syzkaller

mirror of https://github.com/reactos/syzkaller.git synced 2024-11-30 23:00:29 +00:00

Author	SHA1	Message	Date
Dmitry Vyukov	94b38efc1d	sys: allow to specify number of pages for vma type Allows to write vma[4] or vma[5-10] to specify desired number of pages.	2017-01-09 20:20:48 +01:00
Dmitry Vyukov	b5aa8b4506	prog: test that Deserialize does not return nil prog That happened when parser did not check scanning errors and a program contains too long line.	2017-01-09 20:19:44 +01:00
Dmitry Vyukov	0913359f79	prog: increase line length limit when deserializing programs bufio.Scanner has a default limit of 4K per line, if a program contains longer line, it fails. Extend the limit to 64K. Also check scanning errors. Turns out even scanning of bytes.Buffer can fail due to the line limit.	2017-01-09 20:19:44 +01:00
Andrey Konovalov	df98b6bde5	prog: add bytesizeN types	2016-12-20 18:12:07 +01:00
Andrey Konovalov	55e1e51c1c	prog: remove unused inport() and inaddr()	2016-11-29 17:46:02 +01:00
Andrey Konovalov	2429a7b034	sys: move sockaddr description to templates	2016-11-29 16:39:02 +01:00
Andrey Konovalov	86917cc3a7	sys: move in_addr description to templates	2016-11-29 16:39:02 +01:00
Dmitry Vyukov	5d94283455	ipc, prog, sysgen: format code	2016-11-25 20:17:32 +01:00
Andrey Konovalov	253a40f30d	sys: add proc type to denote per proccess integers	2016-11-25 17:51:41 +01:00
Andrey Konovalov	fa9c44b568	prog: minimize based on individual args	2016-11-25 17:22:42 +01:00
Andrey Konovalov	1107daa8e7	Merge pull request #90 from xairy/combine-progs Combine progs from corpus	2016-11-25 09:59:30 +01:00
Andrey Konovalov	a5df734b8d	fuzzer: combine progs from corpus	2016-11-25 09:58:17 +01:00
Dmitry Vyukov	4de5c7eb20	prog: fix pointer direction validation Currently the added test description leads to crashes: --- FAIL: TestMinimizeRandom (0.12s) prog_test.go:20: seed=1480014002950172453 panic: syscall syz_test$regression0: pointer arg 'f0' has output direction [recovered] panic: syscall syz_test$regression0: pointer arg 'f0' has output direction The description is OK. Fix that.	2016-11-24 20:20:05 +01:00
Andrey Konovalov	557cc42a1f	prog: better validate arg data	2016-11-22 16:06:45 +01:00
Andrey Konovalov	c1c3a73cd9	prog: fix checks for max and min len when mutating a bin blob	2016-11-22 15:56:24 +01:00
Dmitry Vyukov	578ee4fa8d	prog: sanitize mknodat the same way as mknod	2016-11-18 10:24:13 +01:00
Dmitry Vyukov	cd74cc9cf4	syz-hub: add program syz-hub is used to exchange programs between syz-managers.	2016-11-17 18:38:10 +01:00
Dmitry Vyukov	07cfd16167	prog: fix validation of len arguments We generate output len arguments, so don't crash on that.	2016-11-12 12:00:38 -08:00
Dmitry Vyukov	3a65453870	sys: allow to specify buffer size for strings This allows to write: string[salg_type, 14] which will give a string buffer of size 14 regardless of actual string size. Convert salg_type/salg_name to this.	2016-11-11 14:34:41 -08:00
Dmitry Vyukov	588a542b2a	sys: add string flags Allow to define string flags in txt descriptions. E.g.: filesystem = "ext2", "ext3", "ext4" and then use it in string type: ptr[in, string[filesystem]]	2016-11-11 14:33:37 -08:00
Dmitry Vyukov	f085c198ba	sys: replace FileoffType with IntType{Kind: IntFileoff} FileoffType is effectively an int, no need for a separate type. Also remove fd option from fileoff as it is unused and use story is unclear.	2016-11-11 14:32:38 -08:00
Dmitry Vyukov	8b731ed4b7	sys: replace FilenameType with BufferType{Kind: BufferFilename} FilenameType is effectively a buffer, there is no need for a separate type.	2016-11-11 14:32:19 -08:00
Dmitry Vyukov	b40d502736	prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well.	2016-11-11 14:31:55 -08:00
