Description
Security issue notifications
If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
Currently, it is very difficult to tell what the root cause is when fuzz tests fail due to incorrect LD_PRELOAD setup. For example, s2n_memory_leak_negative_test fails with the following message when overriding functions are not correctly linked to libs2n:
...
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 1058415475
INFO: Loaded 3 modules (163253 inline 8-bit counters): 155976 [0x7822ed06e9c0, 0x7822ed094b08), 6940 [0x7822ed789680, 0x7822ed78b19c), 337 [0x6045bd149d38, 0x6045bd149e89),
INFO: Loaded 3 PC tables (163253 PCs): 155976 [0x7822ed094b08,0x7822ed2f5f88), 6940 [0x7822ed78b1a0,0x7822ed7a6360), 337 [0x6045bd149e90,0x6045bd14b3a0),
INFO: 2 files found in /tmp/tmp.GuqZgmcnTn
INFO: seed corpus: files: 2 min: 4096b max: 4096b total: 8192b rss: 67Mb
#4 pulse cov: 3155 ft: 3290 corp: 1/4096b exec/s: 2 rss: 141Mb
#4 INITED cov: 3180 ft: 3290 corp: 2/8192b exec/s: 2 rss: 141Mb
#5 NEW cov: 3180 ft: 3348 corp: 3/12288b lim: 4096 exec/s: 2 rss: 164Mb L: 4096/4096 MS: 1 ChangeBit-
#6 NEW cov: 3180 ft: 3371 corp: 4/16Kb lim: 4096 exec/s: 2 rss: 186Mb L: 4096/4096 MS: 1 ChangeASCIIInt-
#8 pulse cov: 3180 ft: 3397 corp: 5/20Kb lim: 4096 exec/s: 2 rss: 231Mb
#16 pulse cov: 3180 ft: 3500 corp: 10/38Kb lim: 4096 exec/s: 1 rss: 407Mb
#32 pulse cov: 3180 ft: 3568 corp: 19/73Kb lim: 4096 exec/s: 1 rss: 561Mb
#34 RELOAD cov: 3180 ft: 3633 corp: 21/81Kb lim: 4096 exec/s: 1 rss: 562Mb
#34 DONE cov: 3180 ft: 3633 corp: 21/81Kb lim: 4096 exec/s: 1 rss: 562Mb
Done 34 runs in 19 second(s)
stat::number_of_executed_units: 34
stat::average_exec_per_sec: 1
stat::new_units_added: 2
stat::slowest_unit_time_sec: 0
stat::peak_rss_mb: 562
FAILED 440 tests, 44 test/sec, 3696 features covered
0% tests passed, 1 tests failed out of 1
Label Time Summary:
fuzz = 21.97 sec*proc (1 test)
Total Test time (real) = 21.98 sec
The following tests FAILED:
292 - s2n_memory_leak_negative_test (Failed)
Errors while running CTest
gmake: *** [Makefile:71: test] Error 8
This makes debugging much harder. There should be an obvious indication when function overrides are not linked properly.
Solution:
Write a new fuzz test whose only role is to check function overrides are linked properly. This test should pass if functions are overridden correctly, and fail with a clear message to indicate something is wrong with function overrides, if not overridden correctly.
Requirements / Acceptance Criteria:
Test duration should be minimal to avoid increasing too much overhead for fuzz tests