- 28 Mar, 2021 1 commit
-
-
Christian Brauner authored
This takes the overflow handling code from the kernel. Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32549Signed-off-by:
Christian Brauner <christian.brauner@ubuntu.com>
-
- 27 Mar, 2021 15 commits
-
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32503Signed-off-by:
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32488Signed-off-by:
-
Stéphane Graber authored
confile_utils: free list during lxc_remove_nic_by_idx()
-
Christian Brauner authored
Reported-by:
Evgeny Vereshchagin <evvers@ya.ru> Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484Signed-off-by:
-
Stéphane Graber authored
oss-fuzz: fixes
-
Evgeny Vereshchagin authored
Signed-off-by: -
Evgeny Vereshchagin authored
It was found by ClusterFuzz in https://oss-fuzz.com/testcase-detail/4747480244813824 but hasn't been reported on Monorail (https://bugs.chromium.org/p/oss-fuzz/) yet ``` $ cat minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e lxc.net.0.hwaddr=0 lxc.net.0.hwaddr=4 ./out/fuzz-lxc-config-read minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e INFO: Seed: 1473396311 INFO: Loaded 1 modules (18821 inline 8-bit counters): 18821 [0x885fa0, 0x88a925), INFO: Loaded 1 PC tables (18821 PCs): 18821 [0x88a928,0x8d4178), ./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each. Running: minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e ================================================================= ==226185==ERROR: LeakSanitizer: detected memory leaks Direct leak of 2 byte(s) in 1 object(s) allocated from: #0 0x4d25d7 in strdup (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x4d25d7) #1 0x58e48f in set_config_net_hwaddr /home/vagrant/lxc/src/lxc/confile.c:654:14 #2 0x59af3b in set_config_net_nic /home/vagrant/lxc/src/lxc/confile.c:5276:9 #3 0x571c29 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2958:9 #4 0x61b0b2 in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9 #5 0x5710ed in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3035:9 #6 0x542cd6 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2 #7 0x449e8c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x449e8c) #8 0x42bbad in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42bbad) #9 0x432c50 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x432c50) #10 0x423136 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423136) #11 0x7f2cbb992081 in __libc_start_main (/lib64/libc.so.6+0x27081) SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s). ``` Signed-off-by:
-
Christian Brauner authored
Move all input sanity checks up and add two missing checks for the correct network type when using veth-vlan and vlan network types. Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32513Signed-off-by:
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558Signed-off-by:
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484Signed-off-by:
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32482Signed-off-by:
-
- 26 Mar, 2021 24 commits
-
-
Stéphane Graber authored
oss-fuzz: fixes
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32494Signed-off-by:
-
Christian Brauner authored
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32532Signed-off-by:
-
Christian Brauner authored
Signed-off-by: -
Stéphane Graber authored
oss-fuzz: fixes
-
Christian Brauner authored
We need to allow relative log paths. Signed-off-by: -
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32475Signed-off-by:
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
oss-fuzz: a few follow-up commits
-
Christian Brauner authored
network: handle name collisions when returning interfaces to host
-
Stéphane Graber authored
oss-fuzz: fixes
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32532Signed-off-by:
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32521Signed-off-by:
-
Christian Brauner authored
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32473Signed-off-by:
-
Christian Brauner authored
oss-fuzz: make it possible to build the fuzzer without docker
-
Stéphane Graber authored
confile: be stricter in config helpers
-
Christian Brauner authored
We never call these helper without an initialized config afaict but since we're now exposing these two functions to oss-fuzz directly in a way we never do to users so let's be stricter about it. Inspired-by: #3733 Signed-off-by: -
Stéphane Graber authored
log: dont create log file for fuzz builds
-
Christian Brauner authored
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32491Signed-off-by:
-
Christian Brauner authored
Fixes: #3730 Fixes: https://github.com/google/oss-fuzz/issues/5509Suggested-by:
-
Christian Brauner authored
Fixes: #3730 Fixes: https://github.com/google/oss-fuzz/issues/5509Signed-off-by:
-
Evgeny Vereshchagin authored
It should help to cover more code faster Signed-off-by: -
Evgeny Vereshchagin authored
Signed-off-by: -
Evgeny Vereshchagin authored
It's mostly a cosmetic change that should prevent the fuzzer from cluttering the "$OUT" directory (which OSS-Fuzz uses to build docker images): ``` Step #44: Already have image: gcr.io/oss-fuzz/lxc Step #44: adding: fuzz-lxc-config-read (deflated 67%) Step #44: adding: fuzz-lxc-config-read-WBWKxN (deflated 32%) Step #44: adding: fuzz-lxc-config-read_seed_corpus.zip (stored 0%) Step #44: adding: honggfuzz (deflated 66%) Step #44: adding: llvm-symbolizer (deflated 65%) ``` Signed-off-by:
-
