summaryrefslogtreecommitdiff
path: root/src/fuzz
Commit message (Collapse)AuthorAgeFilesLines
* compress: replace compress_blob() with compress_blob_explicit()Yu Watanabe2023-04-111-1/+1
| | | | | | | And make compress_xyz() return 0 on success, as we know which compression algorithm is used when calling compress_blob(). Follow-up for 2360352ef02548723ac0c8eaf5ff6905eb9eeca5.
* meson: Add simple_fuzzers listJan Janssen2023-02-211-23/+13
|
* tree-wide: introduce PIPE_EBADF macroYu Watanabe2022-12-201-1/+1
|
* tree-wide: use -EBADF also in pipe initializersZbigniew Jędrzejewski-Szmek2022-12-191-1/+1
| | | | In some places, initialization is dropped when unnecesary.
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-192-2/+2
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* fuzz: fuzz-compress: fix copy-and-paste error: buf -> buf2 (#25431)Li kunyu2022-11-181-1/+1
|
* basic: rename util.h to logarithm.hZbigniew Jędrzejewski-Szmek2022-11-081-1/+0
| | | | | util.h is now about logarithms only, so we can rename it. Many files included util.h for no apparent reason… Those includes are dropped.
* tree-wide: do not use "re" with fmemopenZbigniew Jędrzejewski-Szmek2022-10-191-1/+1
| | | | | | The man page says nothing about "e". Glibc clearly accepts it without fuss, but it is meaningless for a memory object (and probably doesn't work). This use is not portable, so let's avoid it.
* fuzz: Introduce DO_NOT_OPTIMIZEJan Janssen2022-09-251-0/+3
| | | | | | | | | | | | | | | The compiler may decide computations like these are not doing anything and decide to optimize them away. This would defeat the whole fuzzing exercise. This macro will force the compiler to materialize the value no matter what. It should be less prone to accidents compared to using log functions, which would either slow things down or still optimize the value away (or simply move it into the if branch the log macros create). The benefit over assert_se would be that no requirement is made on the value itself. If we are fine getting a string of any size (including zero), an assert_se would either create a noisy compiler warning about conditions that would alawys be met or yet again optimize the whole thing away.
* tree-wide: use ASSERT_PTR moreDavid Tardon2022-09-131-2/+1
|
* bootctl: add --root and --imageLuca Boccassi2022-07-081-1/+1
| | | | Operate on image/directory, and also take files to install from it
* fuzzers: ignore size limits when compiled standaloneZbigniew Jędrzejewski-Szmek2022-05-123-2/+14
| | | | | This way we can still call fuzzers on old samples, but oss-fuzz will not waste its and our time finding overly large inputs.
* fuzzers: add input size limits, always configure limits in two waysYu Watanabe2022-05-124-4/+4
| | | | | | | | | | | | | | | | | Without the size limits, oss-fuzz creates huge samples that time out. Usually this is because some of our code has bad algorithmic complexity. For data like configuration samples we don't need to care about this: non-rogue configs are rarely more than a few items, and a bit of a slowdown with a few hundred items is acceptable. This wouldn't be OK for processing of untrusted data though. We need to set the limit in two ways: through .options and in the code. The first because it nicely allows libFuzzer to avoid wasting time, and the second because fuzzers like hongfuzz and afl don't support .options. While at it, let's fix an off-by-one (65535 is the largest offset for a power-of-two size, but we're checking the size here). Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
* Merge pull request #23335 from keszybz/fuzz-json-more-coverageYu Watanabe2022-05-111-5/+94
|\ | | | | More coverage in fuzz-json
| * fuzz-json: also try self-merge operationsZbigniew Jędrzejewski-Szmek2022-05-101-2/+7
| | | | | | | | This might even work ;)
| * fuzz-json: also do sorting and normalizing and other easy callsZbigniew Jędrzejewski-Szmek2022-05-101-0/+75
| |
| * fuzz-json: optionally allow logging and outputZbigniew Jędrzejewski-Szmek2022-05-101-5/+14
| | | | | | | | Similarly to other fuzzers… this makes development easier.
