1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00
Commit Graph

49994 Commits

Author SHA1 Message Date
Lennart Poettering
4838dc4f2b resolved: handle multiple CNAME redirects in a single reply from upstream
www.netflix.com responds with a chain of CNAMEs in the same packet.
Let's handle that properly (so far we only followed CNAMEs a single step
when in the same packet)

Fixes: #18819
2021-03-06 14:04:10 +01:00
Lennart Poettering
d29958261a resolved: tighten checks in dns_resource_record_get_cname_target()
Let's refuse to consider CNAME/DNAME replies matching for RR types where
that is not really conceptually allow (i.e. on CNAME/DNAME lookups
themselves).

(And add a similar check to dns_resource_key_match_cname_or_dname() too,
which implements a smilar match)
2021-03-06 13:33:50 +01:00
Lennart Poettering
e0ae456a55 dns-query: export CNAME_MAX, so that we can use it in other files, too
Let's rename it a bit, to be more explanatory while exporting it.

(And let's bump the CNAME limit to 16 — 8 just sounded so little)
2021-03-06 13:33:50 +01:00
Yu Watanabe
2541462f1b
Merge pull request #18890 from keszybz/fuzz-bus-match
Add fuzzers for bus match parsing code
2021-03-06 20:35:38 +09:00
Zbigniew Jędrzejewski-Szmek
7a39ec2e3e sd-bus: remove unnecessary variable
Also use structued initialization in one more place, use '\0' for NUL bytes,
and move variable to the right block (the code was OK, but it is strange to
have 'char *value' defined in a different scope then 'size_t value_allocated').
2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
48eb2af68a docs: document fuzzer variables 2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
c1c9510c9b fuzz-main: allow the number of runs to be overridden
This is useful when debugging.
2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
8df3f44c90 sd-bus: fix memleak in failure path in bus_match_parse() 2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
f92d8e4446 fuzz-bus-match: add example from bugzilla#1935084
The fuzzer seems to have no trouble with this sample. It seems that the
problem reported in the bug is not caused by the match parsing code. But
let's add the sample just in case.

https://bugzilla.redhat.com/show_bug.cgi?id=1935084
2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
84f11eda20 fuzz-bus-match: new fuzzer
This fuzzer is based on test-bus-match. Even the initial corpus is
derived entirely from it.

https://bugzilla.redhat.com/show_bug.cgi?id=1935084 shows an crash
in bus_match_parse(). I checked the coverage stats on oss-fuzz, and
sadly existing fuzzing did not cover this code at all.
2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
dd2e9b7658 test-bus-match: small modernization 2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
c25eb44aef sd-bus: avoid alloc and missing oom check in bus_match_dump() 2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
fc561c8eac sd-bus: let bus_match_dump() take an output file 2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
5963e6f43c sd-bus: fix memstream buffer extraction
I'm getting the following error under valgrind:

==305970== Invalid free() / delete / delete[] / realloc()
==305970==    at 0x483E9F1: free (vg_replace_malloc.c:538)
==305970==    by 0x4012CD: mfree (alloc-util.h:48)
==305970==    by 0x4012EF: freep (alloc-util.h:83)
==305970==    by 0x4017F4: LLVMFuzzerTestOneInput (fuzz-bus-match.c:58)
==305970==    by 0x401A58: main (fuzz-main.c:39)
==305970==  Address 0x59972f0 is 0 bytes inside a block of size 8,192 free'd
==305970==    at 0x483FCE4: realloc (vg_replace_malloc.c:834)
==305970==    by 0x4C986F7: _IO_mem_finish (in /usr/lib64/libc-2.33.so)
==305970==    by 0x4C8F5E0: fclose@@GLIBC_2.2.5 (in /usr/lib64/libc-2.33.so)
==305970==    by 0x49D2CDB: fclose_nointr (fd-util.c:108)
==305970==    by 0x49D2D3D: safe_fclose (fd-util.c:124)
==305970==    by 0x4A4BCCC: fclosep (fd-util.h:41)
==305970==    by 0x4A4E00F: bus_match_to_string (bus-match.c:859)
==305970==    by 0x4016C2: LLVMFuzzerTestOneInput (fuzz-bus-match.c:58)
==305970==    by 0x401A58: main (fuzz-main.c:39)
==305970==  Block was alloc'd at
==305970==    at 0x483FAE5: calloc (vg_replace_malloc.c:760)
==305970==    by 0x4C98787: open_memstream (in /usr/lib64/libc-2.33.so)
==305970==    by 0x49D56D6: open_memstream_unlocked (fileio.c:97)
==305970==    by 0x4A4DEC5: bus_match_to_string (bus-match.c:859)
==305970==    by 0x4016C2: LLVMFuzzerTestOneInput (fuzz-bus-match.c:58)
==305970==    by 0x401A58: main (fuzz-main.c:39)
==305970==

