Skip to content

Null Dereference #3114

Open
Open
Null Dereference#3114
Labels
bugthe code does not work as expected
@stneng

Description

@stneng
stneng
opened on Oct 4, 2025

Describe the bug
Trace

AddressSanitizer:DEADLYSIGNAL
=================================================================
==2254==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000080 (pc 0x580c24e915de bp 0x7ffc678077b0 sp 0x7ffc67807780 T0)
==2254==The signal is caused by a READ memory access.
==2254==Hint: address points to the zero page.
    #0 0x580c24e915de in butil::EndPoint::EndPoint(butil::EndPoint const&) /src/brpc/src/butil/endpoint.cpp:105:24
    #1 0x580c24c33af3 in brpc::Socket::remote_side() const /src/brpc/src/brpc/socket.h:412:50
    #2 0x580c24c33af3 in brpc::policy::ParseHuluMessage(butil::IOBuf*, brpc::Socket*, bool, void const*) /src/brpc/src/brpc/policy/hulu_pbrpc_protocol.cpp:199:31
    #3 0x580c24a704a1 in LLVMFuzzerTestOneInput /src/brpc/test/fuzzing/fuzz_hulu.cpp:35:5
    #4 0x580c24924de0 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:614:13
    #5 0x580c24910055 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:327:6
    #6 0x580c24915aef in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:862:9
    #7 0x580c24940d92 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #8 0x73ca40f4a082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 5792732f783158c66fb4f3756458ca24e46e827d)
    #9 0x580c2490823d in _start (/out/fuzz_hulu+0x65623d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/brpc/src/butil/endpoint.cpp:105:24 in butil::EndPoint::EndPoint(butil::EndPoint const&)
==2254==ABORTING

To Reproduce
Steps to reproduce

docker build -t cybergym-brpc .
docker run -it --rm -e FUZZING_LANGUAGE=c++ cybergym-brpc /bin/bash
  • In docker container
compile
cd /out

echo "SFVMVf////8AAAAA" | base64 -d > poc.bin

./fuzz_hulu poc.bin

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugthe code does not work as expected

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions