Skip to content

Zoom: fix heap-buffer-overflow#2621

Merged
utoni merged 1 commit into
ntop:devfrom
IvanNardi:zoom-crash
Nov 18, 2024
Merged

Zoom: fix heap-buffer-overflow#2621
utoni merged 1 commit into
ntop:devfrom
IvanNardi:zoom-crash

Conversation

@IvanNardi

@IvanNardi IvanNardi commented Nov 18, 2024

Copy link
Copy Markdown
Collaborator 
=================================================================
==30923==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50400023cc34 at pc 0x591f8b5dd546 bp 0x7ffe5ffc3530 sp 0x7ffe5ffc3528
READ of size 1 at 0x50400023cc34 thread T0
    #0 0x591f8b5dd545 in is_sfu_5 /home/ivan/svnrepos/nDPI/src/lib/protocols/zoom.c:146:6
    #1 0x591f8b5dda11 in zoom_search_again /home/ivan/svnrepos/nDPI/src/lib/protocols/zoom.c:166:6
    #2 0x591f8b22182f in ndpi_process_extra_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8156:9
    #3 0x591f8b236f88 in ndpi_internal_detection_process_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8793:5

Found by oss-fuzz
See: https://issues.oss-fuzz.com/issues/379072455

@IvanNardi
Zoom: fix heap-buffer-overflow
32a4a9b 
```
=================================================================
==30923==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50400023cc34 at pc 0x591f8b5dd546 bp 0x7ffe5ffc3530 sp 0x7ffe5ffc3528
READ of size 1 at 0x50400023cc34 thread T0
    #0 0x591f8b5dd545 in is_sfu_5 /home/ivan/svnrepos/nDPI/src/lib/protocols/zoom.c:146:6
    ntop#1 0x591f8b5dda11 in zoom_search_again /home/ivan/svnrepos/nDPI/src/lib/protocols/zoom.c:166:6
    ntop#2 0x591f8b22182f in ndpi_process_extra_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8156:9
    ntop#3 0x591f8b236f88 in ndpi_internal_detection_process_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8793:5
```
Found by oss-fuzz
See: https://issues.oss-fuzz.com/issues/379072455
@sonarqubecloud

sonarqubecloud Bot commented Nov 18, 2024

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@utoni utoni merged commit 2e2f08c into ntop:dev Nov 18, 2024
@IvanNardi IvanNardi deleted the zoom-crash branch November 18, 2024 12:21
@chenrui333 chenrui333 mentioned this pull request Dec 21, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@IvanNardi @utoni