences `str` at line 155 in
`modules/dav/main/util.c`, while `str` is potentially empty string

Root cause: `*fname_p = NULL` in the function `dav_fs_dir_file_name` defined in
`modules/dav/fs/repos.c`

It would be better if `str` is checked to determined whether it is NULL or not
exactly before line 155. For the convenience, we attach the calling traces in
the attachements. The marks can demonstrate that it is a true bug.

Looking forward to your reply. Hope it can be fixed to assure the security and
quality of the software. Thank you for your effort and have a nice day.

Best regards

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 64727] NPD bug caused by function dav_fs_dir_file_name

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=64727

Bingyu Shen <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|[hidden email]         |

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 64727] NPD bug caused by function dav_fs_dir_file_name

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=64727

Joe Orton <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Joe Orton <[hidden email]> ---
Again: please STOP filing this stuff in Bugzilla.

To demonstrate to us that a bug exists, you need to show us HOW to reproduce
the issue using a sequence of HTTP requests.  If all you have is the output of
a static analyzer, you have not even started work.  You need to understand the
code paths, work out how (or whether) they can be triggered using an HTTP (or
WebDAV) client.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]