Numeric Truncation at `reader_util.c:1507'

[headshog]

Hi! We've been fuzzing nDPI with sydr-fuzz security predicates and numeric truncation error was found in reader_util.c:1507.

In function packet_processing our tool has found numeric truncation error on line '1507'. We suggest to change the type uint32_t of variable ms on lines 1507, 1523 and 1542 to uint64_t type. Also then the type of parameter const u_int32_t value in function ndpi_data_add_value should be changed to const u_int64_t value.

Environment

• OS: ubuntu 20.04
• commit: 5704e4c

How to reproduce this error

1. Build docker container:

   sudo docker build -t oss-sydr-fuzz-ndpi .
   
   

2. Run docker container:

   docker run --privileged --network host -v /etc/localtime:/etc/localtime:ro --rm -it -v $PWD:/fuzz oss-sydr-fuzz-ndpi /bin/bash
   
   

3. Run on the following input:

   /nDPI/libfuzzer/fuzz_ndpi_reader sydr_8b9cb7917f68635994851de25846268a190f828f_num_trunc_1.txt
   
   

4. Output:

   /nDPI/example/reader_util.c:1507:17: runtime error: implicit conversion from type 'u_int64_t' (aka 'unsigned long') of value 18447052351682937 (64-bit, unsigned) to type 'u_int32_t' (aka 'unsigned int') changed the value to 311638393 (32-bit, unsigned)
   SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /nDPI/example/reader_util.c:1507:17
   

[IvanNardi]

The change makes sense; could you update your PR, updating the unit tests results, please? (see CI failures in Github actions)

[utoni]

Maybe we should think about integrating sydr-fuzz into nDPI.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[IvanNardi]

Merged; I updated the results myself. Thanks for your contribution