Description
Code
This comes from oss-fuzz cf https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55286&q=label%3AProj-suricata
This is with RUSTFLAGS='--cfg fuzzing -Zsanitizer=memory -Cdebuginfo=1 -Cforce-frame-pointers -Zsanitizer-memory-track-origins'
It happens with C code calling a rust function which returns std::ptr::null_mut(), and then C code checks the pointer for NULL
Basically, it reports use of uninitialized value at
https://github.com/OISF/suricata/blob/a24d7dc45c818054f97448ce42ca9ba270b3b8e4/src/detect-dce-iface.c#L151
void *did = rs_dcerpc_iface_parse(arg);
if (did == NULL) {
And rs_dcerpc_iface_parse is returning std::ptr::null_mut()
cf https://github.com/OISF/suricata/blob/a24d7dc45c818054f97448ce42ca9ba270b3b8e4/rust/src/dcerpc/detect.rs#L243
I expected to see this happen: no report from Memory sanitizer
Instead, this happened:
==13==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xe25448 in DetectDceIfaceSetup /src/suricata/src/detect-dce-iface.c:151:9
Version it worked on
It most recently worked on: nightly-2023-01-17
Version with regression
rustc --version --verbose:
Sorry it is nightly-2023-01-18
rustc --version --verbose
rustc 1.68.0-nightly (3984bc583 2023-01-17)
binary: rustc
commit-hash: 3984bc5833db8bfb0acc522c9775383e4171f3de
commit-date: 2023-01-17
host: x86_64-unknown-linux-gnu
release: 1.68.0-nightly
LLVM version: 15.0.6