* | fuzz-bootspec: limit input sizeZbigniew Jędrzejewski-Szmek2022-05-112-0/+5
| | | | | | | | | | | | | | https://oss-fuzz.com/testcase-detail/5680508182331392 has the first timeout with 811kb of input. As in the other cases, the code is known to be slow with lots of repeated entries and we're fine with that.
* | fuzz-calendarspec: increase coverage by calculating occurencesZbigniew Jędrzejewski-Szmek2022-05-101-4/+39
| | | | | | | | | | | | | | | | | | Coverage data shows that we didn't test calendar_spec_next_usec() and associated functions at all. The input samples so far were only used until the first NUL. We take advantage of that by using the part until the second NUL as the starting timestamp, retaining backwards compatibility for how the first part is used.
* | shared/calendarspec: make function static voidZbigniew Jędrzejewski-Szmek2022-05-101-1/+0
|/ | | | | | calendar_spec_from_string() already calls calendar_spec_normalize(), so there is no point in calling it from the fuzzer. Once that's removed, there's just one internal caller and it can be made static.
* fuzz-bootspec: also add loader autoentriesZbigniew Jędrzejewski-Szmek2022-05-082-1/+18
|
* Add fuzzer for the bootspec parserZbigniew Jędrzejewski-Szmek2022-05-083-0/+128
|
* meson: sort list of fuzzersZbigniew Jędrzejewski-Szmek2022-05-081-8/+8
|
* compress: make Compression a regular non-sparse enumLennart Poettering2022-04-261-1/+1
| | | | | | | Given we have two different types for the journal object flags and the Compression enum, let's make the latter a regular non-sparse enum, and thus remove some surprises. We have to convert anyway between the two, and already do via COMPRESSION_FROM_OBJECT().
* basic: move compress.[ch] → src/basic/Lennart Poettering2022-04-261-16/+5
| | | | | | | | | | | | The compression helpers are used both in journal code and in coredump code, and there's a good chance we'll use them later for other stuff. Let's hence move them into src/basic/, to make them a proper internal API we can use from everywhere where that's desirable. (pstore might be a candidate, for example) No real code changes, just some moving around, build system rearrangements, and stripping of journal-def.h inclusion.
* meson: Use files() for fuzzersJan Janssen2022-01-111-10/+10
| | | | | | Not having to provide the full path in the source tree is much nicer and the produced lists can also be used anywhere in the source tree.
* fuzz: no longer skip empty filesEvgeny Vereshchagin2022-01-044-13/+13
| | | | | | | | Empty files and empty strings seem to have triggered various issues in the past so it seems they shouldn't be ignore by the fuzzers just because fmemopen can't handle them. Prompted by https://github.com/systemd/systemd/pull/21939#issuecomment-1003113669
* fuzz-fido-id-desc: drop unused case fileZbigniew Jędrzejewski-Szmek2021-10-181-6/+0
| | | | | | It wasn't picked up automatically because it's not in test/fuzz/fuzz-fido-id-desc/. But looking at the contents, it doesn't seem to be in the expected input format either.
* alloc-util: simplify GREEDY_REALLOC() logic by relying on malloc_usable_size()Lennart Poettering2021-05-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | We recently started making more use of malloc_usable_size() and rely on it (see the string_erase() story). Given that we don't really support sytems where malloc_usable_size() cannot be trusted beyond statistics anyway, let's go fully in and rework GREEDY_REALLOC() on top of it: instead of passing around and maintaining the currenly allocated size everywhere, let's just derive it automatically from malloc_usable_size(). I am mostly after this for the simplicity this brings. It also brings minor efficiency improvements I guess, but things become so much nicer to look at if we can avoid these allocation size variables everywhere. Note that the malloc_usable_size() man page says relying on it wasn't "good programming practice", but I think it does this for reasons that don't apply here: the greedy realloc logic specifically doesn't rely on the returned extra size, beyond the fact that it is equal or larger than what was requested. (This commit was supposed to be a quick patch btw, but apparently we use the greedy realloc stuff quite a bit across the codebase, so this ends up touching *a*lot* of code.)
