|
|
4fbe94 |
From e7077e3a551a3faedfcc3d007de6a72fb5e1df62 Mon Sep 17 00:00:00 2001
|
|
|
4fbe94 |
From: Evgeny Vereshchagin <evvers@ya.ru>
|
|
|
4fbe94 |
Date: Tue, 20 Nov 2018 01:20:32 +0100
|
|
|
4fbe94 |
Subject: [PATCH] tests: add a fuzzer for journald streams
|
|
|
4fbe94 |
|
|
|
4fbe94 |
(cherry picked from commit 9541f5ff5c637bb1b3e3c69706cb73e68ff06813)
|
|
|
4fbe94 |
|
|
|
4fbe94 |
Resolves: #1764560
|
|
|
4fbe94 |
---
|
|
|
4fbe94 |
src/fuzz/fuzz-journald-stream.c | 35 ++++++++++++++++++++++++++++
|
|
|
4fbe94 |
src/fuzz/fuzz-journald.c | 10 +++++---
|
|
|
4fbe94 |
src/fuzz/meson.build | 6 +++++
|
|
|
4fbe94 |
src/journal/journald-stream.c | 4 ++--
|
|
|
4fbe94 |
src/journal/journald-stream.h | 2 ++
|
|
|
4fbe94 |
test/fuzz/fuzz-journald-stream/basic | 8 +++++++
|
|
|
4fbe94 |
6 files changed, 60 insertions(+), 5 deletions(-)
|
|
|
4fbe94 |
create mode 100644 src/fuzz/fuzz-journald-stream.c
|
|
|
4fbe94 |
create mode 100644 test/fuzz/fuzz-journald-stream/basic
|
|
|
4fbe94 |
|
|
|
4fbe94 |
diff --git a/src/fuzz/fuzz-journald-stream.c b/src/fuzz/fuzz-journald-stream.c
|
|
|
4fbe94 |
new file mode 100644
|
|
|
4fbe94 |
index 0000000000..247c0889bc
|
|
|
4fbe94 |
--- /dev/null
|
|
|
4fbe94 |
+++ b/src/fuzz/fuzz-journald-stream.c
|
|
|
4fbe94 |
@@ -0,0 +1,35 @@
|
|
|
4fbe94 |
+/* SPDX-License-Identifier: LGPL-2.1+ */
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+#include <linux/sockios.h>
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+#include "fd-util.h"
|
|
|
4fbe94 |
+#include "fuzz.h"
|
|
|
4fbe94 |
+#include "fuzz-journald.h"
|
|
|
4fbe94 |
+#include "journald-stream.h"
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+static int stream_fds[2] = { -1, -1 };
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
|
|
4fbe94 |
+ Server s;
|
|
|
4fbe94 |
+ StdoutStream *stream;
|
|
|
4fbe94 |
+ int v;
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+ if (size == 0)
|
|
|
4fbe94 |
+ return 0;
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+ if (!getenv("SYSTEMD_LOG_LEVEL"))
|
|
|
4fbe94 |
+ log_set_max_level(LOG_CRIT);
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+ assert_se(socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0, stream_fds) >= 0);
|
|
|
4fbe94 |
+ dummy_server_init(&s, NULL, 0);
|
|
|
4fbe94 |
+ assert_se(stdout_stream_install(&s, stream_fds[0], &stream) >= 0);
|
|
|
4fbe94 |
+ assert_se(write(stream_fds[1], data, size) == (ssize_t) size);
|
|
|
4fbe94 |
+ while (ioctl(stream_fds[0], SIOCINQ, &v) == 0 && v)
|
|
|
4fbe94 |
+ sd_event_run(s.event, (uint64_t) -1);
|
|
|
4fbe94 |
+ if (s.n_stdout_streams)
|
|
|
4fbe94 |
+ stdout_stream_destroy(stream);
|
|
|
4fbe94 |
+ server_done(&s);
|
|
|
4fbe94 |
+ stream_fds[1] = safe_close(stream_fds[1]);
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+ return 0;
|
|
|
4fbe94 |
+}
|
|
|
4fbe94 |
diff --git a/src/fuzz/fuzz-journald.c b/src/fuzz/fuzz-journald.c
|
|
|
4fbe94 |
index 0659b92ba3..950e885cae 100644
|
|
|
4fbe94 |
--- a/src/fuzz/fuzz-journald.c
|
|
|
4fbe94 |
+++ b/src/fuzz/fuzz-journald.c
|
|
|
4fbe94 |
@@ -15,11 +15,15 @@ void dummy_server_init(Server *s, const uint8_t *buffer, size_t size) {
|
|
|
4fbe94 |
.hostname_fd = -1,
|
|
|
4fbe94 |
.notify_fd = -1,
|
|
|
4fbe94 |
.storage = STORAGE_NONE,
|
|
|
4fbe94 |
+ .line_max = 64,
|
|
|
4fbe94 |
};
|
|
|
4fbe94 |
