Merge pull request #8441 from keszybz/oss-fuzz-fixes
Fixes for bugs found by oss-fuzz
This commit is contained in:
commit
3b71cf46be
5
TODO
5
TODO
|
@ -528,8 +528,7 @@ Features:
|
|||
* maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...
|
||||
|
||||
* test/:
|
||||
- add 'set -e' to scripts in test/
|
||||
- make stuff in test/ work with separate output dir
|
||||
- add unit tests for config_parse_device_allow()
|
||||
|
||||
* seems that when we follow symlinks to units we prefer the symlink
|
||||
destination path over /etc and /usr. We should not do that. Instead
|
||||
|
@ -774,8 +773,6 @@ Features:
|
|||
* hw watchdog: optionally try to use the preset watchdog timeout instead of always overriding it
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=54712
|
||||
|
||||
* create /sbin/init symlinks from the build system
|
||||
|
||||
* add a dependency on standard-conf.xml and other included files to man pages
|
||||
|
||||
* MountFlags=shared acts as MountFlags=slave right now.
|
||||
|
|
92
meson.build
92
meson.build
|
@ -412,20 +412,6 @@ foreach arg : ['-Wl,-z,relro',
|
|||
endif
|
||||
endforeach
|
||||
|
||||
# Check if various sanitizers are supported
|
||||
sanitizers = []
|
||||
foreach arg : ['address']
|
||||
|
||||
have = run_command(check_compilation_sh,
|
||||
cc.cmd_array(), '-x', 'c',
|
||||
'-fsanitize=@0@'.format(arg),
|
||||
'-include', link_test_c).returncode() == 0
|
||||
message('@0@ sanitizer supported: @1@'.format(arg, have ? 'yes' : 'no'))
|
||||
if have
|
||||
sanitizers += arg
|
||||
endif
|
||||
endforeach
|
||||
|
||||
if get_option('buildtype') != 'debug'
|
||||
foreach arg : ['-ffunction-sections',
|
||||
'-fdata-sections']
|
||||
|
@ -2657,48 +2643,56 @@ endforeach
|
|||
|
||||
############################################################
|
||||
|
||||
prev = ''
|
||||
foreach p : fuzz_regression_tests
|
||||
a = p.split('/')[-3]
|
||||
b = p.split('/')[-2]
|
||||
c = p.split('/')[-1]
|
||||
# Enable tests for all supported sanitizers
|
||||
foreach tuple : sanitizers
|
||||
sanitizer = tuple[0]
|
||||
build = tuple[1]
|
||||
|
||||
if a == 'address'
|
||||
build = sanitize_address
|
||||
else
|
||||
error('unknown sanitizer @0@'.format(a))
|
||||
endif
|
||||
have = run_command(check_compilation_sh,
|
||||
cc.cmd_array(), '-x', 'c',
|
||||
'-fsanitize=@0@'.format(sanitizer),
|
||||
'-include', link_test_c).returncode() == 0
|
||||
message('@0@ sanitizer supported: @1@'.format(sanitizer, have ? 'yes' : 'no'))
|
||||
|
||||
name = '@1@:@0@'.format(a, b)
|
||||
if have
|
||||
prev = ''
|
||||
foreach p : fuzz_regression_tests
|
||||
b = p.split('/')[-2]
|
||||
c = p.split('/')[-1]
|
||||
|
||||
if name != prev
|
||||
if want_tests == 'false'
|
||||
message('Not compiling @0@ because tests is set to false'.format(name))
|
||||
elif not sanitizers.contains(a)
|
||||
message('Not compiling @0@ because @1@ sanitizer is not available'.format(name, a))
|
||||
elif slow_tests
|
||||
exe = custom_target(
|
||||
name,
|
||||
output : name,
|
||||
depends : build,
|
||||
command : [env, 'ln', '-fs',
|
||||
join_paths(build.full_path(), b),
|
||||
'@OUTPUT@'],
|
||||
build_by_default : true)
|
||||
else
|
||||
message('Not compiling @0@ because slow-tests is set to false'.format(name))
|
||||
endif
|
||||
endif
|
||||
prev = name
|
||||
name = '@0@:@1@'.format(b, sanitizer)
|
||||
|
||||
if want_tests != 'false' and slow_tests
|
||||
test(c, env, args : [exe.full_path(),
|
||||
join_paths(meson.source_root(),
|
||||
