2018-01-19 09:54:30 +03:00
# SPDX-License-Identifier: LGPL-2.1+
#
# Copyright 2018 Zbigniew Jędrzejewski-Szmek
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# systemd is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
sanitize_address = custom_target (
'sanitize-address-fuzzers' ,
output : 'sanitize-address-fuzzers' ,
command : [ meson_build_sh ,
meson . source_root ( ) ,
'@OUTPUT@' ,
'fuzzers' ,
'-Db_lundef=false -Db_sanitize=address' ] )
2018-03-14 16:27:04 +03:00
sanitizers = [ [ 'address' , sanitize_address ] ]
2018-01-19 09:54:30 +03:00
fuzz_regression_tests = '' '
2018-03-14 16:27:04 +03:00
fuzz - dns - packet / oss - fuzz - 5465
fuzz - dns - packet / issue - 7888
2018-03-14 16:31:24 +03:00
fuzz - unit - file / oss - fuzz - 6884
2018-03-13 14:25:06 +03:00
fuzz - unit - file / oss - fuzz - 6885
2018-03-13 14:51:08 +03:00
fuzz - unit - file / oss - fuzz - 6886
2018-03-15 13:42:00 +03:00
fuzz - unit - file / oss - fuzz - 6892
2018-03-16 14:02:54 +03:00
fuzz - unit - file / oss - fuzz - 6897
fuzz - unit - file / oss - fuzz - 6897 - evverx
core/load-fragment: reject overly long paths early
No need to go through the specifier_printf() if the path is already too long in
the unexpanded form (since specifiers increase the length of the string in all
practical cases).
In the oss-fuzz test case, valgrind reports:
total heap usage: 179,044 allocs, 179,044 frees, 72,687,755,703 bytes allocated
and the original config file is ~500kb. This isn't really a security issue,
since the config file has to be trusted any way, but just a matter of
preventing accidental resource exhaustion.
https://oss-fuzz.com/v2/issue/4651449704251392/6977
While at it, fix order of arguments in the neighbouring log_syntax() call.
2018-03-19 17:43:35 +03:00
fuzz - unit - file / oss - fuzz - 6908
fuzz - unit - file / oss - fuzz - 6917
fuzz - unit - file / oss - fuzz - 6977
2018-03-19 11:21:02 +03:00
fuzz - unit - file / oss - fuzz - 7004
2018-01-19 09:54:30 +03:00
'' ' . split ( )