-
Notifications
You must be signed in to change notification settings - Fork 686
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Race condition in fuzz tests #432
Labels
Comments
micahsnyder
added a commit
to micahsnyder/clamav-micah
that referenced
this issue
Jan 21, 2022
The fuzz targets that write a temp file currently use the same filename every time. One of the users identified that if the tests are running in parallel mode, many threads are accessing the same file. This results in unstable input to the API being tested, where the file may be overwritten as the function is being tested. This commit fixes it by putting a random number in the filenames for the scanfile and dbload fuzz targets. Resolves: Cisco-Talos#432 Also fixed a CMake bug that built an extra fuzz target file that doesn't serve any purpose. Resolves: Cisco-Talos#431
micahsnyder
added a commit
to micahsnyder/clamav-micah
that referenced
this issue
Jan 21, 2022
The fuzz targets that write a temp file currently use the same filename every time. One of the users identified that if the tests are running in parallel mode, many threads are accessing the same file. This results in unstable input to the API being tested, where the file may be overwritten as the function is being tested. This commit fixes it by putting a random number in the filenames for the scanfile and dbload fuzz targets. Resolves: Cisco-Talos#432 Also fixed a CMake bug that built an extra fuzz target file that doesn't serve any purpose. Resolves: Cisco-Talos#431
micahsnyder
added a commit
to micahsnyder/clamav-micah
that referenced
this issue
Mar 27, 2022
The fuzz targets that write a temp file currently use the same filename every time. One of the users identified that if the tests are running in parallel mode, many processes are accessing the same file. This results in unstable input to the API being tested, where the file may be overwritten as the function is being tested. This commit fixes it by putting the fuzz process PID in the filenames for the scanfile and dbload fuzz targets. Resolves: Cisco-Talos#432 Also fixed a CMake bug that built an extra fuzz target file that doesn't serve any purpose. Resolves: Cisco-Talos#431
micahsnyder
added a commit
that referenced
this issue
Mar 30, 2022
The fuzz targets that write a temp file currently use the same filename every time. One of the users identified that if the tests are running in parallel mode, many processes are accessing the same file. This results in unstable input to the API being tested, where the file may be overwritten as the function is being tested. This commit fixes it by putting the fuzz process PID in the filenames for the scanfile and dbload fuzz targets. Resolves: #432 Also fixed a CMake bug that built an extra fuzz target file that doesn't serve any purpose. Resolves: #431
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Fuzz tests
clamav_dbload_fuzzer.cpp
andclamav_scanfile_fuzzer.cpp
create a fixed-name input file. If the tests are running in parallel mode, many threads are accessing the same file. Filenames should be unique per process to make parallel fuzzing effective.clamav/fuzz/clamav_dbload_fuzzer.cpp
Line 120 in 0037f58
clamav/fuzz/clamav_scanfile_fuzzer.cpp
Line 122 in 0037f58
The text was updated successfully, but these errors were encountered: