New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SystemSan per-target config #8497
Comments
Yes, there will be a way to configure SystemSan. Right now we are not filing bugs automatically for such issues until we have that mechanism in place. |
Even if not issues are filed, they still abort fuzzing. The reason why I noticed this is that I looked at fuzzer statistics and noticed a very high percentage of startup crashes caused by this. It doesn't help that the error doesn't contain a backtrace, so it's hard to figure out where the FS access comes from, if you have hundreds of places that could perform one. |
That's a very good point. We currently only enable this in 10% of all of our runs, and will be adding capabilities very soon to configure the checks to enable per target. Does 10% still sound too high in the meantime? |
It turns out that the "arbitrary file open" was caused by an rpath being set, which resulted in attempts to load libraries like |
By the way, this false positive should be fixed by #8562 which just got merged |
For the PHP project, we have a number of fuzzers that essentially execute arbitrary code. For those fuzzers reading arbitrary files is expected, and even writing them is only a fuzzer quality problem (we do try to blacklist such functions just to limit corruption).
Is there some way to disable SystemSan or configure it to not report certain issues?
The text was updated successfully, but these errors were encountered: