zimmerle

* thread #3, name = 'bitcoin-indexer', stop reason = signal SIGSEGV: invalid address (fault address: 0x820)
  * frame #0: 0x0000555555c5a3c7 bitcoin-indexer`core::sync::atomic::atomic_load::he02b71c0dfb824e8(dst=0x0000000000000820, order=Acquire) at atomic.rs:2242:24
    frame #1: 0x0000555555c54680 bitcoin-indexer`core::sync::atomic::AtomicUsize::load::h38f488dc6e1e15b6(self=0x0000000000000820, order=Acquire) at atomic.rs:1366:30
    frame #2: 0x0000555555c5003c bitcoin-indexer`crossbeam_epoch::atomic::Atomic$LT$T$GT$::load::h75d251bf0d088b48(self=0x0000000000000820, ord=Acquire, (null)=0x0000555555e82058) at atomic.rs:208:36
    frame #3: 0x0000555555c5275a bitcoin-indexer`crossbeam_epoch::sync::queue::Queue$LT$T$GT$::try_pop::h8a10c0a89b65b3ea at queue.rs:117:20
    frame #4: 0x0000555555c526de bitcoin-indexer`crossbeam_epoch::sync::queue::Queue$LT$T$GT$::try_pop::h8a10c0a89b65b3ea(self=0x00007ffff5b42610, guard=0x0000555555e82058) at queue.rs:162
    frame #5: 0x0000555555c52ca0 bitcoin-indexer`_$LT$cross

zimmerle

thread '<unnamed>' panicked at 'attempted to leave type `nodrop::NoDrop<(epoch::Epoch, garbage::Bag)>` uninitialized, which is invalid', /rustc/7eac88abb2e57e752f3302f02be5f3ce3d7adfb4/library/core/src/mem/mod.rs:658:9
stack backtrace:
Block 73000H: 00000000005936a8d5637765967ad4da3599596adf19879f5e65d6940da7fa64
   0:     0x564a68ac1d50 - std::backtrace_rs::backtrace::libunwind::trace::h72c2fb8038f1bbee
                               at /rustc/7eac88abb2e57e752f3302f02be5f3ce3d7adfb4/library/std/src/../../backtrace/src/backtrace/libunwind.rs:96
   1:     0x564a68ac1d50 - std::backtrace_rs::backtrace::trace_unsynchronized::h1e3b084883f1e78c
                               at /rustc/7eac88abb2e57e752f3302f02be5f3ce3d7adfb4/library/std/src/../../backtrace/src/backtrace/mod.rs:66
   2:     0x564a68ac1d50 - std::sys_common::backtrace::_print_fmt::h3bf6a7ebf7f0394a
                               at /rustc/7eac88abb2e57e752f3302f02be5f3ce3d7adfb4/library/std/src/sys_common/backtrace.rs:79
   3:     0x564a68ac1d50 - 

zimmerle

#!env python

from scholarly import scholarly
import sys


authors_pub = """
Aad van Moorsel
Felipe Zimmerle da N. Costa
...

zimmerle

[  
  {  
    "enabled":1,
    "version_min":300000,
    "title":"Test case to exemplify the discussion on issue #2368",
    "client":{  
      "ip":"200.249.12.31",
      "port":123
    },
    "server":{  

zimmerle

[1591979490] [] [4] Initializing transaction
[1591979490] [] [4] Transaction context created.
[1591979490] [] [4] Starting phase CONNECTION. (SecRules 0)
[1591979490] [] [9] This phase consists of 0 rule(s).
[1591979490] [] [4] Starting phase URI. (SecRules 0 + 1/2)
[1591979490] [/] [4] Starting phase REQUEST_HEADERS.  (SecRules 1)
[1591979490] [/] [9] This phase consists of 0 rule(s).
[1591979490] [/] [4] Starting phase REQUEST_BODY. (SecRules 2)
[1591979490] [/] [9] This phase consists of 1 rule(s).
[1591979490] [/] [4] (Rule: 159) Executing operator "Rx" with param "3" against MODSEC_BUILD.

zimmerle

diff --git a/test/fuzzer/afl_fuzzer.cc b/test/fuzzer/afl_fuzzer.cc
index 9c7fe3a5..f2234141 100644
--- a/test/fuzzer/afl_fuzzer.cc
+++ b/test/fuzzer/afl_fuzzer.cc
@@ -23,8 +23,8 @@
  * for i in $(ls -l src/actions/transformations/*.h | awk {'print $9'}); do echo "#include \"$i\""; done;
  *
  */
-#include "src/actions/transformations/base64_decode_ext.h"
 #include "src/actions/transformations/base64_decode.h"

zimmerle

airween [7:04 PM]
here is an issue:
https://github.com/SpiderLabs/ModSecurity/issues/1960

and a possible solution:
https://github.com/airween/ModSecurity/tree/v3/issue-1960
GitHub
SecRuleEngine ignore DetectionOnly · Issue #1960 · SpiderLabs/ModSecurity
Describe the bug it seems that the latest v3/master completely ignores the DetectionOnly SecRuleEngine configuration. When a rule match, I get always the default disruptive action even if SecRuleEn...
GitHub

zimmerle

SecRule REQUEST_FILENAME "@pmFromFile https://www.modsecurity.org/modsecurity-regression-test.txt" "id:'123',phase:2,log,pass,t:none"

zimmerle

    if (keyl == "cookie") {
        size_t localOffset = m_variableOffset;
        std::vector<std::string> cookies = utils::string::ssplit(value, ';');
        for (const std::string &c : cookies) {
            std::vector<std::string> s = utils::string::split(c, '=');
            if (s.size() > 1) {
                if (s[0].at(0) == ' ') {
                    s[0].erase(0, 1);
                }
                m_variableRequestCookiesNames.set(s[0], s[0], localOffset);

zimmerle

==5853== 
==5853== Use of uninitialised value of size 8
==5853==    at 0x76FD4D5: ??? (in /usr/lib/libre2.so.0.0.0)
==5853==    by 0x76FE461: ??? (in /usr/lib/libre2.so.0.0.0)
==5853==    by 0x76DB3C7: ??? (in /usr/lib/libre2.so.0.0.0)
==5853==    by 0x76DD3A2: ??? (in /usr/lib/libre2.so.0.0.0)
==5853==    by 0x7705E2D: re2::RE2::Init(re2::StringPiece const&, re2::RE2::Options const&) (in /usr/lib/libre2.so.0.0.0)
==5853==    by 0x7706DE3: re2::RE2::RE2(re2::StringPiece const&, re2::RE2::Options const&) (in /usr/lib/libre2.so.0.0.0)
==5853==    by 0x1F2479: modsecurity::regex::backend::Re2::Re2(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) (re2.cc:43)
==5853==    by 0x1D8BB0: modsecurity::regex::backend::Backend* modsecurity::regex::compile_regex_fallback<modsecurity::regex::backend::Re2, modsecurity::regex::backend::Pcre>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) (backend_fallback.h:32)