From: Evgeny Vereshchagin <evvers@ya.ru>
To: Mark Wielaard <mark@klomp.org>
Cc: elfutils-devel@sourceware.org, david korczynski <david@adalogics.com>
Subject: Re: Some fuzzer workarounds
Date: Fri, 18 Mar 2022 10:26:16 +0300 [thread overview]
Message-ID: <741FAE40-F8E9-4DA7-A160-E30A76210AC8@ya.ru> (raw)
In-Reply-To: <20220317133051.100876-1-mark@klomp.org>
Hi,
> I looked over the "ClusterFuzz-External via monorail" emails and found
> some "real" issues.
Given that the new fuzz targets seem to just fail to compile with
```
projects/elfutils/fuzz-libdwfl.c:48:10: error: unused variable 'res' [-Werror,-Wunused-variable]
Dwarf *res = dwfl_module_getdwarf(mod, &bias);
^
1 error generated.
```
I think before looking at those reports it would make sense to figure out what they are supposed to
test and how they were tested to make sure they don't produce false positives. If they
weren't actually tested I think it would make sense to revert them to avoid getting auto-generated CVEs
until they're in more or less good shape at least.
> There are also some other
> misaligned type access checks reported by ubsan, but I don't know if
> that is because of ALLOW_UNALIGNED is still defined or not (when
> configuring with --enable-analyze-undefined ALLOW_UNALIGNED is not
> defined, otherwise it is for some arches, including x86_64).
Looking at https://github.com/google/oss-fuzz/commit/8747524f04b1b906d4a21a6ade87f7803b3f9b8c, I think
I turned ALLOW_UNALIGNED off with UBSan there (and tested it in https://sourceware.org/bugzilla/show_bug.cgi?id=28720).
Thanks,
Evgeny Vereshchagin
next prev parent reply other threads:[~2022-03-18 7:26 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-17 13:30 Mark Wielaard
2022-03-17 13:30 ` [PATCH 1/2] libelf: Take map offset into account for Shdr alignment check in elf_begin Mark Wielaard
2022-03-17 13:30 ` [PATCH 2/2] libelf: Make sure ar_size starts with a digit before calling atol Mark Wielaard
2022-03-18 9:11 ` Evgeny Vereshchagin
2022-03-18 11:44 ` Mark Wielaard
2022-03-18 13:18 ` Evgeny Vereshchagin
2022-03-18 7:26 ` Evgeny Vereshchagin [this message]
2022-03-19 11:08 ` Some fuzzer workarounds Evgeny Vereshchagin
2022-03-21 2:24 ` Evgeny Vereshchagin
2022-03-21 10:50 ` Mark Wielaard
2022-03-21 11:10 ` Evgeny Vereshchagin
2022-03-21 14:33 ` Evgeny Vereshchagin
2022-03-21 17:30 ` Mark Wielaard
2022-03-21 18:01 ` Evgeny Vereshchagin
2022-03-22 16:59 ` Evgeny Vereshchagin
2022-03-23 0:35 ` Mark Wielaard
2022-03-23 1:15 ` Evgeny Vereshchagin
2022-03-23 9:21 ` Mark Wielaard
2022-03-21 10:57 ` Mark Wielaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=741FAE40-F8E9-4DA7-A160-E30A76210AC8@ya.ru \
--to=evvers@ya.ru \
--cc=david@adalogics.com \
--cc=elfutils-devel@sourceware.org \
--cc=mark@klomp.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).