cloudformation-guard icon indicating copy to clipboard operation
cloudformation-guard copied to clipboard
verified publisher icon aws-cloudformation

[BUG] main thread panic

Open sepehrdaddev opened this issue 4 years ago • 1 comments

Describe the bug One of my fuzzers found that when the user supplies crafted inputs to the cfn-guard parser, the application would crash.

To Reproduce Please supply:

  • Rule Used for causing the bug crash.guard 
"">/\

please note that crash.guard should not have \n at the end, the easiest way to create it is to run the following command: echo "IiI+L1w=" | base64 -d > crash.guard template.json

{}
  • The commands used to invoke the tool cat template.json | RUST_BACKTRACE=1 cfn-guard validate -r crash.guard
  • The output of the application
thread 'main' panicked at 'byte index 1 is out of bounds of ``', /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/nom-5.1.2/src/traits.rs:933:1
stack backtrace:
   0: rust_begin_unwind
             at /rustc/547a6ffee0cf4da9929a9e3d49546dc87d607735/library/std/src/panicking.rs:495:5
   1: core::panicking::panic_fmt
             at /rustc/547a6ffee0cf4da9929a9e3d49546dc87d607735/library/core/src/panicking.rs:107:14
   2: core::str::slice_error_fail
   3: <&str as nom::traits::Slice<core::ops::range::RangeFrom<usize>>>::slice
   4: <nom_locate::LocatedSpan<&str,X> as nom::traits::Slice<core::ops::range::RangeFrom<usize>>>::slice
   5: <nom_locate::LocatedSpan<T,X> as nom::traits::InputTake>::take_split
   6: <(A,B,C,D,E) as nom::branch::Alt<Input,Output,Error>>::choice
   7: <(FnA,FnB) as nom::sequence::Tuple<Input,(A,B),Error>>::parse
   8: <(A,B) as nom::branch::Alt<Input,Output,Error>>::choice
   9: core::ops::function::Fn::call
  10: cfn_guard::rules::parser::default_clauses
  11: nom::combinator::map::{{closure}}
  12: <(A,B,C,D,E) as nom::branch::Alt<Input,Output,Error>>::choice
  13: cfn_guard::rules::parser::remove_whitespace_comments::{{closure}}
  14: cfn_guard::rules::parser::rules_file
  15: <cfn_guard::commands::validate::Validate as cfn_guard::command::Command>::execute
  16: cfn_guard::main

Expected behavior It is expected to get parsing error.

Operating System: Ubuntu 20.04, AmazonLinux 2.

sepehrdaddev avatar Oct 23 '21 19:10 sepehrdaddev

Thanks for reporting this issue. We are looking into this.

shreyasdamle avatar Nov 15 '21 22:11 shreyasdamle

Hi @sepehrdaddev we have merged a fix for this #282. Feel free to test it out again, and re-open if you find anything more.

Thanks,

joshfried-aws avatar Oct 06 '22 18:10 joshfried-aws