oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

NULL pointer dereference in lib60870 protocol

From: Dhiraj Mishra <mishra.dhiraj95 () gmail com>
Date: Fri, 11 Jan 2019 23:44:16 +0530
Hi List,

## Summary:
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in
link_layer/link_layer.c has a NULL pointer dereference.

Snip code from link_layer.c#L142:
LinkLayer_setAddress(LinkLayer self, int address)
{
    self->address = address;
}
## BT:

==5832==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x55eb02eed6a2 bp 0x7ffc3b237e30 sp 0x7ffc3b237e20 T0)
==5832==The signal is caused by a READ memory access.
==5832==Hint: address points to the zero page.
    #0 0x55eb02eed6a1 in LinkLayer_setAddress
/home/input0/Desktop/lib60870/lib60870-C/src/iec60870/link_layer/link_layer.c:142
    #1 0x55eb02eeab30 in CS101_Master_setOwnAddress
/home/input0/Desktop/lib60870/lib60870-C/src/iec60870/cs101/cs101_master.c:311
    #2 0x55eb02ec4601 in main
/home/input0/Desktop/lib60870/lib60870-C/examples/cs101_master_balanced/master_example.c:127
    #3 0x7fb921c52b96 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #4 0x55eb02ec40f9 in _start
(/home/input0/Desktop/lib60870/lib60870-C/build/examples/cs101_master_balanced/cs101_master_balanced+0x120f9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/input0/Desktop/lib60870/lib60870-C/src/iec60870/link_layer/link_layer.c:142
in LinkLayer_setAddress
==5832==ABORTING

Later CVE-2019-6137 was assigned to this.


Thank you
@mishradhiraj_
Previous By Date Next
Previous By Thread Next

Current thread: