picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Systemd/test/fuzz-regressions/fuzz-journal-remote
History
Zbigniew Jędrzejewski-Szmek 21e4e3e06f basic/ellipsize: do not assume the string is NUL-terminated when length is given 
oss-fuzz flags this as:

==1==WARNING: MemorySanitizer: use-of-uninitialized-value

0. 0x7fce77519ca5 in ascii_is_valid systemd/src/basic/utf8.c:252:9
1. 0x7fce774d203c in ellipsize_mem systemd/src/basic/string-util.c:544:13
2. 0x7fce7730a299 in print_multiline systemd/src/shared/logs-show.c:244:37
3. 0x7fce772ffdf3 in output_short systemd/src/shared/logs-show.c:495:25
4. 0x7fce772f5a27 in show_journal_entry systemd/src/shared/logs-show.c:1077:15
5. 0x7fce772f66ad in show_journal systemd/src/shared/logs-show.c:1164:29
6. 0x4a2fa0 in LLVMFuzzerTestOneInput systemd/src/fuzz/fuzz-journal-remote.c:64:21
...

I didn't reproduce the issue, but this looks like an obvious error: the length
is specified, so we shouldn't use the string with any functions for normal
C-strings.
 		2018-06-11 10:04:10 +02:00
..
crash-5a8f03d4c3a46fcded39527084f437e8e4b54b76 shared/logs-show: be more careful before using a _SOURCE_REALTIME_TIMESTAMP entry 2018-05-31 14:30:23 +02:00
crash-96dee870ea66d03e89ac321eee28ea63a9b9aa45 shared/logs-show: fix mixup between length-based memory duplication and string operations 2018-05-31 14:30:23 +02:00
oss-fuzz-8659 basic/ellipsize: do not assume the string is NUL-terminated when length is given 2018-06-11 10:04:10 +02:00
oss-fuzz-8686 test-ellipsize: add tests for ellipsize_mem, fix bugs 2018-06-02 21:53:25 +02:00