Commit graph

5 commits

Author SHA1 Message Date
Miklos Vajna
eeb4d53a1e admin_fuzzer: fix too large param to mem stats size setter
Change-Id: I30dfa5cd917769e05cfdd4fad2a0e5ee8cc79dfb
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92568
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-04-20 15:44:21 +02:00
Miklos Vajna
72cfcf7f3e admin_fuzzer: fix too large param to cpu_stats_size setter
Don't pop an empty container, also use stol() so it does not throw
std::out_of_range.

Change-Id: Id81cb00ccfb0ecc234b8f6fa89edf5a0d8c6d353
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92524
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-04-20 11:18:05 +02:00
Miklos Vajna
946fa38a22 admin console: fix handling of out of range kill parameter
Catch that, similar to when handling an invalid argument.

Change-Id: I7405355f0b962673069dbd33dbab8c9e3042c4bf
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91794
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-04-07 09:35:54 +02:00
Miklos Vajna
fc88a872c2 admin console: log when JWTAuth::verify() doesn't have enough tokens
This is no longer a huge problem, but it's still a good idea to return
early in that case.

Found with the recently added admin_fuzzer, when I locally disabled the
StringVector safety checks for test purposes.

(If you view the diff with -U30, then you see that we access tokens[2]
later, so if size is < 3, we should give up.)

Change-Id: I46fc531fb042cc1485a17a9e994ad37e9ff0cd80
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91587
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-04-03 09:18:18 +02:00
Miklos Vajna
a4e0a00bfe Add an initial libfuzzer based fuzzer for the admin console
Run the actual fuzzer like this:

./admin_fuzzer -max_len=16384 fuzzer/admin-data/

Change-Id: I5891df8033ff1837afce86775ee62447587f2f20
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91504
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-04-02 12:11:24 +02:00