of the temp file to start with junk
to better match what is routine in the regressiontests.
And to something that works just fine with Win msys2.
(in msys2 "/tmp/anything" will not work for open( "wb")
whereas "anything" will work.)
modified: fuzz/fuzz_aranges.c
modified: fuzz/fuzz_crc.c
modified: fuzz/fuzz_crc_32.c
modified: fuzz/fuzz_debug_addr_access.c
modified: fuzz/fuzz_debug_str.c
modified: fuzz/fuzz_debuglink.c
modified: fuzz/fuzz_die_cu.c
modified: fuzz/fuzz_die_cu_attrs.c
modified: fuzz/fuzz_die_cu_attrs_loclist.c
modified: fuzz/fuzz_die_cu_e.c
modified: fuzz/fuzz_die_cu_e_print.c
modified: fuzz/fuzz_die_cu_info1.c
modified: fuzz/fuzz_die_cu_offset.c
modified: fuzz/fuzz_die_cu_print.c
modified: fuzz/fuzz_dnames.c
modified: fuzz/fuzz_findfuncbypc.c
modified: fuzz/fuzz_gdbindex.c
modified: fuzz/fuzz_globals.c
modified: fuzz/fuzz_gnu_index.c
modified: fuzz/fuzz_init_b.c
modified: fuzz/fuzz_init_binary.c
modified: fuzz/fuzz_init_path.c
modified: fuzz/fuzz_macro_dwarf4.c
modified: fuzz/fuzz_macro_dwarf5.c
modified: fuzz/fuzz_rng.c
modified: fuzz/fuzz_set_frame_all.c
modified: fuzz/fuzz_showsectgrp.c
modified: fuzz/fuzz_simplereader_tu.c
modified: fuzz/fuzz_srcfiles.c
modified: fuzz/fuzz_stack_frame_access.c
modified: fuzz/fuzz_str_offsets.c
modified: fuzz/fuzz_tie.c
modified: fuzz/fuzz_xuindex.c
modified: src/lib/libdwarf/libdwarf.h
The testcase emitted one printf string
which had no ending newline.
That provoked a warning from diff
which looked ugly.
So I added a terminating newline to the one and only printf
in the code.
modified: fuzz/fuzz_aranges.c
return codes in a loop and runs an unreasonably long time.
It's not an infinite loop, but memory is accumulating
pretty fast.
Results in megabytes of useless error messages from libdwarf.
I have changed the test source to check for a null 'attr'
and stop the loop right away. With a short message.
This is DW2024-002 oss fuzz id 371659894
modified: fuzz/fuzz_die_cu_attrs.c
+ /* libdwarf does not require offset to be anything in
+ particular, and will work fine regardless
+ (possibly returning DW_DLV_ERROR or DW_DLV_OK). But
+ valgrind generates a warning passing in the uninitialized
+ value so let us initialize it to ... something. */
+ Dwarf_Off dw_offset = 11;
modified: fuzz/fuzz_debug_str.c
Additional doc on dwarf_get_str() for completeness.
modified: src/lib/libdwarf/libdwarf.h
modified: bugxml/data.txt
The source here uses a libdwarf public
function incorrectly which
guarantees a memory leak. Now the test case
follows the rules...
modified: fuzz/fuzz_debuglink.c
Fix so that dwarf_gnu_debuglink() will not
dereference a NULL pointer.
modified: src/lib/libdwarf/dwarf_debuglink.c
Clarify the doxgen comments on dwarf_gnu_debuglink().
modified: src/lib/libdwarf/libdwarf.h
failing to use it at all. It is necessary on Windows
to read object files properly.