So the fclose() which is called from _cleanup_fclose_ clearly reallocates the
buffer (maybe to save memory?). open_memstream(3) says:

  The locations referred to by these pointers are updated each time the
  stream is flushed (fflush(3)) and  when the stream is closed (fclose(3)).

This seems to mean that we should close the stream first before grabbing the
buffer pointer.
2021-03-06 09:32:18 +01:00
Zbigniew Jędrzejewski-Szmek
49ba1522fc fuzz-bus-message: move sources to src/libsystemd/
There's also fuzz-bus-label, but despite the name, it tests code that is in
src/shared/, so it shouldn't move.
2021-03-06 09:27:09 +01:00
Zbigniew Jędrzejewski-Szmek
4ff42f8327 bus/bus-match: use "ret_" prefix for output parameters 2021-03-06 09:26:57 +01:00
Zbigniew Jędrzejewski-Szmek
fd5b9b8473 bus/bus-match: inline iterator variable declarations 2021-03-06 09:24:47 +01:00
Yu Watanabe
f6b54e5280 format-table: fix potentail memleak and invalid-free 2021-03-06 09:23:38 +01:00
Yu Watanabe
5a12d1ca1a fstab-generator: fix typo 2021-03-06 08:52:43 +01:00
Michal Sekletar
996c83903d udev: run link_update() with increased retry count in second invocation
In PR #17431 we have introduced retry loop in link_update() in order to
maximize the chance that we end up with correct target when there are
multiple contenders for given symlink.

Number of iterations in retry loop is either 1 or
LINK_UPDATE_MAX_RETRIES, depending on the value of 'initialized' db
flag. When device appears for the first time we need to set the
flag before calling link_update() via update_devnode() for the second
time to make sure we run the second invocation with higher retry loop
counter.
2021-03-06 15:33:05 +09:00
Yu Watanabe
c2cbe05708
Merge pull request #18896 from poettering/no-localhost-ipv6
if ipv6 is turned off, don't synthesize localhost as ::1 ever
2021-03-06 11:28:38 +09:00
Frantisek Sumsal
3b5fc147d6 test: disable at_exit LSan check for dbus.service
When running integration tests under sanitizers D-Bus fails to
shutdown cleanly, causing unnecessary noise in the logs:

```
dbus-daemon[272]: ==272==LeakSanitizer has encountered a fatal error.
dbus-daemon[272]: ==272==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
dbus-daemon[272]: ==272==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
```

Since we're not "sanitizing" D-Bus anyway let's disable LSan's at_exit
check for the dbus.service to get rid of this error.
2021-03-06 11:27:04 +09:00
Luca Boccassi
4f67a5d923 dissect: avoid overflow access by NULLSTR_FOREACH
NULLSTR_FOREACH expects two terminating NULs, but the joined string
for extension-release.d only had the canonical one.
Use a placeholder when joining and fix it manually.
2021-03-06 11:26:41 +09:00
Lennart Poettering
07a7441a1c socket-util: refuse "all" and "default" as valid ifnames
Let's avoid collisions with special sysctls.
2021-03-06 11:26:18 +09:00
Luca Boccassi
5d5b6442a2
Merge pull request #18875 from keszybz/localed-error
localed: return error when setting a non-installed keymap
2021-03-05 22:50:41 +00:00
ChopperRob
39815435d0
Update 60-sensor.hwdb (#18884)
added support for the Lenovo IdeaPad D330-10IGM screen orientation
2021-03-06 06:11:26 +09:00
Lennart Poettering
747b596ff8 resolved: never return ::1 when localhost or local hostname is resolved while IPv6 is off in the kernel
Fixes: #18812
2021-03-05 20:51:43 +01:00
Lennart Poettering
83e03c4fc2 socket-util: add helper for checking if IPv6 is enabled 2021-03-05 20:51:43 +01:00
Lennart Poettering
571ec995fe socket-util: cache result of socket_ipv6_is_supported()
And while we are at it, log about unexpected errors.
2021-03-05 20:51:43 +01:00
Lennart Poettering
b0ffd2760c basic: move shared/sysctl-util.[ch] → basic/
This is self-contained ans allows us later to use the provided APIs from
other code in src/basic/
2021-03-05 20:41:07 +01:00
Lennart Poettering
4b30f2e135 sysctl-util: use read_full_virtual_file() for reading sysctls
Given these files are part of procfs, let's use the correct API calls
for reading them.

