diff options
| author | Anton Lindqvist <anton@basename.se> | 2019-05-21 23:17:22 +0200 |
|---|---|---|
| committer | Anton Lindqvist <anton@basename.se> | 2019-05-24 22:33:56 +0200 |
| commit | 85c573157db1baae51178263fe3289c8329e6dc2 (patch) | |
| tree | 367d8e88c9713fbdff93b4042a3b4fe5c5f5a3de /sys | |
| parent | 0dadcd9d912d7faab1cd5fc0dfad21ff95ff86a8 (diff) | |
pkg/csource: add ability to annotate syscalls using comments in C reproducers
Providing additional info, especially regarding syscall arguments, in reproducers
can be helpful. An example is device numbers passed to mknod(2).
This commit introduces an optional annotate function on a per target basis.
Example for the OpenBSD target:
$ cat prog.in
mknod(0x0, 0x0, 0x4503)
getpid()
$ syz-prog2c -prog prog.in
int main(void)
{
syscall(SYS_mmap, 0x20000000, 0x1000000, 3, 0x1012, -1, 0, 0);
syscall(SYS_mknod, 0, 0, 0x4503); /* major = 69, minor = 3 */
syscall(SYS_getpid);
return 0;
}
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/openbsd/init.go | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/sys/openbsd/init.go b/sys/openbsd/init.go index bce74fbac..c42fe0497 100644 --- a/sys/openbsd/init.go +++ b/sys/openbsd/init.go @@ -4,6 +4,8 @@ package openbsd import ( + "fmt" + "github.com/google/syzkaller/prog" "github.com/google/syzkaller/sys/targets" ) @@ -17,6 +19,7 @@ func InitTarget(target *prog.Target) { target.MakeMmap = targets.MakePosixMmap(target) target.SanitizeCall = arch.SanitizeCall + target.AnnotateCall = arch.annotateCall } type arch struct { @@ -107,3 +110,16 @@ func (arch *arch) SanitizeCall(c *prog.Call) { arch.unix.SanitizeCall(c) } } + +func (arch *arch) annotateCall(c prog.ExecCall) string { + devArg := 2 + switch c.Meta.Name { + case "mknodat": + devArg = 3 + fallthrough + case "mknod": + dev := c.Args[devArg].(prog.ExecArgConst).Value + return fmt.Sprintf("major = %v, minor = %v", devmajor(dev), devminor(dev)) + } + return "" +} |