No change in logic at all.
modified: fuzz/fuzz_aranges.c
modified: fuzz/fuzz_crc.c
modified: fuzz/fuzz_crc_32.c
modified: fuzz/fuzz_debug_addr_access.c
modified: fuzz/fuzz_debug_str.c
modified: fuzz/fuzz_debuglink.c
modified: fuzz/fuzz_die_cu.c
modified: fuzz/fuzz_die_cu_attrs.c
modified: fuzz/fuzz_die_cu_attrs_loclist.c
modified: fuzz/fuzz_die_cu_info1.c
modified: fuzz/fuzz_die_cu_offset.c
modified: fuzz/fuzz_die_cu_print.c
modified: fuzz/fuzz_dnames.c
modified: fuzz/fuzz_gdbindex.c
modified: fuzz/fuzz_globals.c
modified: fuzz/fuzz_gnu_index.c
modified: fuzz/fuzz_init_b.c
modified: fuzz/fuzz_init_binary.c
modified: fuzz/fuzz_macro_dwarf4.c
modified: fuzz/fuzz_macro_dwarf5.c
modified: fuzz/fuzz_rng.c
modified: fuzz/fuzz_set_frame_all.c
modified: fuzz/fuzz_showsectgrp.c
modified: fuzz/fuzz_simplereader_tu.c
modified: fuzz/fuzz_srcfiles.c
modified: fuzz/fuzz_stack_frame_access.c
modified: fuzz/fuzz_str_offsets.c
modified: fuzz/fuzz_tie.c
modified: fuzz/fuzz_xuindex.c
Fixing the reporting of filenames so that even on msys2
the report is sensible (for msys2)
modified: src/bin/dwarfdump/dwarfdump.c
Tweak to make it work.
modified: src/lib/libdwarf/meson.build
Introducing the correct header ifdefs involving DWP_API
to match the concept in libdwarf.h
modified: src/lib/libdwarfp/libdwarfp.h
Because in the msys2 windows environment O_BINARY has a value already
(from system headers). So we avoid a poinless warning.
modified: fuzz/fuzz_aranges.c
modified: fuzz/fuzz_debug_str.c
modified: fuzz/fuzz_dnames.c
modified: fuzz/fuzz_gdbindex.c
modified: fuzz/fuzz_globals.c
modified: fuzz/fuzz_gnu_index.c
modified: fuzz/fuzz_init_b.c
modified: fuzz/fuzz_macro_dwarf4.c
modified: fuzz/fuzz_set_frame_all.c
modified: fuzz/fuzz_str_offsets.c
macro data and handling of macro import.
No logic change.
modified: doc/checkexamples.c
modified: fuzz/fuzz_macro_dwarf5.c
modified: src/bin/dwarfdump/print_macro.c
Changed by adding initializers of zero
to local variables not previously initialized.
modified: fuzz/fuzz_dnames.c
Added checks to dwarf_dnames_abbrevtable()
so required pointers are verified non-null before use.
Still never returns DW_DLV_ERROR. With required
input pointers missing it returns DW_DLV_NO_ENTRY.
modified: src/lib/libdwarf/dwarf_debugnames.c
dwarf_finish() to be called. ossfuzz 56462
And it was doing a local malloc and
failing to call free() on that local space
in some situations.
ossfuzz 58026
modified: fuzz/fuzz_set_frame_all.c
The test code as written here
gets an error from valgrind for calling libdwarf
with an uninitialized pointer. The fix is to
initialize the Dwarf_Die instance by adding = 0;
This was not a libdwarf bug (the original
fix actually fixed a libdwarf bug, and this
valgrind issue pointed out the need for the test case fix..
modified: bugxml/data.txt
modified: fuzz/fuzz_simplereader_tu.c
To avoid leaks the libdwarf calling program
MUST call dwarf_finish(). The code here
was failing to do that in a number of
error situations.
Now it just returns from functions on error
and lets main() call dwarf_finish(),
a call that has always been in main().
modified: fuzz/fuzz_set_frame_all.c
ending newline. That lead to annoying messages
when doing a diff of the program text output..
Now the printf has its newline.
modified: fuzz/fuzz_set_frame_all.c
An uninitialized local variable named 'die'
would crash the caller when passed to any
libdwarf function.
C code cannot check random pointers for
validity.
Fixed by initializing the variable to 0.
modified: fuzz/fuzz_die_cu_attrs_loclist.c
An local pointer initialized with
just 'stack trash' (so no proper
initializer) was passed to
libdwarf. That is a mistake in the test code.
C cannot determine if a non-null value is a legitimate
value as a pointer.
