lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 18 Jul 2017 14:06:57 -0600
From:   Andreas Dilger <adilger@...ger.ca>
To:     Adam Buchbinder <abuchbinder@...gle.com>
Cc:     Ext4 Developers List <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH 1/2] tests: dumpe2fs against an image with bad os_type.

On Jul 18, 2017, at 1:29 PM, Adam Buchbinder <abuchbinder@...gle.com> wrote:
> 
> The os_type here is large enough to be negative when interpreted as a
> signed integer.
> 
> This test case was generated by american fuzzy lop, starting from a
> base filesystem image from files.fuzzing-project.org.

It is preferable to create the image filesystem via script as part of the
test (e.g. using "debugfs -w ssv ostype 0xf00000000" or similar), rather
than using a binary image.  That allows us to see what is being changed,
rather than getting a binary blob.

Cheers, Andreas

> Signed-off-by: Adam Buchbinder <abuchbinder@...gle.com>
> ---
> tests/d_bad_ostype/expect   |   1 +
> tests/d_bad_ostype/image.gz | Bin 0 -> 272 bytes
> tests/d_bad_ostype/name     |   1 +
> tests/d_bad_ostype/script   |  19 +++++++++++++++++++
> 4 files changed, 21 insertions(+)
> create mode 100644 tests/d_bad_ostype/expect
> create mode 100644 tests/d_bad_ostype/image.gz
> create mode 100644 tests/d_bad_ostype/name
> create mode 100644 tests/d_bad_ostype/script
> 
> diff --git a/tests/d_bad_ostype/expect b/tests/d_bad_ostype/expect
> new file mode 100644
> index 00000000..b00318c4
> --- /dev/null
> +++ b/tests/d_bad_ostype/expect
> @@ -0,0 +1 @@
> +Filesystem OS type:       (unknown os)
> diff --git a/tests/d_bad_ostype/image.gz b/tests/d_bad_ostype/image.gz
> new file mode 100644
> index 0000000000000000000000000000000000000000..06805e1093c1ce9d2dc172aa89fb57eaedfa5505
> GIT binary patch
> literal 272
> zcmV+r0q_1FiwFpQOm0~K18HqxXJr6mU>F6XU=)m0AOOS;K+Fup8bHhh#Ei%a6d)L+
> z?&+16q1uYMkqiv~{|CQk1gnGa!Jq-Aj~m1RVhgBwAhY*~Zq>5lb9}siN7?zgx^kZA
> z?$FQ8E731WEiR$5|B%5FZu@...o#cl{h8X~OW!;Lxt9kjw+`qxTG+{mLtK~^mW_f@
> zKq3I;O%@<#WdP-WCLo_>fL$~SM!_hc7x@...z-?#9|fae6pTDzKhO>s1*2dT3>1L1
> z13>-wb@2W@...sC25<-DIneI+Pz;e_0goMk0ElL%r=v!}hye|aK*E591(fz-7$U<6
> WPk-bB5lS6L2LJ#sc=EFV7ytl<z;*Tj
> 
> literal 0
> HcmV?d00001
> 
> diff --git a/tests/d_bad_ostype/name b/tests/d_bad_ostype/name
> new file mode 100644
> index 00000000..3da887a8
> --- /dev/null
> +++ b/tests/d_bad_ostype/name
> @@ -0,0 +1 @@
> +handle bad (negative) os_type
> diff --git a/tests/d_bad_ostype/script b/tests/d_bad_ostype/script
> new file mode 100644
> index 00000000..94f356a6
> --- /dev/null
> +++ b/tests/d_bad_ostype/script
> @@ -0,0 +1,19 @@
> +gzip -dc < $test_dir/image.gz > $TMPFILE
> +
> +OUT=$test_name.log
> +EXP=$test_dir/expect
> +$DUMPE2FS $TMPFILE 2>&1 | sed -f $cmd_dir/filter.sed | grep 'Filesystem OS type:' > $OUT
> +
> +rm -f $TMPFILE
> +cmp -s $OUT $EXP
> +status=$?
> +
> +if [ "$status" = 0 ] ; then
> +        echo "$test_name: $test_description: ok"
> +        touch $test_name.ok
> +else
> +        echo "$test_name: $test_description: failed"
> +        diff $DIFF_OPTS $EXP $OUT > $test_name.failed
> +        rm -f $test_name.tmp
> +fi
> +unset OUT EXP
> --
> 2.14.0.rc0.284.gd933b75aa4-goog
> 


Cheers, Andreas






Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists