* 'fuzz' of https://github.com/evverx/util-linux:
tests: pack testcases into zip archives
tests: integrate test_last_fuzz into the testsuite
tests: add a fuzzer for process_wtmp_file
docs: mention OSS-Fuzz and CIFuzz and how to build fuzz targets locally
tools: make it possible to set all the fuzzing flags with config-gen
build-system: make "make distcheck" work
travis: set CXX correctly
travis: turn on --enable-fuzzing-engine
build-sys: add support for --enable-fuzzing-engine
tests: integrate test_mount_fuzz into the testsuite
tests: take exit codes into account
tests: add a fuzzer for mnt_table_parse_stream
We need to skip useless gaps between partition if the gap is no large
enough for a new partition. Unfortunately, the current code checks
size of the gap, but does not care for location of the gap -- this is
good enough for dialog driven partitioning, but it's pretty bad if
start of the partition is explicitly specified (e.g. sfdisk).
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1860461
Signed-off-by: Karel Zak <kzak@redhat.com>
* 'sscanf-specifiers' of https://github.com/evverx/util-linux:
travis: turn off libmount on OSX
cifuzz: turn on MSan
build-system: stop looking for %ms and %as
Now that the absence of the sscanf modifiers no longer prevents Travis from building libmount
automatically it seems util-linux is failing to compile there with
```
In file included from disk-utils/fsck.c:49:
[1m./libmount/src/libmount.h:32:10: [0m[0;1;31mfatal error: [0m[1m'mntent.h' file not found[0m
[0;1;32m ^~~~~~~~~~
[0m1 error generated.
make[2]: *** [disk-utils/fsck-fsck.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[1]: *** [all-recursive] Error 1
make: *** [all] Error 2
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Looks like those specifiers haven't been used since 6c9ab254ae
(where sscanf was removed) was merged. This should help to get
util-linux to compile with MSan. Currently it's failing with
```
...
configure: error: libmount selected, but required scanf string alloc modifier not available
...
configure:20240: ./conftest
==116617==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x496fd6 in main /home/vagrant/util-linux/conftest.c:171:6
#1 0x7f5eb85ea1a2 in __libc_start_main (/lib64/libc.so.6+0x271a2)
#2 0x41c2cd in _start (/home/vagrant/util-linux/conftest+0x41c2cd)
SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/vagrant/util-linux/conftest.c:171:6 in main
Exiting
configure:20240: $? = 77
...
configure:20265: $? = 0
configure:20265: ./conftest
MemorySanitizer: bad pointer 0x000000496e60
==116627==MemorySanitizer CHECK failed: /builddir/build/BUILD/compiler-rt-9.0.1.src/lib/msan/../sanitizer_common/sanitizer_allocator_secondary.h:177 "((IsAligned(reinterpret_cast<uptr>(p), page_size_))) != (0)" (0x0, 0x0)
#0 0x41d1d8 in MsanCheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/home/vagrant/util-linux/conftest+0x41d1d8)
#1 0x484e1e in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/home/vagrant/util-linux/conftest+0x484e1e)
#2 0x42066c in __msan::MsanDeallocate(__sanitizer::StackTrace*, void*) (/home/vagrant/util-linux/conftest+0x42066c)
#3 0x424bc9 in free (/home/vagrant/util-linux/conftest+0x424bc9)
#4 0x496fae in main /home/vagrant/util-linux/conftest.c:173:2
#5 0x7f2245f311a2 in __libc_start_main (/lib64/libc.so.6+0x271a2)
#6 0x41c2cd in _start (/home/vagrant/util-linux/conftest+0x41c2cd)
configure:20265: $? = 77
configure: program exited with status 77
...
| }
configure:22568: result: no
configure:22926: error: libmount selected, but required scanf string alloc modifier not available
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
so that the fuzz targets (along with everything else) can be built
and run with:
```
./tools/config-gen fuzz
make check
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
In its current form the testsuite isn't suitable for running
fuzz targets because it ignores exit codes and relies solely
on diffs (that unfortunately aren't helpful because the nondeterministic
nature of fuzz targets makes it kind of hard to specify expected output
in advance). This patch is supposed to address the "exit code" issue for now.
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
The fuzzer is supposed to cover `mnt_table_parse_stream`, which is
used by systemd to parse /proc/self/mountinfo. The systemd project
has run into memory leaks there at least twice:
https://github.com/systemd/systemd/pull/12252#issuecomment-482804040https://github.com/systemd/systemd/issues/8504
so it seems to be a good idea to continuously fuzz that particular
function.
The patch can be tested locally by installing clang and running
./tools/oss-fuzz.sh. Currently the fuzzer is failing with
```
=================================================================
==96638==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 216 byte(s) in 1 object(s) allocated from:
#0 0x50cd77 in calloc (/home/vagrant/util-linux/out/test_mount_fuzz+0x50cd77)
#1 0x58716a in mnt_new_fs /home/vagrant/util-linux/libmount/src/fs.c:36:25
#2 0x54f224 in __table_parse_stream /home/vagrant/util-linux/libmount/src/tab_parse.c:728:9
#3 0x54eed8 in mnt_table_parse_stream /home/vagrant/util-linux/libmount/src/tab_parse.c:804:8
#4 0x5448b2 in LLVMFuzzerTestOneInput /home/vagrant/util-linux/libmount/src/fuzz.c:19:16
#5 0x44cc88 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/util-linux/out/test_mount_fuzz+0x44cc88)
#6 0x44d8b0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) (/home/vagrant/util-linux/out/test_mount_fuzz+0x44d8b0)
#7 0x44e270 in fuzzer::Fuzzer::MutateAndTestOne() (/home/vagrant/util-linux/out/test_mount_fuzz+0x44e270)
#8 0x450617 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/home/vagrant/util-linux/out/test_mount_fuzz+0x450617)
#9 0x43adbb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/util-linux/out/test_mount_fuzz+0x43adbb)
#10 0x42ad46 in main (/home/vagrant/util-linux/out/test_mount_fuzz+0x42ad46)
#11 0x7fa084f621a2 in __libc_start_main (/lib64/libc.so.6+0x271a2)
SUMMARY: AddressSanitizer: 216 byte(s) leaked in 1 allocation(s).
INFO: to ignore leaks on libFuzzer side use -detect_leaks=0.
```
Once the bug is fixed and the OSS-Fuzz counterpart is merged it should be possible
to turn on CIFuzz to make sure the fuzz target can be built and run for some time
without crashing: https://google.github.io/oss-fuzz/getting-started/continuous-integration/
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Linux kernel assumes only 1KiB extended partition to avoid overlapping
with nested logical partitions. We need to follow this rule for
BLKPG_ADD_PARTITION.
Addresses: https://github.com/karelzak/util-linux/issues/1112
Signed-off-by: Karel Zak <kzak@redhat.com>
The page currently uses rather aggressive indenting, which doesn't
really improve readability, but does have cause ugly line filling.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Calling cfmakeraw disables terminal special character handling. For
example, Ctrl-C does not send SIGINT to scriptreplay. The following
fixes this.
tattr.c_lflag |= ISIG;
where tattr is the struct termios with which we are working.
It's not necessary to initialize a crypt_device, the function will do it
on its own if NULL is passed. Removes a few extra library calls.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Allows logs from the library to be printed by our system:
731814: libmount: VERITY: crypsetup: Device libmnt_img.raw already exists.
If the mount context is in verbose mode, enable all debug logs from
libcrypsetup as well.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Karel Zak
Evgeny Vereshchagin
Soumendra Ganguly
Michael Kerrisk (man-pages)
Chris Hofstaedtler
Luca Boccassi
SOUMENDRA GANGULY