Not a library bug.
modified: fuzz/fuzz_dnames.c
can leak memory as in case of certain
errors found in corrupt dwarf it immiately
exit()s and does not call dwarf_finish().
Arranged that in case of some errors the
code prints the error name, not the error
number.
modified: fuzz/fuzz_set_frame_all.c
no initializer. function exampled().
While that may not have changed the output
it is extremely bad proctice.
And can easily lead to irreproducible results.
Now all initialized to zero. No other change.
modified: fuzz/fuzz_srcfiles.c
here is harmless as errp is null,
but whether a Dwarf_Error * is
null or not free() on it is never
appropriate, and if not-null
the free is very wrong.
modified: fuzz_die_cu_offset.c
modified: fuzz_die_cu_print.c
modified: fuzz_showsectgrp.c
kind of pushing the bounds here.
modified: bugxml/data.txt
oss fuzz 57335.
Added a comment, the call will fail as written.
But now there will be no library crash.
modified: fuzz/fuzz_die_cu_attrs.c
Added a new error, DW_DLE_INVALID_NULL_ARGUMENT(498)
modified: src/lib/libdwarf/dwarf_errmsg_list.h
Now returns DW_DLV_ERROR
if dw_return_bool is passed in as NULL.
modified: src/lib/libdwarf/dwarf_form.c
Added a new error, DW_DLE_INVALID_NULL_ARGUMENT(498)
Documented the dw_return_bool pointer
to dwarf_hasform() more completely.
modified: src/lib/libdwarf/libdwarf.h
left uninitialized. That violates
the requirements of the libdwarf API.
Now set to 0 at declaration.
modified: fuzz/fuzz_die_cu_attrs.c
modified: fuzz/fuzz_die_cu_offset.c
where errp is
Dwarf_Error *errp
as that is never necessary or appropriate.
Any leftover allocations made in libdwarf
and not 'dwarf_dealloc*' or documented
as user-must-free data returned via pointers
to the caller are
automatically freed by dwarf_finish()
unless there are libdwarf bugs.
modified: fuzz_die_cu.c
modified: fuzz_die_cu_attrs.c
modified: fuzz_die_cu_info1.c
modified: fuzz_die_cu_offset.c
modified: fuzz_die_cu_print.c
modified: fuzz_macro_dwarf5.c
modified: fuzz_showsectgrp.c
modified: fuzz_simplereader_tu.c
modified: fuzz_srcfiles.c
modified: fuzz_stack_frame_access.c
modified: fuzz_xuindex.c
new file: fuzz/fuzz_aranges.c
new file: fuzz/fuzz_crc.c
new file: fuzz/fuzz_crc_32.c
new file: fuzz/fuzz_debug_addr_access.c
new file: fuzz/fuzz_debug_str.c
new file: fuzz/fuzz_debuglink.c
new file: fuzz/fuzz_die_cu.c
new file: fuzz/fuzz_die_cu_attrs.c
new file: fuzz/fuzz_die_cu_attrs_loclist.c
new file: fuzz/fuzz_die_cu_info1.c
new file: fuzz/fuzz_die_cu_offset.c
new file: fuzz/fuzz_die_cu_print.c
new file: fuzz/fuzz_dnames.c
new file: fuzz/fuzz_findfuncbypc.c
new file: fuzz/fuzz_gdbindex.c
new file: fuzz/fuzz_globals.c
new file: fuzz/fuzz_gnu_index.c
new file: fuzz/fuzz_init_b.c
new file: fuzz/fuzz_init_binary.c
new file: fuzz/fuzz_init_path.c
new file: fuzz/fuzz_macro_dwarf4.c
new file: fuzz/fuzz_macro_dwarf5.c
new file: fuzz/fuzz_rng.c
new file: fuzz/fuzz_set_frame_all.c
new file: fuzz/fuzz_showsectgrp.c
new file: fuzz/fuzz_simplereader_tu.c
new file: fuzz/fuzz_srcfiles.c
new file: fuzz/fuzz_stack_frame_access.c
new file: fuzz/fuzz_str_offsets.c
new file: fuzz/fuzz_tie.c
new file: fuzz/fuzz_xuindex.c
