[v5]
1) `fuzz-libdwfl` and `fuzz-libelf` were moved from OSS-Fuzz.
2) The regression testsuite was extended.
3) The OSS-Fuzz build script was removed. It should probably be
kept on OSS-Fuzz at this point.
4) The honggfuzz kludges were removed because
https://github.com/google/honggfuzz/issues/
Hi Mark,
> Great. Thanks for testing. All patches from the fuzz branch are now
> merged. My local fuzzer also hasn't found any new issues for almost 24
> hours now.
Thanks! I synced my fork with the elfutils repository and tonight it will be
sent
to Coverity. If anything pops up I'll report it.
Hi Evgeny,
On Mon, 2022-03-21 at 17:33 +0300, Evgeny Vereshchagin wrote:
> I tested the fuzz branch and I can confirm that all the issues
> reported by OSS-Fuzz found with ASan+UBSan are gone.
> I kind of lost track of them at some point but the following issues
> can no longer be triggered:
>
>
Comment #5 on issue 45705 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Indirect-leak in __libelf_next_arhdr_wrlock
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45705#c5
> I did this because I asked in an internal email with Mark if it would be
> appreciated (the answer was yet).
Sorr
Comment #4 on issue 45705 by da...@adalogics.com: elfutils:fuzz-libdwfl:
Indirect-leak in __libelf_next_arhdr_wrlock
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45705#c4
Yes -- I did this because I asked in an internal email with Mark if it would be
appreciated (the answer was yet).
Hi Mark,
> I'll report back once I figure
> out why the unit tests are failing on Fedora Rawhide:
> https://copr-be.cloud.fedoraproject.org/results/packit/evverx-elfutils-72/fedora-rawhide-x86_64/03799633-elfutils/builder-live.log.gz
>
I tested the fuzz branch and I can confirm that all the issu
Hi Mark,
> So I took the fuzz-libelf.c and fuzz-libdwfl.c files from the oss-fuzz
> repo, tweaked them so they have a normal main that takes one file
> argument to try to replicate the reports. That found some "real"
> issues I submitted patches for. Then I ran afl-fuzz on them locally
> during th
Hi,
On Thu, Mar 17, 2022 at 02:30:49PM +0100, Mark Wielaard wrote:
> The following fixes should fix reading of some broken ar archives and
> misaligned access of the section zero Shdr for mmaped ELF files where
> the start of the Elf image is at some offset from the start of the
> map.
>
> [PATCH
Hi,
On Fri, Mar 18, 2022 at 10:26:16AM +0300, Evgeny Vereshchagin wrote:
> I think before looking at those reports it would make sense to
> figure out what they are supposed to test and how they were tested
> to make sure they don't produce false positives. If they weren't
> actually tested I thin
