Turns out the mmap protection get out of sync
between executor and C reproducers.
C reproducers missed PROT_EXEC.
Add PROT_EXEC for linux, freebsd and akaros.
pkg/ipc has this logic for executor binary as well.
Allows to run e.g. executor under strace as:
syz-execprog -executor "/bin/strace -o /tmp/log /bin/syz-executor" prog
On the current linux-next:
f19bb13a0eaf0034a603e3b54a7c3a50faf6821e (next-20200414)
EXT4_EOFBLOCKS_FL was removed by 4337ecd1fe997d2b2135b4434caaccdb47c10c06
ARM does not support KVM anymore, removed by 541ad0150ca4 ("arm: Remove 32bit KVM host support").
Fixes#1676
pkg/vcs/vcs.go:186:2: var `gitSshRepoRe` should be `gitSSHRepoRe`
gitSshRepoRe = regexp.MustCompile(`^(git|ssh|http|https|ftp|ftps)@[a-zA-Z0-9-_]+(\.[a-zA-Z0-9-_]+)+(:[a-zA-Z0-9-_]+)?(/[a-zA-Z0-9-_./]+)?(/)?$`)
^
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
The feature gets enabled when /dev/raw-gadget is present and accessible.
With this feature enabled, executor will do chmod 0666 /dev/raw-gadget on
startup, which makes it possible to do USB fuzzing in setuid and namespace
sandboxes. There should be no backwards compatibility issues with syz
reproducers that don't explicitly enable this feature, as they currently only
work in none sandbox.
We want to check if the original crash reproducer was generated is
reproduced. We need to generate syzkaller style crash report on
reproducer log and check if hash matches with the original hash.
This patch adds outdir flags to syz-symbolize and stores crashes found
from given log into it.
This is ugly but without this go test hangs with:
panic: Metadata fetch failed for 'instance/attributes/gae_backend_version':
Get http://metadata/computeMetadata/v1/instance/attributes/gae_backend_version:
dial tcp: lookup metadata on 127.0.0.1:53: no such host
It's unclear what's the proper fix for this.
It used to work for me for ridiculous reasons only:
somebody provided metadata host which returned errors,
but since nobody cares what's in the returned response
and no error checking whatsoever, it somehow did not crash...
Using Debian Stretch image in combination with android-5.4 kernel results
in eth0 being renamed to e.g. enp0s4 by virtio_net driver, which breaks
our startup scripts. Disable network interface renaming via a kernel
commandline argument.
The previous commit "pkg/report: handle cases when whole stack is questionable"
mishandles frames that start with [PC] prefix before " ? ".
Restore that part.
