Numeric truncation at `ndpi_main.c:6837'

[headshog]

Hi! We've been fuzzing nDPI with sydr-fuzz security predicates and numeric truncation error was found in ndpi_main.c:6837.

In ndpi_internal_detection_process_packet function we have found this error on line 6837. On this line variable current_time_ms has type const u_int64_t and variable ndpi_str->current_ts has type u_int32_t, so numeric truncation can happen. I've also checked where else the variable current_ts is used and found out that only in ndpi_main.c on line 6837. In case of further use of this variable it would be better to change the type u_int32_t current_ts to u_int64_t current_ts in ndpi_typedefs.h.

Environment

• OS: ubuntu 20.04
• commit: 334b435

How to reproduce this error

1. Build docker container:

   sudo docker build -t oss-sydr-fuzz-ndpi .
   
   

2. Run docker container:

   docker run --privileged --network host -v /etc/localtime:/etc/localtime:ro --rm -it -v $PWD:/fuzz oss-sydr-fuzz-ndpi /bin/bash
   
   

3. Run on the following input:

   /nDPI/libfuzzer/fuzz_ndpi_reader sydr_68d3a05134c0c18be22066d0aaa8b5d51cd2a5e5_num_trunc_0.txt
   
   

4. Output:

   ndpi_main.c:6830:26: runtime error: implicit conversion from type 'u_int64_t' (aka 'unsigned long') of value 18446744073709550616 (64-bit, unsigned) to type 'u_int32_t' (aka 'unsigned int') changed the value to 4294966296 (32-bit, unsigned)
   SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ndpi_main.c:6830:26
   

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information