Dmitry Vyukov	1838728cc1	prog: simplify assignSizes Now that we always have types attached to args, assignSizes can be considerably simplified.	2016-11-11 14:30:20 -08:00
Dmitry Vyukov	1a85811d68	prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes.	2016-11-11 14:29:52 -08:00
Dmitry Vyukov	d3a93e8370	sys: attach Dir to all types Dir is a static info, so we don't need to compute, propagate and attach it in prog whenever we generate/change programs. Attach Dir to all types.	2016-11-11 14:27:54 -08:00
Dmitry Vyukov	959ec07095	sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings.	2016-11-11 14:25:13 -08:00
Dmitry Vyukov	be566e352b	prog: go fmt	2016-10-16 08:15:24 +02:00
Andrey Konovalov	e4edb0e20b	Add tests for big-endian ints	2016-10-13 15:38:58 +02:00
Andrey Konovalov	7686d19aff	Add big-endian ints	2016-10-13 15:38:53 +02:00
Andrey Konovalov	55cd443931	Fix validate, detect nil non-optional pointer	2016-10-11 20:54:28 +02:00
Andrey Konovalov	d7ba1b8f86	Add assign len fields tests	2016-10-11 20:09:25 +02:00
Andrey Konovalov	78f79fee93	Refactor & improve len type handling	2016-10-11 20:09:19 +02:00
Dmitry Vyukov	afb08bdd3c	prog: fix serialized program in a test Also test at least deserialization of these programs in short mode.	2016-10-07 13:43:43 +02:00
Andrey Konovalov	f2d77726c8	Add exec serialize tests for array[int8]	2016-10-04 18:50:02 +02:00
Andrey Konovalov	c99cbdbe58	Emit BufferBlob for array[int8]	2016-10-04 18:49:57 +02:00
Dmitry Vyukov	3ca39dfc4d	sys: add padding to structs again Struct padding was accidentially lost after: `852e3d2eae` Restore it. Now with tests. Fixes #78	2016-09-29 13:30:08 +02:00
Dmitry Vyukov	bf21057e7c	prog: add a test for union layout This is a retrospect tests for the union bug fixed in: `91eb1b922f`	2016-09-29 12:21:26 +02:00
Dmitry Vyukov	11a690d275	sys, prog: add tests for description parsing and serialization Add sys/test.txt file with description of syscalls for tests. These descriptions can be used to ensure that we can parse everything we clain we can parse. Use these descriptions to write several tests for exec serialization (one test shows that alignment handling is currently incorrect). These test descriptions can also be used to write e.g. mutation tests. Update #78	2016-09-28 20:06:42 +02:00
Dmitry Vyukov	8904ff96b5	prog: add a simple test for exec encoding	2016-09-24 11:46:43 +02:00
Dmitry Vyukov	8f1cbd29ba	Merge pull request #71 from xairy/blob_mutation Better blob mutation	2016-09-19 19:43:53 +02:00
Dmitry Vyukov	d18f8aa366	Merge pull request #73 from xairy/ranged_arrays Allow range sized arrays	2016-09-19 19:42:00 +02:00
Andrey Konovalov	36d9371a19	prog: return struct size when generating args	2016-09-19 16:33:32 +02:00
Andrey Konovalov	91eb1b922f	prog: skip union when calculating field offset	2016-09-19 16:27:40 +02:00
Andrey Konovalov	f41935d53f	Allow range sized arrays	2016-09-19 16:16:24 +02:00
Andrey Konovalov	705a657fbe	Better blob mutation	2016-09-19 15:55:28 +02:00
Dmitry Vyukov	77f435b4f7	prog: more checks during program validation	2016-09-05 12:49:47 +02:00
Dmitry Vyukov	852e3d2eae	sys: support recursive structs A struct can have a pointer to itself directly or indirectly. Currently it leads to inifinite recursion when generating descriptions. Fix this.	2016-09-05 12:49:47 +02:00
Dmitry Vyukov	27b03f4ba3	prog: generate shifted integers with some probability Useful for bitfield-like integers.	2016-09-01 17:17:37 +02:00
Dmitry Vyukov	7690667267	sys: specify resources in text descriptions Currently to add a new resource one needs to modify multiple source files, which complicates descirption of new system calls. Move resource descriptions from source code to text desciptions.	2016-08-27 18:27:50 +02:00

1 2 3

116 Commits