assert_se(sd_event_default(&s->event) >= 0);
|
|
|
4fbe94 |
- s->buffer = memdup_suffix0(buffer, size);
|
|
|
4fbe94 |
- assert_se(s->buffer);
|
|
|
4fbe94 |
- s->buffer_size = size + 1;
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+ if (buffer) {
|
|
|
4fbe94 |
+ s->buffer = memdup_suffix0(buffer, size);
|
|
|
4fbe94 |
+ assert_se(s->buffer);
|
|
|
4fbe94 |
+ s->buffer_size = size + 1;
|
|
|
4fbe94 |
+ }
|
|
|
4fbe94 |
}
|
|
|
4fbe94 |
|
|
|
4fbe94 |
void fuzz_journald_processing_function(
|
|
|
4fbe94 |
diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build
|
|
|
4fbe94 |
index 897c02e4ae..eea9117360 100644
|
|
|
4fbe94 |
--- a/src/fuzz/meson.build
|
|
|
4fbe94 |
+++ b/src/fuzz/meson.build
|
|
|
4fbe94 |
@@ -51,6 +51,12 @@ fuzzers += [
|
|
|
4fbe94 |
libshared],
|
|
|
4fbe94 |
[libselinux]],
|
|
|
4fbe94 |
|
|
|
4fbe94 |
+ [['src/fuzz/fuzz-journald-stream.c',
|
|
|
4fbe94 |
+ 'src/fuzz/fuzz-journald.c'],
|
|
|
4fbe94 |
+ [libjournal_core,
|
|
|
4fbe94 |
+ libshared],
|
|
|
4fbe94 |
+ [libselinux]],
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
[['src/fuzz/fuzz-journald-syslog.c',
|
|
|
4fbe94 |
'src/fuzz/fuzz-journald.c'],
|
|
|
4fbe94 |
[libjournal_core,
|
|
|
4fbe94 |
diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c
|
|
|
4fbe94 |
index dbf3503a82..6f8a4011ff 100644
|
|
|
4fbe94 |
--- a/src/journal/journald-stream.c
|
|
|
4fbe94 |
+++ b/src/journal/journald-stream.c
|
|
|
4fbe94 |
@@ -125,7 +125,7 @@ void stdout_stream_free(StdoutStream *s) {
|
|
|
4fbe94 |
|
|
|
4fbe94 |
DEFINE_TRIVIAL_CLEANUP_FUNC(StdoutStream*, stdout_stream_free);
|
|
|
4fbe94 |
|
|
|
4fbe94 |
-static void stdout_stream_destroy(StdoutStream *s) {
|
|
|
4fbe94 |
+void stdout_stream_destroy(StdoutStream *s) {
|
|
|
4fbe94 |
if (!s)
|
|
|
4fbe94 |
return;
|
|
|
4fbe94 |
|
|
|
4fbe94 |
@@ -534,7 +534,7 @@ terminate:
|
|
|
4fbe94 |
return 0;
|
|
|
4fbe94 |
}
|
|
|
4fbe94 |
|
|
|
4fbe94 |
-static int stdout_stream_install(Server *s, int fd, StdoutStream **ret) {
|
|
|
4fbe94 |
+int stdout_stream_install(Server *s, int fd, StdoutStream **ret) {
|
|
|
4fbe94 |
_cleanup_(stdout_stream_freep) StdoutStream *stream = NULL;
|
|
|
4fbe94 |
sd_id128_t id;
|
|
|
4fbe94 |
int r;
|
|
|
4fbe94 |
diff --git a/src/journal/journald-stream.h b/src/journal/journald-stream.h
|
|
|
4fbe94 |
index bc5622ab3b..487376e763 100644
|
|
|
4fbe94 |
--- a/src/journal/journald-stream.h
|
|
|
4fbe94 |
+++ b/src/journal/journald-stream.h
|
|
|
4fbe94 |
@@ -10,4 +10,6 @@ int server_open_stdout_socket(Server *s);
|
|
|
4fbe94 |
int server_restore_streams(Server *s, FDSet *fds);
|
|
|
4fbe94 |
|
|
|
4fbe94 |
void stdout_stream_free(StdoutStream *s);
|
|
|
4fbe94 |
+int stdout_stream_install(Server *s, int fd, StdoutStream **ret);
|
|
|
4fbe94 |
+void stdout_stream_destroy(StdoutStream *s);
|
|
|
4fbe94 |
void stdout_stream_send_notify(StdoutStream *s);
|
|
|
4fbe94 |
diff --git a/test/fuzz/fuzz-journald-stream/basic b/test/fuzz/fuzz-journald-stream/basic
|
|
|
4fbe94 |
new file mode 100644
|
|
|
4fbe94 |
index 0000000000..a088f1a539
|
|
|
4fbe94 |
--- /dev/null
|
|
|
4fbe94 |
+++ b/test/fuzz/fuzz-journald-stream/basic
|
|
|
4fbe94 |
@@ -0,0 +1,8 @@
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+
|
|
|
4fbe94 |
+6
|
|
|
4fbe94 |
+1
|
|
|
4fbe94 |
+0
|
|
|
4fbe94 |
+0
|
|
|
4fbe94 |
+0
|
|
|
4fbe94 |
+hey
|
|
|
4fbe94 |
\ No newline at end of file
|