* fuzz-main: allow the number of runs to be overriddenZbigniew Jędrzejewski-Szmek2021-03-061-3/+14
| | | | This is useful when debugging.
* fuzz-bus-message: move sources to src/libsystemd/Zbigniew Jędrzejewski-Szmek2021-03-062-47/+0
| | | | | There's also fuzz-bus-label, but despite the name, it tests code that is in src/shared/, so it shouldn't move.
* treewide: tighten variable scope in loops (#18372)Susant Sahani2021-01-271-4/+4
| | | | Also use _cleanup_free_ in one more place.
* meson: move test or fuzzer definitions to relevant meson.build in subdirectoriesYu Watanabe2021-01-191-86/+0
|
* meson: drop unnecessary libraries from journal related testsYu Watanabe2021-01-191-3/+1
|
* meson: move source file list for systemd-xdg-autostart-generator and its testsYu Watanabe2021-01-191-4/+0
|
* meson: drop unnecessary loopYu Watanabe2021-01-191-2/+1
|
* fuzzers: move several fuzzersYu Watanabe2021-01-1931-783/+23
|
* meson: make the second and third elements of tests or fuzzers optionalYu Watanabe2021-01-191-48/+18
| | | | Then, we can shorten many test definitions.
* xdg: move tests for xdg-autostart-generatorYu Watanabe2021-01-192-37/+1
| | | | | Then, we can drop src/xdg-autostart-generator from include directories later.
* fuzzers: set maximum length for several fuzzersYu Watanabe2020-12-304-0/+8
| | | | | | | Hopefully fixes oss-fuzz#19081, oss-fuzz#21731, oss-fuzz#21755. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19081 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21731 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21755
* Move hostname setup logic to new shared/hostname-setup.[ch]Zbigniew Jędrzejewski-Szmek2020-12-162-2/+2
| | | | | | | | | | No functional change, just moving a bunch of things around. Before we needed a rather complicated setup to test hostname_setup(), because the code was in src/core/. When things are moved to src/shared/ we can just test it as any function. The test is still "unsafe" because hostname_setup() may modify the hostname.
* meson: do not link with libudevYu Watanabe2020-12-161-2/+1
|
* Merge pull request #17478 from yuwata/split-network-internalYu Watanabe2020-11-271-1/+0
|\ | | | | libsystemd-network: split network-internal.c
| * meson: drop libsystemd_network from several binariesYu Watanabe2020-10-291-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reduces the size of udevadm: Before: ``` $ ll udevadm -rwxrwxr-x 1 watanabe watanabe 1203800 Oct 29 01:36 udevadm ``` After: ``` $ ll udevadm -rwxrwxr-x 1 watanabe watanabe 1094384 Oct 29 01:38 udevadm ```
* | license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-0934-34/+34
| |
* | udev: add fuzzer for udev_rule_parse_valueYu, Li-Yu2020-10-292-0/+35
|/
* fuzz-udev-rules: -ENOBUFS should be accepted tooZbigniew Jędrzejewski-Szmek2020-06-251-1/+6
| | | | | In udev_rules_load(), add a debug message. Otherwise there'd be no indication that parsing was aborted.
* fuzz-udev-rules: rewrite to not require root privilegesZbigniew Jędrzejewski-Szmek2020-06-231-83/+8
| | | | | | | Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20142. It turns out we don't need to do all this preparatory work if we want to parse just one file.
* udev: split rules object creation and loadingZbigniew Jędrzejewski-Szmek2020-06-231-1/+1
| | | | | The only functional change is to downgrade the log line to avoid double logging.
* core: remove support for ".include" stanzaLennart Poettering2020-06-031-1/+1
| | | | | | | | | | Six years ago we declared it obsolete and removed it from the docs (c073a0c4a5ffbf6677dd6af02e7c7d59b2b901ab) and added a note about it in NEWS. Two years ago we add warning messages about it, indicating the feature will be removed (41b283d0f1f4abd85d0bbeeb7f71bb30f87cfab9) and mentioned it in NEWS again. Let's now kill it for good.
View Lorry Controller Status