[Bug] NULL Pointer Dereference in mask_cidr6 at cidr.c:228 #824
Description
Describe the bug
There is a NULL Pointer Dereference in mask_cidr6 when the user passes empty pseudo-NAT string to tcprewrite with option --pnat
To Reproduce
Steps to reproduce the behavior:
- export CC=clang && export CFLAGS="-fsanitize=address -g"
- ./autogen.sh && ./configure --disable-shared --disable-local-libopts && make clean && make -j8
- ./src/tcprewrite -o /dev/null -i POC --pnat=""
The POC file could be downloaded in POC
Expected behavior
Program crashes with SEGV.
==2629735==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x56108e9eb575 bp 0x7fff0fde5190 sp 0x7fff0fde5100 T0)
==2629735==The signal is caused by a READ memory access.
==2629735==Hint: address points to the zero page.
#0 0x56108e9eb575 in mask_cidr6 /home/yiyang/tcpreplay-4.4.4/src/common/cidr.c:228:9
#1 0x56108e9eb2ad in parse_cidr /home/yiyang/tcpreplay-4.4.4/src/common/cidr.c:252:5
#2 0x56108e9ec836 in parse_cidr_map /home/yiyang/tcpreplay-4.4.4/src/common/cidr.c:371:10
#3 0x56108e9bd98a in tcpedit_post_args /home/yiyang/tcpreplay-4.4.4/src/tcpedit/parse_args.c:54:22
#4 0x56108e9b678f in main /home/yiyang/tcpreplay-4.4.4/src/tcprewrite.c:84:13
#5 0x7f6cb96bed8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#6 0x7f6cb96bee3f in __libc_start_main csu/../csu/libc-start.c:392:3
#7 0x56108e8f6544 in _start (/home/yiyang/tcpreplay-4.4.4/src/tcprewrite+0x38544) (BuildId: be72a8c23dd0721673aaa687b6258865600acadf)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/yiyang/tcpreplay-4.4.4/src/common/cidr.c:228:9 in mask_cidr6
==2629735==ABORTING
System (please complete the following information):
- OS: Ubuntu
- OS version: 22.04, 64 bit
- Tcpreplay Version: 4.4.4