You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
There is a NULL Pointer Dereference in ports2PORT when the user passes ill-formatted portmap string to tcprewrite with option -r or --portmap
To Reproduce
Steps to reproduce the behavior:
download tcpreplay-4.4.4 release and build
wget https://github.com/appneta/tcpreplay/releases/download/v4.4.4/tcpreplay-4.4.4.tar.xz
tar xJf tcpreplay-4.4.4.tar.xz && cd tcpreplay-4.4.4 && ./configure && make -j8 && make install
inject ill-formatted '--portmap PORT1s-PORT1e:PORT2' to tcprewrite, pragram crashes when PORT1e is absent
PS: any valid in.pcap with the given --portmap string may reproduce the case.
Expected behavior
Program crashes with SEGV.
Screenshots
[root@b545adff9ebe dev]# gdb tcprewrite
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-120.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/bin/tcprewrite...done.
(gdb) r -r 1-:2 -i in.pcap -c in.pcap.cache -o out.pcap
Starting program: /usr/local/bin/tcprewrite -r 1-:2 -i in.pcap -c in.pcap.cache -o out.pcap
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff73e4fe7 in ____strtoll_l_internal () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.17-326.el7_9.3.x86_64 libpcap-1.5.3-13.el7_9.x86_64
(gdb) bt
#0 0x00007ffff73e4fe7 in ____strtoll_l_internal () from /lib64/libc.so.6
#1 0x000000000040685e in ports2PORT (ports=<optimized out>) at portmap.c:112
#2 0x0000000000406c6c in parse_portmap (portmap=portmap@entry=0x633e68,
ourstr=<optimized out>) at portmap.c:191
#3 0x0000000000404618 in tcpedit_post_args (tcpedit=0x6335e0)
at parse_args.c:184
#4 0x000000000040268c in main (argc=0, argv=<optimized out>)
at tcprewrite.c:84
(gdb) info reg
rax 0x7ffff776ff00 140737345158912
rbx 0x634810 6506512
rcx 0x0 0
rdx 0xa 10
rsi 0x7fffffffe588 140737488348552
rdi 0x0 0
rbp 0x0 0x0
rsp 0x7fffffffe520 0x7fffffffe520
r8 0x7ffff7772060 140737345167456
r9 0x6347f1 6506481
r10 0x1 1
r11 0x0 0
r12 0x1 1
r13 0x0 0
r14 0x2 2
r15 0x633010 6500368
rip 0x7ffff73e4fe7 0x7ffff73e4fe7 <____strtoll_l_internal+55>
eflags 0x10283 [ CF SF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
(gdb)
System (please complete the following information):
OS: CentOS Linux release 7.9.2009 (Core)
Tcpreplay Version: 4.4.4
The text was updated successfully, but these errors were encountered:
Describe the bug
There is a NULL Pointer Dereference in ports2PORT when the user passes ill-formatted portmap string to tcprewrite with option -r or --portmap
To Reproduce
Steps to reproduce the behavior:
PS: any valid in.pcap with the given --portmap string may reproduce the case.
Expected behavior
Program crashes with SEGV.
Screenshots
System (please complete the following information):
The text was updated successfully, but these errors were encountered: