mirror of
https://github.com/fergalmoran/ladybird.git
synced 2026-02-15 20:24:46 +00:00
00f658b984
If a buffer smaller than Elf32_Ehdr was passed to Image, header() would do an out-of-bounds read. Make parse() check for that. Make most Image methods assert that the image is_valid(). For that to work, set m_valid early in Image::parse() instead of only at its end. Also reorder a few things so that the fuzzer doesn't hit (valid) assertions, which were harmless from a security PoV but which still allowed userspace to crash the kernel with an invalid ELF file. Make dbgprintf()s configurable at run time so that the fuzzer doesn't produce lots of logspam.
Lagom
The Serenity C++ library, for other Operating Systems.
About
If you want to bring the comfortable Serenity classes with you to another system, look no further. This is basically a "port" of the AK and LibCore libraries to generic *nix systems.
Lagom is a Swedish word that means "just the right amount." (Wikipedia)
Fuzzing
Lagom can be used to fuzz parts of SerenityOS's code base. This requires buildling with clang, so it's convenient to use a different build directory for that. Run CMake like so:
# From the root of the SerenityOS checkout:
mkdir BuildLagom && cd BuildLagom
cmake -GNinja -DBUILD_LAGOM=ON -DENABLE_FUZZER_SANITIZER=ON -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ ..
ninja FuzzJs && Meta/Lagom/Fuzzers/FuzzJs
clang emits different warnings than gcc, so you'll likely have to remove -Werror in CMakeLists.txt and Meta/Lagom/CMakeLIsts.txt.