From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 3 Jul 2025 05:29:55 +0000 (+0900)
Subject: fuzz: avoid assertion for ExecContext.private_var_tmp triggered
X-Git-Tag: v258-rc1~197
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=34af1513d0d08a9c9b6cc98f1722b25579e96bad;p=thirdparty%2Fsystemd.git

fuzz: avoid assertion for ExecContext.private_var_tmp triggered

Follow-up for 6156bec7a464815084fa5218fe782ea6cb20ad52.

Fixes #38037 and oss-fuzz#429112745.
---

diff --git a/src/core/fuzz-execute-serialize.c b/src/core/fuzz-execute-serialize.c
index a0875dc35ab..8114a67eef2 100644
--- a/src/core/fuzz-execute-serialize.c
+++ b/src/core/fuzz-execute-serialize.c
@@ -45,10 +45,10 @@ static void exec_fuzz_one(FILE *f, FDSet *fdset) {
         };
 
         exec_context_init(&exec_context);
-        exec_context.private_var_tmp = PRIVATE_TMP_DISCONNECTED;
         cgroup_context_init(&cgroup_context);
 
         (void) exec_deserialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);
+        exec_context.private_var_tmp = PRIVATE_TMP_DISCONNECTED; /* The deserialization in the above may set an invalid value. */
         (void) exec_serialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);
         (void) exec_deserialize_invocation(f, fdset, &exec_context, &command, &params, &runtime, &cgroup_context);
 
diff --git a/test/fuzz/fuzz-execute-serialize/oss-fuzz-429112745 b/test/fuzz/fuzz-execute-serialize/oss-fuzz-429112745
new file mode 100644
index 00000000000..7940ad89497
Binary files /dev/null and b/test/fuzz/fuzz-execute-serialize/oss-fuzz-429112745 differ