From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 16 Feb 2021 13:27:26 +0000 (+0100)
Subject: fuzz-systemctl-parse-argv: call static destuctors
X-Git-Tag: v248-rc1~99^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=425ac7a253321b8e8d1b0a0f7a173892a3abc385;p=thirdparty%2Fsystemd.git

fuzz-systemctl-parse-argv: call static destuctors

With all the preparatory work in previous PRs, we can now call static destructors
repeatedly without issue. We need to do it here so that global variables allocated
during parsing are properly freed.
---

diff --git a/src/systemctl/fuzz-systemctl-parse-argv.c b/src/systemctl/fuzz-systemctl-parse-argv.c
index cf66fa4bb7b..31269863c1e 100644
--- a/src/systemctl/fuzz-systemctl-parse-argv.c
+++ b/src/systemctl/fuzz-systemctl-parse-argv.c
@@ -6,6 +6,8 @@
 #include "env-util.h"
 #include "fd-util.h"
 #include "fuzz.h"
+#include "selinux-util.h"
+#include "static-destruct.h"
 #include "stdio-util.h"
 #include "strv.h"
 #include "systemctl.h"
@@ -57,5 +59,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
 
         release_busses(); /* We open the bus for communication with logind.
                            * It needs to be closed to avoid apparent leaks. */
+
+        mac_selinux_finish();
+
+        /* Call static destructors to do global state cleanup. We do it here, and not in fuzz-main.c so that
+         * any global state is destoyed between fuzzer runs. */
+        static_destruct();
+
         return 0;
 }
diff --git a/test/fuzz/fuzz-systemctl-parse-argv/missing-strv-free.input b/test/fuzz/fuzz-systemctl-parse-argv/missing-strv-free.input
new file mode 100644
index 00000000000..5600f4fd008
Binary files /dev/null and b/test/fuzz/fuzz-systemctl-parse-argv/missing-strv-free.input differ