[gnutls-devel] libtasn1 | Hash function triggers UBSAN (#13)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Jul 22 10:34:49 CEST 2019

Tim Rühsen created an issue:

  Assignee: Tim Rühsen

  Detected while writing the fuzzer integration:
hash-pjw-bare.c:39:14: runtime error: unsigned integer overflow: 255 + 18446744073709551361 cannot be represented in type 'unsigned long'
    #0 0x5497d3 in hash_pjw_bare /home/oms/src/libtasn1/lib/gl/hash-pjw-bare.c:39:14
    #1 0x53e752 in asn1_find_node /home/oms/src/libtasn1/lib/parser_aux.c
    #2 0x54728a in _asn1_check_identifier /home/oms/src/libtasn1/lib/parser_aux.c:987:9
    #3 0x4fa55a in asn1_array2tree /home/oms/src/libtasn1/lib/structure.c:245:16
    #4 0x4f84d6 in LLVMFuzzerTestOneInput /home/oms/src/libtasn1/fuzz/libtasn1_array2tree_fuzzer.c:79:3

This is expected behavior of hash functions. But it needs to be suppressed to not disguise other findings.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/issues/13
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190722/a3c6c37b/attachment.html>

More information about the Gnutls-devel mailing list