Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: cf0f7aba41f5a7475ca5755f1a3f6f7ceca41336
https://github.com/lxc/lxc/commit/cf0f7aba41f5a7475ca5755f1a3f6f7ceca41336
Author: Evgeny Vereshchagin <[email protected]>
Date: 2021-03-28 (Sun, 28 Mar 2021)
Changed paths:
M .github/workflows/cifuzz.yml
Log Message:
-----------
cifuzz: turn on MSan
Signed-off-by: Evgeny Vereshchagin <[email protected]>
Commit: f6727edbf7af86f4373f0c750c836e3a8f1d23d9
https://github.com/lxc/lxc/commit/f6727edbf7af86f4373f0c750c836e3a8f1d23d9
Author: Evgeny Vereshchagin <[email protected]>
Date: 2021-03-28 (Sun, 28 Mar 2021)
Changed paths:
M src/lxc/string_utils.c
Log Message:
-----------
string_utils: work around an MSan false positive
MSan doesn't instrument stpncpy
(https://github.com/google/sanitizers/issues/926),
which causes the fuzzer to fail with:
```
$ cat ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
lxc.console.size=123
$ ./out/fuzz-lxc-config-read
../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
INFO: Seed: 3561494591
INFO: Loaded 1 modules (18795 inline 8-bit counters): 18795 [0x866b98,
0x86b503),
INFO: Loaded 1 PC tables (18795 PCs): 18795 [0x86b508,0x8b4bb8),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
==850885==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x6b3e7f in parse_byte_size_string
/home/vagrant/lxc/src/lxc/string_utils.c:912:6
#1 0x550991 in set_config_console_size
/home/vagrant/lxc/src/lxc/confile.c:2483:8
#2 0x5346e2 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2962:9
#3 0x64b3cd in lxc_file_for_each_line_mmap
/home/vagrant/lxc/src/lxc/parse.c:125:9
#4 0x53340c in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3039:9
#5 0x4e7ec2 in LLVMFuzzerTestOneInput
/home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
#6 0x44ad2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*,
unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x44ad2c)
#7 0x42ca4d in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned
long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42ca4d)
#8 0x433af0 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char
const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x433af0)
#9 0x423ff6 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423ff6)
#10 0x7f79bdc89081 in __libc_start_main (/lib64/libc.so.6+0x27081)
#11 0x42402d in _start (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42402d)
Uninitialized value was created by an allocation of 'dup' in the stack frame
of function 'parse_byte_size_string'
#0 0x6b3330 in parse_byte_size_string
/home/vagrant/lxc/src/lxc/string_utils.c:901
SUMMARY: MemorySanitizer: use-of-uninitialized-value
/home/vagrant/lxc/src/lxc/string_utils.c:912:6 in parse_byte_size_string
Exiting
```
Closes https://oss-fuzz.com/testcase-detail/5829890470445056
Signed-off-by: Evgeny Vereshchagin <[email protected]>
Commit: 86624ee4a5b2c497c3346802c302bf5c9ec5140a
https://github.com/lxc/lxc/commit/86624ee4a5b2c497c3346802c302bf5c9ec5140a
Author: Christian Brauner <[email protected]>
Date: 2021-03-29 (Mon, 29 Mar 2021)
Changed paths:
M .github/workflows/cifuzz.yml
M src/lxc/string_utils.c
Log Message:
-----------
Merge pull request #3746 from evverx/CIFuzz-unblock-msan
CIFuzz: turn on MSan
Compare: https://github.com/lxc/lxc/compare/be43adcda979...86624ee4a5b2
_______________________________________________
lxc-devel mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-devel
