Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-6592

Stack overflow finding found by OSS-Fuzz

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None

    Description

      Dear Apache Felix Dev developers,

       

      Fuzzing has found a stack overflow in OSS-Fuzz with JVM Fuzzer Jazzer in Apache Felix Dev. We have reviewed the finding and consider it security-related due to the potential of a denial of service.

       

      Part of the crash stack trace:

      == Java Exception: com.code_intelligence.jazzer.api.FuzzerSecurityIssueLow: Stack overflow (use '-Xss921k' to reproduce)

      at org.apache.felix.utils.json.JSONParser.parseValue(JSONParser.java:124)

      Caused by: java.lang.StackOverflowError at java.base/java.lang.String.trim(String.java:2681)

      at org.apache.felix.utils.json.JSONParser.parseKeyValueListRaw(JSONParser.java:215)

      at org.apache.felix.utils.json.JSONParser.parseListValuesRaw(JSONParser.java:278)

      at org.apache.felix.utils.json.JSONParser.parseValue(JSONParser.java:123)

      at org.apache.felix.utils.json.JSONParser.parseValue(JSONParser.java:124)

      at org.apache.felix.utils.json.JSONParser.parseValue(JSONParser.java:124)

      ...

       

      We have included a reproducer zip which contains a README file that describes how to reproduce the issue.

      We would appreciate if you could take a look into the findings. Do you see a risk that this might be exploited by untrusted input?

       

      OSS-Fuzz Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51725

      Hint: The provided OSS-Fuzz Issue links are only accessible if the issue gets fixed or if you are the maintainer of the OSS-Fuzz project.

       

      Fuzz target: https://github.com/google/oss-fuzz/blob/master/projects/apache-felix-dev/JSONParserFuzzer.java

      Attachments

        Activity

          People

            Unassigned Unassigned
            hlin Henry Lin
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: