Evgeny Vereshchagin ccdc47b7f5 tests: add a fuzzer for mnt_table_parse_stream ... The fuzzer is supposed to cover `mnt_table_parse_stream`, which is used by systemd to parse /proc/self/mountinfo. The systemd project has run into memory leaks there at least twice: https://github.com/systemd/systemd/pull/12252#issuecomment-482804040 https://github.com/systemd/systemd/issues/8504 so it seems to be a good idea to continuously fuzz that particular function. The patch can be tested locally by installing clang and running ./tools/oss-fuzz.sh. Currently the fuzzer is failing with ``` ================================================================= ==96638==ERROR: LeakSanitizer: detected memory leaks Direct leak of 216 byte(s) in 1 object(s) allocated from: #0 0x50cd77 in calloc (/home/vagrant/util-linux/out/test_mount_fuzz+0x50cd77) #1 0x58716a in mnt_new_fs /home/vagrant/util-linux/libmount/src/fs.c:36:25 #2 0x54f224 in __table_parse_stream /home/vagrant/util-linux/libmount/src/tab_parse.c:728:9 #3 0x54eed8 in mnt_table_parse_stream /home/vagrant/util-linux/libmount/src/tab_parse.c:804:8 #4 0x5448b2 in LLVMFuzzerTestOneInput /home/vagrant/util-linux/libmount/src/fuzz.c:19:16 #5 0x44cc88 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/util-linux/out/test_mount_fuzz+0x44cc88) #6 0x44d8b0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) (/home/vagrant/util-linux/out/test_mount_fuzz+0x44d8b0) #7 0x44e270 in fuzzer::Fuzzer::MutateAndTestOne() (/home/vagrant/util-linux/out/test_mount_fuzz+0x44e270) #8 0x450617 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/home/vagrant/util-linux/out/test_mount_fuzz+0x450617) #9 0x43adbb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/util-linux/out/test_mount_fuzz+0x43adbb) #10 0x42ad46 in main (/home/vagrant/util-linux/out/test_mount_fuzz+0x42ad46) #11 0x7fa084f621a2 in __libc_start_main (/lib64/libc.so.6+0x271a2) SUMMARY: AddressSanitizer: 216 byte(s) leaked in 1 allocation(s). INFO: to ignore leaks on libFuzzer side use -detect_leaks=0. ``` Once the bug is fixed and the OSS-Fuzz counterpart is merged it should be possible to turn on CIFuzz to make sure the fuzz target can be built and run for some time without crashing: https://google.github.io/oss-fuzz/getting-started/continuous-integration/ Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>		2020-08-06 12:33:11 +00:00
..
config-gen.d	tools: remove changes merged by accident	2020-07-23 11:22:42 +02:00
smatch-data	tools: add hexdump badconv() to noreturn smatch list	2015-08-05 13:18:40 +02:00
Makemodule.am	build-sys: fix chown mistake, add checkusage.sh to the dist	2017-06-26 21:00:09 +02:00
checkcompletion.sh	tools: add missing checkcompletion.sh	2016-03-17 14:34:29 +01:00
checkconfig.sh	tools: add usage information to checkconfig.sh	2014-02-17 14:04:35 +01:00
checkdecl.sh	cleanup: Remove some spurious spaces	2019-10-01 13:01:43 +02:00
checkincludes.pl	cleanup: Remove some spurious spaces	2019-10-01 13:01:43 +02:00
checklibdocs.sh	build-sys: add 'make checklibdoc'	2019-04-24 18:02:39 +02:00
checkmans.sh	tools: improve checkmans	2018-03-01 13:52:07 +01:00
checkusage.sh	tools: add segfault detection for checkusage.sh	2017-06-29 14:04:29 +02:00
checkxalloc.sh	checkxalloc: nudge regex, fix newfound instances	2012-03-20 09:44:40 +01:00
config-gen	cleanup: Remove some spurious spaces	2019-10-01 13:01:43 +02:00
config-gen-functions.sh	cleanup: Remove some spurious spaces	2019-10-01 13:01:43 +02:00
git-tp-sync	tools: add script to load .po from translationproject.org	2016-05-25 15:28:42 +02:00
git-version-gen	build-sys: use sed to substitute	2016-11-29 14:25:23 +01:00
ko-release-gen	cleanup: Remove some spurious spaces	2019-10-01 13:01:43 +02:00
ko-release-push	cleanup: Remove some spurious spaces	2019-10-01 13:01:43 +02:00
oss-fuzz.sh	tests: add a fuzzer for mnt_table_parse_stream	2020-08-06 12:33:11 +00:00