From 4b2391c4e3985ee4030fcecbaf7ac7568af0466c Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 12 Oct 2023 14:21:40 +0200 Subject: [PATCH 1/7] test: add a couple of tests for varlinkctl --- test/units/testsuite-74.varlinkctl.sh | 89 +++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100755 test/units/testsuite-74.varlinkctl.sh diff --git a/test/units/testsuite-74.varlinkctl.sh b/test/units/testsuite-74.varlinkctl.sh new file mode 100755 index 00000000000..5a962699c70 --- /dev/null +++ b/test/units/testsuite-74.varlinkctl.sh @@ -0,0 +1,89 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -eux +set -o pipefail + +# Unset $PAGER so we don't have to use --no-pager everywhere +export PAGER= + +varlinkctl --help +varlinkctl help --no-pager +varlinkctl --version +varlinkctl --json=help + +# TODO: abstract namespace sockets (@...) +# Path to a socket +varlinkctl info /run/systemd/journal/io.systemd.journal +varlinkctl info /run/systemd/../systemd/../../run/systemd/journal/io.systemd.journal +varlinkctl info "./$(realpath --relative-to="$PWD" /run/systemd/journal/io.systemd.journal)" +varlinkctl info unix:/run/systemd/journal/io.systemd.journal +varlinkctl info --json=off /run/systemd/journal/io.systemd.journal +varlinkctl info --json=pretty /run/systemd/journal/io.systemd.journal | jq . +varlinkctl info --json=short /run/systemd/journal/io.systemd.journal | jq . +varlinkctl info -j /run/systemd/journal/io.systemd.journal | jq . + +varlinkctl list-interfaces /run/systemd/journal/io.systemd.journal +varlinkctl list-interfaces -j /run/systemd/journal/io.systemd.journal | jq . + +varlinkctl introspect /run/systemd/journal/io.systemd.journal io.systemd.Journal +varlinkctl introspect -j /run/systemd/journal/io.systemd.journal io.systemd.Journal | jq . + +if command -v userdbctl >/dev/null; then + systemctl start systemd-userdbd + varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{ "userName" : "testuser", "service" : "io.systemd.Multiplexer" }' + varlinkctl call -j /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{ "userName" : "testuser", "service" : "io.systemd.Multiplexer" }' | jq . + varlinkctl call --more /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetMemberships '{ "service" : "io.systemd.Multiplexer" }' + varlinkctl call --more -j /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetMemberships '{ "service" : "io.systemd.Multiplexer" }' | jq --seq . + varlinkctl call --oneway /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetMemberships '{ "service" : "io.systemd.Multiplexer" }' + (! varlinkctl call --oneway /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetMemberships '{ "service" : "io.systemd.Multiplexer" }' | grep .) +fi + +IDL_FILE="$(mktemp)" +varlinkctl introspect /run/systemd/journal/io.systemd.journal io.systemd.Journal | tee "${IDL_FILE:?}" +varlinkctl validate-idl "$IDL_FILE" +varlinkctl validate-idl "$IDL_FILE" +cat /bin/sh >"$IDL_FILE" +(! varlinkctl validate-idl "$IDL_FILE") + +if [[ -x /usr/lib/systemd/systemd-pcrextend ]]; then + # Path to an executable + varlinkctl info /usr/lib/systemd/systemd-pcrextend + varlinkctl info exec:/usr/lib/systemd/systemd-pcrextend + varlinkctl list-interfaces /usr/lib/systemd/systemd-pcrextend + varlinkctl introspect /usr/lib/systemd/systemd-pcrextend io.systemd.PCRExtend +fi + +# Go through all varlink sockets we can find under /run/systemd/ for some extra coverage +find /run/systemd/ -name "io.systemd*" -type s | while read -r socket; do + varlinkctl info "$socket" + + varlinkctl list-interfaces "$socket" | while read -r interface; do + varlinkctl introspect "$socket" "$interface" + done +done + +(! varlinkctl) +(! varlinkctl "") +(! varlinkctl info) +(! varlinkctl info "") +(! varlinkctl info /run/systemd/notify) +(! varlinkctl info /run/systemd/private) +# Relative paths must begin with ./ +(! varlinkctl info "$(realpath --relative-to="$PWD" /run/systemd/journal/io.systemd.journal)") +(! varlinkctl info unix:) +(! varlinkctl info unix:"") +(! varlinkctl info exec:) +(! varlinkctl info exec:"") +(! varlinkctl list-interfaces) +(! varlinkctl list-interfaces "") +(! varlinkctl introspect) +(! varlinkctl introspect /run/systemd/journal/io.systemd.journal) +(! varlinkctl introspect /run/systemd/journal/io.systemd.journal "") +(! varlinkctl introspect "" "") +(! varlinkctl call) +(! varlinkctl call "") +(! varlinkctl call "" "") +(! varlinkctl call "" "" "") +(! varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord Date: Thu, 12 Oct 2023 15:44:34 +0200 Subject: [PATCH 2/7] test: add a fuzzer for the varlink IDL stuff --- src/fuzz/fuzz-varlink-idl.c | 33 +++++++++ src/fuzz/meson.build | 1 + test/fuzz/fuzz-varlink-idl/interface1 | 100 ++++++++++++++++++++++++++ 3 files changed, 134 insertions(+) create mode 100644 src/fuzz/fuzz-varlink-idl.c create mode 100644 test/fuzz/fuzz-varlink-idl/interface1 diff --git a/src/fuzz/fuzz-varlink-idl.c b/src/fuzz/fuzz-varlink-idl.c new file mode 100644 index 00000000000..cefc49219cf --- /dev/null +++ b/src/fuzz/fuzz-varlink-idl.c @@ -0,0 +1,33 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include + +#include "errno-util.h" +#include "fd-util.h" +#include "fuzz.h" +#include "io-util.h" +#include "varlink-idl.h" +#include "log.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + _cleanup_(varlink_interface_freep) VarlinkInterface *vi = NULL; + _cleanup_free_ char *str = NULL, *dump = NULL; + int r; + + log_set_max_level(LOG_CRIT); + log_parse_environment(); + (void) log_open(); + + assert_se(str = memdup_suffix0(data, size)); + + r = varlink_idl_parse(str, /* line= */ NULL, /* column= */ NULL, &vi); + if (r < 0) { + log_debug_errno(r, "Failed to parse varlink interface definition: %m"); + return 0; + } + + assert_se(varlink_idl_format(vi, &dump) >= 0); + (void) varlink_idl_consistent(vi, LOG_DEBUG); + + return 0; +} diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build index 02a722edb1e..8c1b2e91ea0 100644 --- a/src/fuzz/meson.build +++ b/src/fuzz/meson.build @@ -12,4 +12,5 @@ simple_fuzzers += files( 'fuzz-time-util.c', 'fuzz-udev-database.c', 'fuzz-varlink.c', + 'fuzz-varlink-idl.c', ) diff --git a/test/fuzz/fuzz-varlink-idl/interface1 b/test/fuzz/fuzz-varlink-idl/interface1 new file mode 100644 index 00000000000..eea873dc9f6 --- /dev/null +++ b/test/fuzz/fuzz-varlink-idl/interface1 @@ -0,0 +1,100 @@ +# https://varlink.org/Interface-Definition +interface org.foo.bar + +type MyOtherType( + x: T +) + +type T ( x: TT ) +type TT ( x: TTT ) +type TTT ( x: TTTT ) +type TTTT ( x: TTTTT ) +type TTTTT ( x: TTTTTT ) +type TTTTTT ( x: TTTTTTT ) +type TTTTTTT ( x: TTTTTTTT ) +type TTTTTTTT ( x: TTTTTTTTT ) +type TTTTTTTTT ( x: TTTTTTTTTT ) +type TTTTTTTTTT ( x: TTTTTTTTTTT ) +type TTTTTTTTTTT ( x: TTTTTTTTTTTT ) +type TTTTTTTTTTTT ( x: TTTTTTTTTTTTT ) +type TTTTTTTTTTTTT ( x: TTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ) +type TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT ( x: bool ) + +type MyType ( + example_bool: bool, + example_int: int, + example_float: float, + example_string: string, + example_object: object, + example_enum_single: (one), + example_enum: (one, two, three), + example_struct_single: (first: int), + example_struct: (first: int, second: string), + example_array: []string, + example_dictionary: [string]string, + example_stringset: [string](a, b, c), + example_stringset2: [string](a: int, b: bool, c: object), + example_nullable: ?string, + example_nullable_array_struct: ?[](first: int, second: string), + example_other_type: MyOtherType +) + +method Foo(a: int, b: MyType) -> (bar: []string, baz: float, more: (i: int, f: float, s: string)) +method VoidArgs() -> (a: int) +method VoidRet(a: int) -> () +method Void() -> () + +error UnknownAction(action: string, more_data: ?string) +error VoidError() From 779e7b441076e41d3d96fce6aa751d60b91c09f5 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 12 Oct 2023 15:55:12 +0200 Subject: [PATCH 3/7] varlink: don't panic on malformed method definition --- src/shared/varlink-idl.c | 12 ++++++++++++ test/fuzz/fuzz-varlink-idl/crash-d1860f2b | Bin 0 -> 168 bytes 2 files changed, 12 insertions(+) create mode 100644 test/fuzz/fuzz-varlink-idl/crash-d1860f2b diff --git a/src/shared/varlink-idl.c b/src/shared/varlink-idl.c index 7d9d7874c1b..65059d33c1c 100644 --- a/src/shared/varlink-idl.c +++ b/src/shared/varlink-idl.c @@ -986,6 +986,9 @@ int varlink_idl_parse( assert(!symbol); n_fields = 0; + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + r = varlink_symbol_realloc(&symbol, n_fields); if (r < 0) return r; @@ -1004,6 +1007,9 @@ int varlink_idl_parse( case STATE_METHOD_ARROW: assert(symbol); + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + if (!streq(token, "->")) return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Unexpected token '%s'.", *line, *column, token); @@ -1025,6 +1031,9 @@ int varlink_idl_parse( assert(!symbol); n_fields = 0; + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + r = varlink_symbol_realloc(&symbol, n_fields); if (r < 0) return r; @@ -1050,6 +1059,9 @@ int varlink_idl_parse( assert(!symbol); n_fields = 0; + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + r = varlink_symbol_realloc(&symbol, n_fields); if (r < 0) return r; diff --git a/test/fuzz/fuzz-varlink-idl/crash-d1860f2b b/test/fuzz/fuzz-varlink-idl/crash-d1860f2b new file mode 100644 index 0000000000000000000000000000000000000000..db720881dcd6446128b8f5bb3144e017b39a6011 GIT binary patch literal 168 zcmY#Z$S5f(D7MnqFH0=S$;`{v%P&gT_slCvElNvFPStfuP0P&7EXmBz Date: Thu, 12 Oct 2023 17:02:16 +0200 Subject: [PATCH 4/7] varlink: use int for log level --- src/shared/varlink-idl.c | 8 ++++---- src/shared/varlink-idl.h | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/shared/varlink-idl.c b/src/shared/varlink-idl.c index 65059d33c1c..af324403dc5 100644 --- a/src/shared/varlink-idl.c +++ b/src/shared/varlink-idl.c @@ -1190,13 +1190,13 @@ bool varlink_idl_interface_name_is_valid(const char *name) { return true; } -static int varlink_idl_symbol_consistent(const VarlinkInterface *interface, const VarlinkSymbol *symbol, bool level); +static int varlink_idl_symbol_consistent(const VarlinkInterface *interface, const VarlinkSymbol *symbol, int level); static int varlink_idl_field_consistent( const VarlinkInterface *interface, const VarlinkSymbol *symbol, const VarlinkField *field, - bool level) { + int level) { const char *symbol_name; int r; @@ -1288,7 +1288,7 @@ static bool varlink_symbol_is_empty(const VarlinkSymbol *symbol) { static int varlink_idl_symbol_consistent( const VarlinkInterface *interface, const VarlinkSymbol *symbol, - bool level) { + int level) { _cleanup_(set_freep) Set *input_set = NULL, *output_set = NULL; const char *symbol_name; @@ -1325,7 +1325,7 @@ static int varlink_idl_symbol_consistent( return 0; } -int varlink_idl_consistent(const VarlinkInterface *interface, bool level) { +int varlink_idl_consistent(const VarlinkInterface *interface, int level) { _cleanup_(set_freep) Set *name_set = NULL; int r; diff --git a/src/shared/varlink-idl.h b/src/shared/varlink-idl.h index 3a7075e76f7..140b937c0d6 100644 --- a/src/shared/varlink-idl.h +++ b/src/shared/varlink-idl.h @@ -148,7 +148,7 @@ bool varlink_idl_field_name_is_valid(const char *name); bool varlink_idl_symbol_name_is_valid(const char *name); bool varlink_idl_interface_name_is_valid(const char *name); -int varlink_idl_consistent(const VarlinkInterface *interface, bool level); +int varlink_idl_consistent(const VarlinkInterface *interface, int level); const VarlinkSymbol* varlink_idl_find_symbol(const VarlinkInterface *interface, VarlinkSymbolType type, const char *name); const VarlinkField* varlink_idl_find_field(const VarlinkSymbol *symbol, const char *name); From e97f2dfde4efda26dad109d02f58632c98135dd1 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 12 Oct 2023 17:29:23 +0200 Subject: [PATCH 5/7] varlink: drop dead code '#' is never part of either allowed_chars or allowed_delimiters when we parse structs/enums. --- src/shared/varlink-idl.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/shared/varlink-idl.c b/src/shared/varlink-idl.c index af324403dc5..78d8435ea31 100644 --- a/src/shared/varlink-idl.c +++ b/src/shared/varlink-idl.c @@ -729,11 +729,7 @@ static int varlink_idl_subparse_struct_or_enum( if (!token) return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); - if (streq(token, "#")) { - r = varlink_idl_subparse_comment(p, line, column); - if (r < 0) - return r; - } else if (streq(token, ")")) + if (streq(token, ")")) state = STATE_DONE; else { field_name = TAKE_PTR(token); From 78ea6a549f8f11639b752a938c2ad1f0590b028d Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 12 Oct 2023 22:09:49 +0200 Subject: [PATCH 6/7] test: update Ubuntu CI instructions --- test/README.testsuite | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/test/README.testsuite b/test/README.testsuite index bd72f413d05..14386ff9e75 100644 --- a/test/README.testsuite +++ b/test/README.testsuite @@ -193,11 +193,13 @@ Now install necessary build & test dependencies: ## PPA with some newer Ubuntu packages required by upstream systemd # add-apt-repository -y --enable-source ppa:upstream-systemd-ci/systemd-ci # apt build-dep -y systemd -# apt install -y autopkgtest debhelper genisoimage git qemu-system-x86 +# apt install -y autopkgtest debhelper genisoimage git qemu-system-x86 \ + libcurl4-openssl-dev libfdisk-dev libtss2-dev libfido2-dev \ + libssl-dev python3-pefile Build systemd deb packages with debug info: -# TEST_UPSTREAM=1 DEB_BUILD_OPTIONS="nocheck nostrip" dpkg-buildpackage -us -uc +# TEST_UPSTREAM=1 DEB_BUILD_OPTIONS="nocheck nostrip noopt" dpkg-buildpackage -us -uc # cd .. Prepare a testbed image for autopkgtest (tweak the release as necessary): @@ -210,7 +212,7 @@ And finally run the autopkgtest itself: --timeout-factor=3 \ --test-name=boot-and-services \ --shell-fail \ - -- autopkgtest-virt-qemu --ram-size 2048 autopkgtest-jammy-amd64.img + -- autopkgtest-virt-qemu --cpus 4 --ram-size 2048 autopkgtest-jammy-amd64.img where --test-name= is the name of the test you want to run/debug. The --shell-fail option will pause the execution in case the test fails and shows From d04af6aaca2994acd728b49eaf7173f257f27776 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Sat, 14 Oct 2023 17:47:10 +0200 Subject: [PATCH 7/7] docs: update fuzzers docs --- docs/HACKING.md | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/docs/HACKING.md b/docs/HACKING.md index 09bc5b5fffb..fb7caac93cc 100644 --- a/docs/HACKING.md +++ b/docs/HACKING.md @@ -147,8 +147,27 @@ corpus should be built and exported as `$OUT/fuzz-foo_seed_corpus.zip` in `tools/oss-fuzz.sh`. The fuzzers can be built locally if you have libFuzzer installed by running -`tools/oss-fuzz.sh`. You should also confirm that the fuzzers can be built and -run using +`tools/oss-fuzz.sh`, or by running: + +``` +CC=clang CXX=clang++ \ +meson setup build-libfuzz -Dllvm-fuzz=true -Db_sanitize=address,undefined -Db_lundef=false \ + -Dc_args='-fno-omit-frame-pointer -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION' +ninja -C build-libfuzz fuzzers +``` + +Each fuzzer then can be then run manually together with a directory containing +the initial corpus: + +``` +export UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 +build-libfuzz/fuzz-varlink-idl test/fuzz/fuzz-varlink-idl/ +``` + +Note: the `halt_on_error=1` UBSan option is especially important, otherwise +the fuzzer won't crash when undefined behavior is triggered. + +You should also confirm that the fuzzers can be built and run using [the OSS-Fuzz toolchain](https://google.github.io/oss-fuzz/advanced-topics/reproducing/#building-using-docker): ```