Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Revert "[SystemSan] Add feature for opting out." (#9386) 

Reverts google/oss-fuzz#9221.

Nothing was setting this yet.
This commit is contained in:
Oliver Chang 2023-01-10 13:09:39 +11:00 committed by GitHub
parent 51481b2c58
commit a366b1c90b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 0 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
infra/experimental/SystemSan/SystemSan.cpp
View File

@ -178,11 +178,6 @@ std::string read_string(pid_t pid, unsigned long reg, unsigned long length) {
void inspect_for_injection(pid_t pid, const user_regs_struct &regs) {
// Inspect a PID's registers for the sign of shell injection.
static bool is_enabled = check_enabled("shell_injection");
if (not is_enabled)
return;
std::string path = read_string(pid, regs.rdi, kTripWire.length());
if (!path.length()) {
return;
@ -276,11 +271,6 @@ void match_error_pattern(std::string buffer, std::string shell, pid_t pid) {
void inspect_for_corruption(pid_t pid, const user_regs_struct &regs) {
// Inspect a PID's registers for shell corruption.
static bool is_enabled = check_enabled("shell_corruption");
if (not is_enabled)
return;
std::string buffer = read_string(pid, regs.rsi, regs.rdx);
debug_log("Write buffer: %s\n", buffer.c_str());
match_error_pattern(buffer, g_shell_pids[pid], pid);
@ -316,11 +306,6 @@ bool has_unprintable(const std::string &value) {
void inspect_for_arbitrary_file_open(pid_t pid, const user_regs_struct &regs) {
// Inspect a PID's register for the sign of arbitrary file open.
static bool is_enabled = check_enabled("arbitrary_file_open");
if (not is_enabled)
return;
std::string path = read_string(pid, regs.rsi, kRootDirMaxLength);
if (!path.length()) {
return;
@ -362,10 +347,6 @@ void report_bug_in_process(std::string bug_type, pid_t pid) {
void inspect_for_evil_link(pid_t pid, const user_regs_struct &regs) {
(void) regs;
static bool is_enabled = check_enabled("malicious_symlink_following");
if (not is_enabled)
return;
std::string contents = read_evil_link_bombfile();
if ((contents.compare(kEvilLinkBombfileContents)) != 0) {
@ -374,10 +355,6 @@ void inspect_for_evil_link(pid_t pid, const user_regs_struct &regs) {
}
void evil_openat_hook(pid_t pid, const user_regs_struct &regs) {
static bool is_enabled = check_enabled("malicious_symlink_following");
if (not is_enabled)
return;
std::string path = read_string(pid, regs.rsi, kPathMax);
if (!path.length()) {
return;

4
infra/experimental/SystemSan/inspect_dns.cpp
View File

@ -38,10 +38,6 @@ const size_t kDnsHeaderLen = 12;
void inspect_for_arbitrary_dns_connect(pid_t pid, const user_regs_struct &regs) {
static bool is_enabled = check_enabled("arbitrary_dns_resolution");
if (not is_enabled)
return;
auto memory = read_memory(pid, regs.rsi, sizeof(struct sockaddr_in));
if (memory.size()) {
struct sockaddr_in * sa = reinterpret_cast<struct sockaddr_in *>(memory.data());

13
infra/experimental/SystemSan/inspect_utils.cpp
View File

@ -51,19 +51,6 @@ std::vector<std::byte> read_memory(pid_t pid, unsigned long long address,
return memory;
}
bool check_enabled(std::string feature) {
for (auto & ch: feature)
ch = toupper(ch);
std::string env_var = "SYSTEMSAN_" + feature;
const char* value_charstr = getenv(env_var.c_str());
std::string no = "0";
if (!value_charstr)
value_charstr = no.c_str();
int value = atoi(value_charstr);
return static_cast<bool>(value);
}
void report_bug(std::string bug_type, pid_t tid) {
// Report the bug found based on the bug code.
std::cerr << "===BUG DETECTED: " << bug_type << "===" << std::endl;

1
infra/experimental/SystemSan/inspect_utils.h
View File

@ -37,4 +37,3 @@ std::vector<std::byte> read_memory(pid_t pid, unsigned long long address,
size_t size);
void report_bug(std::string bug_type, pid_t tid);
bool check_enabled(std::string feature);