diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2021-01-29 21:47:56 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2021-01-29 21:47:56 +0800 |
| commit | 86a5e63617c1135858781a06315cba7de558b467 (patch) | |
| tree | 5684cd1c415e525462c40191e2fe5cabc845ab8f | |
| parent | 419e0240cc7611d1b0057fa97f00b77b14da44fb (diff) | |
| download | dropbear-86a5e63617c1135858781a06315cba7de558b467.tar.gz | |
fuzz: wrap kill()
| -rw-r--r-- | fuzz-wrapfd.h | 2 | ||||
| -rw-r--r-- | fuzz.h | 1 | ||||
| -rw-r--r-- | fuzz/fuzz-wrapfd.c | 12 | ||||
| -rw-r--r-- | svr-chansession.c | 4 |
4 files changed, 19 insertions, 0 deletions
diff --git a/fuzz-wrapfd.h b/fuzz-wrapfd.h index 6677e62..d0dea88 100644 --- a/fuzz-wrapfd.h +++ b/fuzz-wrapfd.h @@ -1,6 +1,7 @@ #ifndef FUZZ_WRAPFD_H #define FUZZ_WRAPFD_H +#include "includes.h" #include "buffer.h" enum wrapfd_mode { @@ -21,5 +22,6 @@ int wrapfd_write(int fd, const void* in, size_t count); int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout); int wrapfd_close(int fd); +int fuzz_kill(pid_t pid, int sig); #endif // FUZZ_WRAPFD_H @@ -59,6 +59,7 @@ void fuzz_dump(const unsigned char* data, size_t len); #define write(fd, buf, count) wrapfd_write(fd, buf, count) #define read(fd, buf, count) wrapfd_read(fd, buf, count) #define close(fd) wrapfd_close(fd) +#define kill(pid, sig) fuzz_kill(pid, sig) #endif // FUZZ_SKIP_WRAP struct dropbear_fuzz_options { diff --git a/fuzz/fuzz-wrapfd.c b/fuzz/fuzz-wrapfd.c index 02f293d..1e2f4f6 100644 --- a/fuzz/fuzz-wrapfd.c +++ b/fuzz/fuzz-wrapfd.c @@ -258,3 +258,15 @@ int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, return ret; } +int fuzz_kill(pid_t pid, int sig) { + if (fuzz.fuzzing) { + TRACE(("fuzz_kill ignoring pid %d signal %d", (pid), sig)) + if (sig >= 0) { + return 0; + } else { + errno = EINVAL; + return -1; + } + } + return kill(pid, sig); +} diff --git a/svr-chansession.c b/svr-chansession.c index d090395..1fac918 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -423,12 +423,14 @@ out: /* Send a signal to a session's process as requested by the client*/ static int sessionsignal(const struct ChanSess *chansess) { + TRACE(("sessionsignal")) int sig = 0; char* signame = NULL; int i; if (chansess->pid == 0) { + TRACE(("sessionsignal: done no pid")) /* haven't got a process pid yet */ return DROPBEAR_FAILURE; } @@ -446,12 +448,14 @@ static int sessionsignal(const struct ChanSess *chansess) { m_free(signame); + TRACE(("sessionsignal: pid %d signal %d", (int)chansess->pid, sig)) if (sig == 0) { /* failed */ return DROPBEAR_FAILURE; } if (kill(chansess->pid, sig) < 0) { + TRACE(("sessionsignal: kill() errored")) return DROPBEAR_FAILURE; } |