lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 6 Jul 2018 09:38:41 +0200
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Stephan Müller <smueller@...onox.de>
Cc:     syzbot <syzbot+9c251bdd09f83b92ba95@...kaller.appspotmail.com>,
        David Miller <davem@...emloft.net>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" 
        <linux-crypto@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>
Subject: Re: KMSAN: uninit-value in af_alg_free_areq_sgls

On Thu, Jul 5, 2018 at 8:45 PM, Stephan Müller <smueller@...onox.de> wrote:
> Am Donnerstag, 5. Juli 2018, 19:02:01 CEST schrieb syzbot:
>
> Hi Dimitry,
>
> does the syzkaller somehow uses the "---" separator as part of the URL?

It used it as branch. Please see:

https://github.com/google/syzkaller/blob/master/docs/syzbot.md#testing-patches

for formats. In all formats a git tree is not enough. And it is not
enough to identify code state in any other context too, it's always
git repo + branch or commit hash.


>> syzbot tried to test the proposed patch but build/boot failed:
>>
>> failed to checkout kernel repo https://github.com/google/kmsan.git/---:
>> failed to run /usr/bin/git [git fetch https://github.com/google/kmsan.git
>> ---]: exit status 129
>> error: unknown option `-'
>> usage: git fetch [<options>] [<repository> [<refspec>...]]
>>     or: git fetch [<options>] <group>
>>     or: git fetch --multiple [<options>] [(<repository> | <group>)...]
>>     or: git fetch --all [<options>]
>>
>>      -v, --verbose         be more verbose
>>      -q, --quiet           be more quiet
>>      --all                 fetch from all remotes
>>      -a, --append          append to .git/FETCH_HEAD instead of overwriting
>>      --upload-pack <path>  path to upload pack on remote end
>>      -f, --force           force overwrite of local branch
>>      -m, --multiple        fetch from multiple remotes
>>      -t, --tags            fetch all tags and associated objects
>>      -n                    do not fetch all tags (--no-tags)
>>      -p, --prune           prune remote-tracking branches no longer on
>> remote --recurse-submodules[=<on-demand>]
>>                            control recursive fetching of submodules
>>      --dry-run             dry run
>>      -k, --keep            keep downloaded pack
>>      -u, --update-head-ok  allow updating of HEAD ref
>>      --progress            force progress reporting
>>      --depth <depth>       deepen history of shallow clone
>>      --unshallow           convert to a complete repository
>>      --update-shallow      accept refs that update .git/shallow
>>      --refmap <refmap>     specify fetch refmap
>>
>>
>>
>>
>> Tested on:
>>
>> commit:         [unknown]
>> git tree:       https://github.com/google/kmsan.git/---> compiler:       clang version 7.0.0 (trunk 334104)
>> patch:          https://syzkaller.appspot.com/x/patch.diff?x=1207511c400000
>
>
> Ciao
> Stephan
>
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@...glegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/1626520.Rx0128ICKU%40positron.chronox.de.
> For more options, visit https://groups.google.com/d/optout.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