diff options
| author | Anton Lindqvist <anton.lindqvist@gmail.com> | 2018-08-31 11:21:14 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2018-08-31 09:06:47 -0700 |
| commit | 97bc7ad1b8f28799987362eeaa36586af1396327 (patch) | |
| tree | 613f10a3ed70c2c50070fa0a4919249e0926505f /executor | |
| parent | d7fda14afc80a1b197f3c9a5ecd74186102b8603 (diff) | |
sys/openbsd: make SanitizeCall() idempotent
On OpenBSD, the vnode type for a device node of type S_IFMT is interpreted as
VBAD. Such vnodes often causes assertion failures inside kernel producing noisy
crashes. The goal of the OpenBSD specific SanitizeCall() is to prevent such
device nodes from being created. The S_IFMT constant is a mask covering all
possible device types, thus covering both character and block devices. Therefore
when the fuzzer generates a mknod{,at}() syscall with the S_IFMT type we cannot
known if the intent was to create a block or character device. Therefore
simplify the code to create a character device under such circumstances.
The observed failure is caused by the interaction between the OpenBSD specific
SanitizeCall() and the Unix one. The Unix sanitizer will not modify the mode
argument if it contains the S_IFMT mask. But on the second invocation when the
mode no longer contains S_IFMT it would modify it, causing a different program
to be produced. Therefore only delegate to the Unix sanitizer if the syscall is
not equal to mknod{,at}().
Regression introduces in commit b771b17e ("Add mandatory OpenBSD bits (#689)").
Diffstat (limited to 'executor')
0 files changed, 0 insertions, 0 deletions