1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00
Commit Graph

11 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
e2e736cbbd fuzz: rename long samples
With those long filenames, output doesn't fit on the terminal.
2023-05-18 15:23:27 +02:00
Yu Watanabe
d77d42ed3a systemctl: refuse to acquire dbus connection with --global
Maybe, better to check the runtime scope each verb for better log
message, but this is a good start point to not trigger assertion.

Fixes oss-fuzz#56915 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56915).

Fixes #26402 and #26754.
2023-03-13 12:27:34 +01:00
Zbigniew Jędrzejewski-Szmek
4ccde410a3 tree-wide: change --kill-who to --kill-whom
getopt allows non-ambiguous abbreviations, so backwards-compat is maintained, and
people can use --kill-who (or even shorter abbreviations). English is flexible,
so in common speach people would use both forms, even if "whom" is technically
more correct. The advantage of using the longer form in the code is that we
effectively allow both forms, so we stop punishing people who DTGCT¹, but still
allow people to use the spoken form if they prefer.

1. Do the gramatically correct thing
2022-08-26 11:15:44 +09:00
Zbigniew Jędrzejewski-Szmek
a88f9dbae2 systemctl: unset const char* arguments in static destructors
When fuzzing, the following happens:
- we parse 'data' and produce an argv array,
- one of the items in argv is assigned to arg_host,
- the argv array is subsequently freed by strv_freep(), and arg_host has a dangling symlink.

In normal use, argv is static, so arg_host can never become a dangling pointer.
In fuzz-systemctl-parse-argv, if we repeatedly parse the same array, we
have some dangling pointers while we're in the middle of parsing. If we parse
the same array a second time, at the end all the dangling pointers will have been
replaced again. But for a short time, if parsing one of the arguments uses another
argument, we would use a dangling pointer.

Such a case occurs when we have --host=… --boot-loader-entry=help. The latter calls
acquire_bus() which uses arg_host.

I'm not particularly happy with making the code more complicated just for
fuzzing, but I think it's better to resolve this, even if the issue cannot
occur in normal invocations, than to deal with fuzzer reports.

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31714.
2021-05-31 19:29:07 +02:00
Zbigniew Jędrzejewski-Szmek
5735ab0979 fuzz-systemctl-parse-argv: add "telinit" to the argv[0] list 2021-02-22 14:22:07 +00:00
Zbigniew Jędrzejewski-Szmek
5800f0fc68 basic/alloc-util: also reset the cleaned-up variable in freep()
freep() has it's own definition, so I missed it in fd421c4adc.

Again, there is a small growth, but the compiler should be able to optimize it away:
-Dbuildtype=debug:

-rwxrwxr-x 1 zbyszek zbyszek 4106816 Feb 19 12:52 build/libsystemd.so.0.30.0
-rwxrwxr-x 1 zbyszek zbyszek 7492952 Feb 19 12:52 build/src/shared/libsystemd-shared-247.so
-rwxrwxr-x 1 zbyszek zbyszek 4472624 Feb 19 12:53 build/systemd

-rwxrwxr-x 1 zbyszek zbyszek 4107056 Feb 19 13:03 build/libsystemd.so.0.30.0
-rwxrwxr-x 1 zbyszek zbyszek 7493480 Feb 19 13:03 build/src/shared/libsystemd-shared-247.so
-rwxrwxr-x 1 zbyszek zbyszek 4472760 Feb 19 13:03 build/systemd

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31055.
2021-02-19 15:25:16 +01:00
Lennart Poettering
dc288ffeab
Merge pull request #18596 from keszybz/systemctl-quiet-legend
systemctl: hide legends with --quiet, allow overriding
2021-02-17 23:40:04 +01:00
Zbigniew Jędrzejewski-Szmek
6906da2692 systemctl: hide legends with --quiet, allow overriding
--no-legend is replaced by --legend=no.

--quiet now implies --legend=no, but --legend=yes may be used to override that.
--quiet controls hints and warnings and such, and --legend controls just the
legends. I think it makes sense to allow both to controlled independently, in
particular --quiet --legend makes sense when using systemctl in a script to
provide some user-visible output.

Fixes #18560.
2021-02-17 21:09:14 +01:00
Zbigniew Jędrzejewski-Szmek
425ac7a253 fuzz-systemctl-parse-argv: call static destuctors
With all the preparatory work in previous PRs, we can now call static destructors
repeatedly without issue. We need to do it here so that global variables allocated
during parsing are properly freed.
2021-02-16 17:15:11 +01:00
Zbigniew Jędrzejewski-Szmek
860f154fa3 fuzz-systemctl-parse-argv: add argv[0] values to corpus 2021-02-15 10:01:38 +01:00
Zbigniew Jędrzejewski-Szmek
5fd8782328 fuzz-systemctl-parse-argv: a new fuzzer
Does what the name suggests. Obviously inspired by sudoers, but note that
our tools are not supposed to be installed suid, so there is no privilege
boundary to cross here.
2021-02-09 14:11:42 +01:00