Describe the bug
There is a reachable assertion in cidr2cidr() when the user passes empty cidr string to tcpprep in CIDR-split mode.
To Reproduce
Steps to reproduce the behavior:
Get the Tcpreplay source code and compile it.
$ ./configure
$ make
Run Command $ ./tcpprep --cidr="" --pcap=./test.pcap --cachefile=/dev/null
The file test.pcap is from tcpreplay codebase, which is located in test/test.pcap.
Expected behavior
Program reports assertion failure and is terminated.
The GDB report:
$ gdb --args ./bin_normal/bin/tcpprep --cidr="" --pcap=./code/test/test.pcap --cachefile=/dev/null
(gdb) r
Starting program: /home/ubuntu178/cvelibf/test/tcpreplay/latest/bin_normal/bin/tcpprep --cidr= --pcap=./code/test/test.pcap --cachefile=/dev/null
tcpprep: cidr.c:178: cidr2cidr: Assertion `cidr' failed.
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007ffff7d6d859 in __GI_abort () at abort.c:79
#2 0x00007ffff7d6d729 in __assert_fail_base (fmt=0x7ffff7f03588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x555555565d1e "cidr", file=0x555555565d14 "cidr.c", line=178, function=<optimized out>)
at assert.c:92
#3 0x00007ffff7d7ef36 in __GI___assert_fail (assertion=0x555555565d1e "cidr", file=0x555555565d14 "cidr.c", line=178, function=0x555555565dd0 <__PRETTY_FUNCTION__.6522> "cidr2cidr") at assert.c:101
#4 0x000055555555daa4 in cidr2cidr (cidr=0x0) at cidr.c:178
#5 0x000055555555de56 in parse_cidr (cidrdata=0x55555556db20, cidrin=0x55555558dbf0 "", delim=0x555555564d61 ",") at cidr.c:299
#6 0x0000555555557e6c in doOptCidr (pOptions=0x55555556bc00 <tcpprepOptions>, pOptDesc=0x55555556b0f0 <optDesc+208>) at tcpprep_opts.c:1217
#7 0x00007ffff7f4111e in ?? () from /lib/x86_64-linux-gnu/libopts.so.25
#8 0x00007ffff7f49964 in ?? () from /lib/x86_64-linux-gnu/libopts.so.25
#9 0x00007ffff7f4c7c8 in optionProcess () from /lib/x86_64-linux-gnu/libopts.so.25
#10 0x000055555555899c in main (argc=4, argv=0x7fffffffc2d8) at tcpprep.c:89
System (please complete the following information):
OS: Ubuntu
OS version: 20.04, 64 bit
Tcpreplay Version: master bcb107a
$ ./bin_normal/bin/tcprewrite -V
tcprewrite version: 4.4.3 (build git:v4.4.3)
Copyright 2013-2022 by Fred Klassen <tcpreplay at appneta dot com> - AppNeta
Copyright 2000-2012 by Aaron Turner <aturner at synfin dot net>
The entire Tcpreplay Suite is licensed under the GPLv3
Cache file supported: 04
Not compiled with libdnet.
Compiled against libpcap: 1.9.1
64 bit packet counters: enabled
Verbose printing via tcpdump: enabled
Fragroute engine: disabled
fklassen
commented
1 year ago
Describe the bug There is a reachable assertion in
cidr2cidr()when the user passes empty cidr string totcpprepin CIDR-split mode.To Reproduce Steps to reproduce the behavior:
$ ./tcpprep --cidr="" --pcap=./test.pcap --cachefile=/dev/nullThe file
test.pcapis from tcpreplay codebase, which is located intest/test.pcap.Expected behavior Program reports assertion failure and is terminated.
The GDB report:
System (please complete the following information):