This changes one occasion of read_one_line_file() to
read_full_virtual_file(), which superficially is a different thing, but
shouldn't actually be a difference, since sysctls can't be longer than
4K anyway, and the piecemeal logic behind read_one_line_file() cannot
work with the special semantics of procfs anyway.
2021-03-05 20:38:51 +01:00
Zbigniew Jędrzejewski-Szmek
63dc82d378
Merge pull request #18852 from yuwata/tree-wide-use-UINT64_MAX
tree-wide: use UINT64_MAX or friends
2021-03-05 17:51:34 +01:00
Frantisek Sumsal
3ee0cf339b
Merge pull request #18885 from yuwata/udev-fix-import-program-rhbz-1935062
udev: fix importing program result
2021-03-05 14:19:21 +01:00
Yu Watanabe
3509c7874b test: add test for IMPORT{program}= udev rule 2021-03-05 18:39:38 +09:00
Yu Watanabe
1ebcf47296 test: merge udev tests 2021-03-05 18:36:04 +09:00
Yu Watanabe
275334c562
Merge pull request #18873 from yuwata/use-config-parse-many-and-null-or-empty-path
tree-wide: use config_parse_many() and null_or_empty_path()
2021-03-05 11:34:54 +09:00
Yu Watanabe
986c0edfcb dhcp-server: also append specified additional options and vendor specific option on DHCP_OFFER
Fixes #15780.
2021-03-05 11:34:32 +09:00
Yu Watanabe
daceb818cf udev: also not unescape command result on debug log 2021-03-05 11:31:30 +09:00
Yu Watanabe
86c783d93d udev: do not unescape command result
This fixes a bug introduced by 28a5065149.

Fixes RHBZ#1935062 (https://bugzilla.redhat.com/show_bug.cgi?id=1935062).
2021-03-05 09:42:56 +09:00
Yu Watanabe
f385c44787 strv: introduce strv_split_newlines_full() 2021-03-05 09:29:57 +09:00
Alastair Pharo
329998b365
hwdb: add fuzz for Dell Latitude E7470 (#18876) 2021-03-05 10:10:54 +10:00
Yu Watanabe
0efaa4843e install: use null_or_empty_path() 2021-03-05 08:09:05 +09:00
Yu Watanabe
4e54a17dbb network: use null_or_empty_path()
This also drops unnecessary fseek().
2021-03-05 08:09:05 +09:00
Yu Watanabe
e8e2788dab udev/net: use null_or_empty_path() 2021-03-05 08:09:05 +09:00
Yu Watanabe
e406e8a29a udev/net: make .link files support drop-in config 2021-03-05 08:09:01 +09:00
Lennart Poettering
bb72c43485 copy: move sync_rights() to copy.c and rename copy_rights()
It's so similar to copy_access(), hence let's move it over and rename it
in similar style to the rest of the functions.

No change in behaviour, just moving things over.
2021-03-04 22:35:52 +00:00
Lennart Poettering
e1aec57dd1 copy: simplify error paths when creating temporary files 2021-03-05 07:12:51 +09:00
Yu Watanabe
4e5cbc4b17 efi: introduce UINT32_MAX and UINT64_MAX 2021-03-05 07:10:13 +09:00
Yu Watanabe
f5fbe71d95 tree-wide: use UINT64_MAX or friends 2021-03-05 07:10:13 +09:00
Yu Watanabe
ef1e0b9a46 table: drop last SIZE_MAX from table_set_sort() and table_set_display() 2021-03-05 07:10:13 +09:00