Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzzer mods #328

Merged
merged 2 commits into from
Dec 17, 2024
Merged

Fuzzer mods #328

merged 2 commits into from
Dec 17, 2024

Conversation

dacav
Copy link
Contributor

@dacav dacav commented Dec 17, 2024
edited
Loading

A few changes I think would improve fuzzing :)

@dacav dacav requested a review from LDVG December 17, 2024 09:38
@dacav dacav self-assigned this Dec 17, 2024
@dacav dacav force-pushed the dacav/fuzzer_mods branch from bcdaac7 to fd333c5 Compare December 17, 2024 09:48
LDVG
LDVG reviewed Dec 17, 2024
View reviewed changes
fuzz/wrap.c Outdated Show resolved Hide resolved
fuzz/wrap.c Outdated Show resolved Hide resolved
@dacav
fuzz: defend against read(fd, NULL, size) and read(-1, buf, size)
785678f 
Under Linux the read call seems to accept NULL as a parameter:

  $ cat try.c
  #include <unistd.h>
  #include <err.h>

  int main(void)
  {
      int i = read(0, NULL, 4);

      err(1, "read");
      return 0;
  }
  $ make try
  cc     try.c   -o try
  $ ./try </dev/random
  try: read: Bad address

Such behaviour is not specified by POSIX, so we should
catch it.

Since we are at it, catching read(-1, ...) is probably a good
idea, since code that does that is arguably wrong.
@dacav dacav force-pushed the dacav/fuzzer_mods branch from fd333c5 to 9d1ef68 Compare December 17, 2024 12:05
@LDVG
Copy link
Contributor

LDVG commented Dec 17, 2024

I'd prefer a fuzz: prefix to the second commit, but LGTM

@dacav dacav force-pushed the dacav/fuzzer_mods branch from 9d1ef68 to a6e50d0 Compare December 17, 2024 15:03
@LDVG
Copy link
Contributor

LDVG commented Dec 17, 2024

Yay! Thanks!

@LDVG LDVG merged commit ba1fb88 into Yubico:main Dec 17, 2024
15 checks passed
@dacav dacav deleted the dacav/fuzzer_mods branch December 18, 2024 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LDVG LDVG LDVG approved these changes

Assignees

@dacav dacav

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dacav @LDVG