Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fuzz-bus-message: add a testcase triggering an invalid read
on 32-bit architectures so that it won't get lost. ``` ==169373==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf4900780 at pc 0xf75dd9cf bp 0xfff63438 sp 0xfff6342c READ of size 1 at 0xf4900780 thread T0 #0 0xf75dd9ce in bus_message_parse_fields ../src/libsystemd/sd-bus/bus-message.c:5272 #1 0xf75b68c3 in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:568 #2 0x80497f3 in LLVMFuzzerTestOneInput ../src/libsystemd/sd-bus/fuzz-bus-message.c:30 #3 0x804a0ba in main ../src/fuzz/fuzz-main.c:50 #4 0xf6f1f468 in __libc_start_call_main (/lib/libc.so.6+0x25468) #5 0xf6f1f549 in __libc_start_main_impl (/lib/libc.so.6+0x25549) #6 0x804928b in _start (/home/vagrant/systemd/build/fuzz-bus-message+0x804928b) 0xf4900780 is located 0 bytes to the right of 16-byte region [0xf4900770,0xf4900780) allocated by thread T0 here: #0 0xf7abb39b in malloc (/lib/libasan.so.6+0xb239b) #1 0xf744cf1f in memdup ../src/basic/alloc-util.c:16 #2 0x8049723 in LLVMFuzzerTestOneInput ../src/libsystemd/sd-bus/fuzz-bus-message.c:28 #3 0x804a0ba in main ../src/fuzz/fuzz-main.c:50 #4 0xf6f1f468 in __libc_start_call_main (/lib/libc.so.6+0x25468) ```
- Loading branch information