From: Evgeny Vereshchagin Date: Wed, 2 Feb 2022 08:30:19 +0000 (+0000) Subject: dhcp-identifier: always use a fixed machine-id while fuzzing X-Git-Tag: v251-rc1~374 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9216fddc5a8ac2742e6cfa7660f95c20ca4f2193;p=thirdparty%2Fsystemd.git dhcp-identifier: always use a fixed machine-id while fuzzing It's a follow-up to https://github.com/systemd/systemd/pull/10200 where that fuzzer was introduced. At the time it was run regularly on machines where machine-id wasn't present so it was kind of reproducible. Now it's run on CIFuzz and CFLite using GHActions with the public OSS-Fuzz corpora (based on that particular machine-id) so to fully utilize those corpora it's necessary to use it always. Other than that it makes it possible for fuzzers targeting outgoing packets based on incoming packets like https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1795921 to get past client_parse_message on my machine :-) --- diff --git a/src/libsystemd-network/dhcp-identifier.c b/src/libsystemd-network/dhcp-identifier.c index 3ea6c7ce24f..4f02022cd36 100644 --- a/src/libsystemd-network/dhcp-identifier.c +++ b/src/libsystemd-network/dhcp-identifier.c @@ -110,19 +110,17 @@ int dhcp_identifier_set_duid_ll(struct duid *duid, const uint8_t *addr, size_t a int dhcp_identifier_set_duid_en(struct duid *duid, size_t *len) { sd_id128_t machine_id; uint64_t hash; - int r; assert(duid); assert(len); - r = sd_id128_get_machine(&machine_id); - if (r < 0) { -#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - machine_id = SD_ID128_MAKE(01, 02, 03, 04, 05, 06, 07, 08, 09, 0a, 0b, 0c, 0d, 0e, 0f, 10); -#else +#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION + int r = sd_id128_get_machine(&machine_id); + if (r < 0) return r; +#else + machine_id = SD_ID128_MAKE(01, 02, 03, 04, 05, 06, 07, 08, 09, 0a, 0b, 0c, 0d, 0e, 0f, 10); #endif - } unaligned_write_be16(&duid->type, DUID_TYPE_EN); unaligned_write_be32(&duid->en.pen, SYSTEMD_PEN);