On Thursday, April 17, 2014 12:37:56 PM Markos Chandras wrote:
> I think I found the problem. The failure is in the fuzz test and more
> specifically in the run_test_bpf_sim_fuzz() function. This function,
> calls the simulator without the '-a' argument, so it defaults to the
> native architecture and it does no byte swapping when executing the
> filter. Obviously, the following hack fixes it.
>
> diff --git a/tests/regression b/tests/regression
> index b83e8a2..b45d261 100755
> --- a/tests/regression
> +++ b/tests/regression
> @@ -288,7 +288,7 @@ function run_test_bpf_sim_fuzz() {
> # simulate the fuzzed syscall data against the BPF
> filter, we
> # don't verify the resulting action since we're just
> testing for
> # stability
> - allow=$($GLBL_SYS_SIM -f $tmpfile -s $sys \
> + allow=$($GLBL_SYS_SIM -a mips -f $tmpfile -s $sys \
> ${arg[0]} ${arg[1]} ${arg[2]} ${arg[3]}
> ${arg[4]} \
> ${arg[5]})
> rc=$?
>
>
> I think it's necessary to modify this function to pass a little or big
> endian architecture based on the value of 'Arch' value in the .tests
> file. Any little or big endian architecture value will do the trick
> since the test is not actually verify the action but rather the
> stability of the filter.
Looking at this a bit closer, I think the right thing to do for now is to just
disable the fuzzer for tests which target specific architectures. It isn't
like were not fuzzing the systems, we are via the other tests, this just means
we can't fuzz non-native architectures which seems acceptable at this point.
Expect a patch shortly.
--
paul moore
security and virtualization @ redhat
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
libseccomp-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
