android_system_core

ACPR/android_system_core

Fork 0

Commit graph

Author	SHA1	Message	Date
Christopher Ferris	c9b6e084a3	Do not create a map with start == end. This is not possible in the real world, so prevent this particular case to avoid leaking memory and any other issues. Bug: 165619316 Test: Verified the fuzzer test case that caused a leak no longer leaks. Change-Id: I352b3bd21a4931432e015af89c256ddbcdaa1070	2020-09-01 12:36:26 -07:00
Christopher Ferris	63525c8d6c	Fix fuzzer so it doesn't add overlapping maps. The fuzzer was creating individual maps that overlapped with other maps. Since this is not possible in the real world unless the kernel is broken, do not let the fuzzer do this. This resulted in memory leaks, because some parts of the code have this assumption baked in. Bug: 160895854 Test: Ran fuzzer test case that leaked memory and verified it no longer does. Change-Id: I9f3c1e28781093b041b747e1566fb51d40d2bf71	2020-08-04 16:08:12 -07:00
Dylan Katz	b62e324406	Added fuzzer for Unwinder Adds a fuzzer for Unwinder. This will likely cover a large portion of the library, as it uses many of the library's features in the process of setting up the Unwinder. Hopefully this, combined with the calls Unwinder makes internally, will provide sufficient coverage. Rough coverage estimate (this is drastically lower than the true number due to shared libraries): 6.6% Test: Ran on device for a few hours Signed-off-by: Dylan Katz <dylan.katz@leviathansecurity.com> Change-Id: I813e204df595ff38dccfb73be7fff5c080aaa043	2020-07-01 16:02:29 -07:00

Author

SHA1

Message

Date

Christopher Ferris

c9b6e084a3

Do not create a map with start == end.

This is not possible in the real world, so prevent this particular case
to avoid leaking memory and any other issues.

Bug: 165619316

Test: Verified the fuzzer test case that caused a leak no longer leaks.
Change-Id: I352b3bd21a4931432e015af89c256ddbcdaa1070

2020-09-01 12:36:26 -07:00

Christopher Ferris

63525c8d6c

Fix fuzzer so it doesn't add overlapping maps.

The fuzzer was creating individual maps that overlapped with other maps.
Since this is not possible in the real world unless the kernel is broken,
do not let the fuzzer do this. This resulted in memory leaks, because some
parts of the code have this assumption baked in.

Bug: 160895854

Test: Ran fuzzer test case that leaked memory and verified it no longer does.
Change-Id: I9f3c1e28781093b041b747e1566fb51d40d2bf71

2020-08-04 16:08:12 -07:00

Dylan Katz

b62e324406

Added fuzzer for Unwinder

Adds a fuzzer for Unwinder. This will likely cover a large portion of the library, as it uses many of the library's features
in the process of setting up the Unwinder. Hopefully this, combined with the calls Unwinder makes internally, will provide
sufficient coverage.

Rough coverage estimate (this is drastically lower than the true number due to shared libraries): 6.6%

Test: Ran on device for a few hours
Signed-off-by: Dylan Katz <dylan.katz@leviathansecurity.com>
Change-Id: I813e204df595ff38dccfb73be7fff5c080aaa043

2020-07-01 16:02:29 -07:00

3 commits