'test/fuzz-regressions',
|
||||
p)])
|
||||
if name != prev
|
||||
if want_tests == 'false'
|
||||
message('Not compiling @0@ because tests is set to false'.format(name))
|
||||
elif slow_tests
|
||||
exe = custom_target(
|
||||
name,
|
||||
output : name,
|
||||
depends : build,
|
||||
command : [env, 'ln', '-fs',
|
||||
join_paths(build.full_path(), b),
|
||||
'@OUTPUT@'],
|
||||
build_by_default : true)
|
||||
else
|
||||
message('Not compiling @0@ because slow-tests is set to false'.format(name))
|
||||
endif
|
||||
endif
|
||||
prev = name
|
||||
|
||||
if want_tests != 'false' and slow_tests
|
||||
test('@0@:@1@:@2@'.format(b, c, sanitizer),
|
||||
env,
|
||||
args : [exe.full_path(),
|
||||
join_paths(meson.source_root(),
|
||||
'test/fuzz-regressions',
|
||||
p)])
|
||||
endif
|
||||
endforeach
|
||||
endif
|
||||
endforeach
|
||||
|
||||
|
||||
############################################################
|
||||
|
||||
if git.found()
|
||||
|
|
|
@ -581,7 +581,8 @@ static int calendarspec_from_time_t(CalendarSpec *c, time_t time) {
|
|||
CalendarComponent *year = NULL, *month = NULL, *day = NULL, *hour = NULL, *minute = NULL, *us = NULL;
|
||||
int r;
|
||||
|
||||
assert_se(gmtime_r(&time, &tm));
|
||||
if (!gmtime_r(&time, &tm))
|
||||
return -ERANGE;
|
||||
|
||||
r = const_chain(tm.tm_year + 1900, &year);
|
||||
if (r < 0)
|
||||
|
|
|
@ -410,7 +410,6 @@ int config_parse_socket_listen(const char *unit,
|
|||
if (r < 0) {
|
||||
if (r != -EAFNOSUPPORT)
|
||||
log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value, ignoring: %s", rvalue);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -3511,6 +3510,7 @@ int config_parse_device_allow(
|
|||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||
"Failed to resolve specifiers in %s, ignoring: %m",
|
||||
rvalue);
|
||||
return 0;
|
||||
}
|
||||
|
||||
n = strcspn(t, WHITESPACE);
|
||||
|
|
|
@ -118,6 +118,9 @@ static void test_socket_address_parse_netlink(void) {
|
|||
assert_se(socket_address_parse_netlink(&a, "route 10") >= 0);
|
||||
assert_se(a.sockaddr.sa.sa_family == AF_NETLINK);
|
||||
assert_se(a.protocol == NETLINK_ROUTE);
|
||||
|
||||
/* oss-fuzz #6884 */
|
||||
assert_se(socket_address_parse_netlink(&a, "\xff") < 0);
|
||||
}
|
||||
|
||||
static void test_socket_address_equal(void) {
|
||||
|
|
3
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6884
Normal file
3
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6884
Normal file
|
@ -0,0 +1,3 @@
|
|||
socket
|
||||
[Socket]
|
||||
ListenNetlink=ÿ
|
3
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6885
Normal file
3
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6885
Normal file
|
@ -0,0 +1,3 @@
|
|||
service
|
||||
[Service]
|
||||
DeviceAllow=%D
|
3
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6886
Normal file
3
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6886
Normal file
|
@ -0,0 +1,3 @@
|
|||
timer
|
||||
[Timer]
|
||||
OnCalendar=@88588582097858858
|
|
@ -24,7 +24,12 @@ sanitize_address = custom_target(
|
|||
'fuzzers',
|
||||
'-Db_lundef=false -Db_sanitize=address'])
|
||||
|
||||
sanitizers = [['address', sanitize_address]]
|
||||
|
||||
fuzz_regression_tests = '''
|
||||
address/fuzz-dns-packet/oss-fuzz-5465
|
||||
address/fuzz-dns-packet/issue-7888
|
||||
fuzz-dns-packet/oss-fuzz-5465
|
||||
fuzz-dns-packet/issue-7888
|
||||
fuzz-unit-file/oss-fuzz-6884
|
||||
fuzz-unit-file/oss-fuzz-6885
|
||||
fuzz-unit-file/oss-fuzz-6886
|
||||
'''.split()
|
||||
|
|
Loading…
Reference in a new issue