stack-buffer-overflow in xml_parsing.cpp

[Rrooach]

Bug report

Required Info:

• Operating System:
  • Ubuntu 20.04
• ROS2 Version: Humble
• Version or commit hash: 4b9bd8638de2cdd5bde363c84ecd4760105ec00e
• DDS implementation: FastRTPS

Steps to reproduce issue

Hi, when I fuzz test the behavior tree with Nav2, I encountered an ASAN report during testing, within the behavior tree module.

I build the project with AddressSanitizer:

 CC=clang CXX=clang++  colcon build --parallel-workers 3333  --cmake-args -DCMAKE_C_FLAGS=" -g  -w  -fsanitize=address " -DCMAKE_CXX_FLAGS="  -g  -w -fsanitize=address "

And then I start the fuzzing process, and I get the following error report:
https://pastebin.com/2MLhqdp8

It seems there is an illegal access at src/behaviortree-cpp-v3/src/xml_parsing.cpp

  for (auto bt_root = xml_root->FirstChildElement("BehaviorTree"); bt_root != nullptr;
       bt_root = bt_root->NextSiblingElement("BehaviorTree"))
  {
    recursiveStep(bt_root);
  }

Expected behavior

The program executes without error

Actual behavior

The program crashed with the ASAN report.

It would be so nice of you to review this bug report. Thank you again for taking the time. Any suggestions or feedback you can provide would be very helpful.

Tasks

Beta Give feedback

No tasks being tracked yet.