Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixes a use-of-uninitialized-value in light_pcapng.c #1669

Merged
merged 9 commits into from
Jan 3, 2025
Merged

fixes a use-of-uninitialized-value in light_pcapng.c #1669

merged 9 commits into from
Jan 3, 2025

Conversation

Shivam7-1
Copy link
Contributor

This PR fixes a use-of-uninitialized-value vulnerability in light_pcapng.c. The changes ensure all allocated memory is properly initialized before use, mitigating potential crashes and undefined behavior.

Issue: https://issues.oss-fuzz.com/issues/42536106
Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6639796737867776

@Shivam7-1 Shivam7-1 requested a review from seladb as a code owner December 23, 2024 14:56
@Shivam7-1
Copy link
Contributor Author

Hii @seladb Could You please Review this PR
Thanks

@Dimi1010 Dimi1010 changed the base branch from master to dev December 24, 2024 06:23
@Dimi1010 Dimi1010 closed this Dec 24, 2024
@Dimi1010 Dimi1010 reopened this Dec 24, 2024
@codecov Codecov
Copy link

codecov bot commented Dec 24, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 81.81818% with 2 lines in your changes missing coverage. Please review.

Project coverage is 83.15%. Comparing base (ab75534) to head (4812dd1).
Report is 4 commits behind head on dev.

Files with missing lines Patch % Lines
...rdParty/LightPcapNg/LightPcapNg/src/light_pcapng.c 81.81% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##              dev    #1669      +/-   ##
==========================================
- Coverage   83.15%   83.15%   -0.01%     
==========================================
  Files         277      277              
  Lines       48193    48201       +8     
  Branches     9949     9920      -29     
==========================================
+ Hits        40077    40083       +6     
+ Misses       7225     7223       -2     
- Partials      891      895       +4
Flag Coverage Δ
alpine320 75.16% <75.00%> (+<0.01%) ⬆️
fedora40 75.20% <75.00%> (+<0.01%) ⬆️
macos-13 80.66% <81.81%> (+<0.01%) ⬆️
macos-14 80.65% <81.81%> (-0.01%) ⬇️
macos-15 80.63% <81.81%> (-0.01%) ⬇️
mingw32 70.89% <ø> (-0.03%) ⬇️
mingw64 70.86% <ø> (-0.03%) ⬇️
npcap 85.23% <ø> (-0.09%) ⬇️
rhel94 75.02% <75.00%> (-0.03%) ⬇️
ubuntu2004 58.61% <37.50%> (-0.01%) ⬇️
ubuntu2004-zstd 58.73% <37.50%> (-0.01%) ⬇️
ubuntu2204 74.97% <75.00%> (+<0.01%) ⬆️
ubuntu2204-icpx 61.40% <ø> (+<0.01%) ⬆️
ubuntu2404 75.20% <75.00%> (-0.02%) ⬇️
unittest 83.15% <81.81%> (-0.01%) ⬇️
windows-2019 85.33% <ø> (-0.01%) ⬇️
windows-2022 85.35% <ø> (-0.02%) ⬇️
winpcap 85.33% <ø> (ø)
xdp 50.53% <0.00%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@tigercosmos
Copy link
Collaborator

tigercosmos commented Dec 26, 2024
edited
Loading

@Shivam7-1 Could you only modify the necessary parts? Try to minimiaze the lines of changes ...
Also please address the CI issue.

tigercosmos
tigercosmos reviewed Dec 26, 2024
View reviewed changes
3rdParty/LightPcapNg/LightPcapNg/src/light_pcapng.c Outdated
current->options = opt;
}
break;
void parse_by_block_type(struct _light_pcapng *current, const uint32_t *local_data, const uint32_t *block_start) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't change the format. Same for all other lines.

@Shivam7-1
Copy link
Contributor Author

@Shivam7-1 Could you only modify the necessary parts? Try to minimiaze the lines of changes ... Also please address the CI issue.

Hii where I could see CI issue or find out

@seladb
Copy link
Owner

seladb commented Jan 1, 2025

@Shivam7-1 Could you only modify the necessary parts? Try to minimiaze the lines of changes ... Also please address the CI issue.

@Shivam7-1 as @tigercosmos commented, please try only to change specific lines and avoid changing the formatting. LightPcapNg is a 3rd party library so we try to make minimal change in it

@Shivam7-1
Copy link
Contributor Author

Shivam7-1 commented Jan 1, 2025
edited
Loading

@Shivam7-1 Could you only modify the necessary parts? Try to minimiaze the lines of changes ... Also please address the CI issue.

@Shivam7-1 as @tigercosmos commented, please try only to change specific lines and avoid changing the formatting. LightPcapNg is a 3rd party library so we try to make minimal change in it

Hii @seladb @tigercosmos Thanks For Reviewing I had Done this Changes and avoided any changes in formatting it can reviewed here https://github.com/seladb/PcapPlusPlus/pull/1669/files

@seladb seladb merged commit 7898a5d into seladb:dev Jan 3, 2025
40 checks passed
@seladb
Copy link
Owner

seladb commented Jan 3, 2025

Thank you @Shivam7-1 for working on this fix, much appreciated! 🙏

@Shivam7-1
Copy link
Contributor Author

Thank you @Shivam7-1 for working on this fix, much appreciated! 🙏

Hii Thanks to you also and Team for Continuous Support and feedback

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tigercosmos tigercosmos tigercosmos approved these changes

@seladb seladb seladb approved these changes

@Dimi1010 Dimi1010 Awaiting requested review from Dimi1010

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Shivam7-1 @tigercosmos @seladb @Dimi1010