From 5b413887959fc84a48dfef1f619a31ae4f718a5e Mon Sep 17 00:00:00 2001 From: Aleksandr Nogikh Date: Thu, 24 Feb 2022 18:29:38 +0000 Subject: executor: tolerate syz_genetlink_get_family_id failures We cannot expect syscalls to always succeed during fuzzing, especially when the situation involves a complex interaction with the system. For the syz_genetlink_get_family_id case, it leads to numerous SYZFAIL crashes every day. Don't print a SYZFAIL error for this pseudo syscall. --- executor/common_linux.h | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'executor') diff --git a/executor/common_linux.h b/executor/common_linux.h index 88c129f85..a506ab335 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -2678,11 +2678,8 @@ static long syz_emit_vhci(volatile long a0, volatile long a1) static long syz_genetlink_get_family_id(volatile long name, volatile long sock_arg) { debug("syz_genetlink_get_family_id(%s, %d)\n", (char*)name, (int)sock_arg); - // We can't trust the socket passed by the fuzzer, it may be not a netlink at all. - bool dofail = false; int fd = sock_arg; if (fd < 0) { - dofail = true; fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC); if (fd == -1) { debug("syz_genetlink_get_family_id: socket failed: %d\n", errno); @@ -2690,7 +2687,7 @@ static long syz_genetlink_get_family_id(volatile long name, volatile long sock_a } } struct nlmsg nlmsg_tmp; - int ret = netlink_query_family_id(&nlmsg_tmp, fd, (char*)name, dofail); + int ret = netlink_query_family_id(&nlmsg_tmp, fd, (char*)name, false); if ((int)sock_arg < 0) close(fd); if (ret < 0) { -- cgit mrf-deployment