Add a new fuzz test for the commit graph and fix a buffer read-overflow
that it discovered. Additionally, fix the Makefile instructions for
building fuzzers.
Changes since V4:
* Ensure that corrupt_graph_and_verify() in t5318 changes to the
proper directory before accessing any files.
Changes since V3:
* Improve portability of the new test functionality.
* Fix broken &&-chains in tests.
Changes since V2:
* Avoid pointer arithmetic overflow when checking the graph's chunk
count.
* Merge the corrupt_graph_and_verify and
corrupt_and_zero_graph_then_verify test functions.
Josh Steadmon (3):
commit-graph, fuzz: Add fuzzer for commit-graph
commit-graph: fix buffer read-overflow
Makefile: correct example fuzz build
Josh Steadmon (3):
commit-graph, fuzz: Add fuzzer for commit-graph
commit-graph: fix buffer read-overflow
Makefile: correct example fuzz build
.gitignore | 1 +
Makefile | 3 +-
commit-graph.c | 67 +++++++++++++++++++++++++++++------------
commit-graph.h | 3 ++
fuzz-commit-graph.c | 16 ++++++++++
t/t5318-commit-graph.sh | 16 ++++++++--
6 files changed, 83 insertions(+), 23 deletions(-)
create mode 100644 fuzz-commit-graph.c
Range-diff against v4:
1: 80b5662f30 ! 1: a3b5d33c4b commit-graph: fix buffer read-overflow
@@ -52,12 +52,12 @@
# and places the output in the file 'err'. Test 'err' for
# the given string.
corrupt_graph_and_verify() {
- pos=$1
+@@
data="${2:-\0}"
grepstr=$3
+ cd "$TRASH_DIRECTORY/full" &&
+ orig_size=$(wc -c < $objdir/info/commit-graph) &&
+ zero_pos=${4:-${orig_size}} &&
- cd "$TRASH_DIRECTORY/full" &&
test_when_finished mv commit-graph-backup $objdir/info/commit-graph &&
cp $objdir/info/commit-graph commit-graph-backup &&
printf "$data" | dd of="$objdir/info/commit-graph" bs=1 seek="$pos"
conv=notrunc &&
2: 21101b961a = 2: 350ea5f7c9 Makefile: correct example fuzz build
--
2.20.1.97.g81188d93c3-goog
