commit 81e44c22573e86cdcca6e47a7e68b3c83d4855f1 Author: Nick Mathewson nickm@torproject.org Date: Wed Dec 14 10:05:41 2016 -0500
Add extrainfo fuzzer --- src/test/fuzz/dict/extrainfo | 32 +++++++++++++++++++++ src/test/fuzz/fuzz_extrainfo.c | 63 ++++++++++++++++++++++++++++++++++++++++++ src/test/fuzz/include.am | 9 ++++++ 3 files changed, 104 insertions(+)
diff --git a/src/test/fuzz/dict/extrainfo b/src/test/fuzz/dict/extrainfo new file mode 100644 index 0000000..eba7a1e --- /dev/null +++ b/src/test/fuzz/dict/extrainfo @@ -0,0 +1,32 @@ +"cell-circuits-per-decile" +"cell-processed-cells" +"cell-queued-cells" +"cell-stats-end" +"cell-time-in-queue" +"dirreq-stats-end" +"dirreq-v2-direct-dl" +"dirreq-v2-ips" +"dirreq-v2-reqs" +"dirreq-v2-resp" +"dirreq-v2-share" +"dirreq-v2-tunneled-dl" +"dirreq-v3-direct-dl" +"dirreq-v3-ips" +"dirreq-v3-reqs" +"dirreq-v3-resp" +"dirreq-v3-share" +"dirreq-v3-tunneled-dl" +"entry-ips" +"entry-stats-end" +"exit-kibibytes-read" +"exit-kibibytes-written" +"exit-stats-end" +"exit-streams-opened" +"extra-info" +"identity-ed25519" +"opt" +"published" +"read-history" +"router-sig-ed25519" +"router-signature" +"write-history" diff --git a/src/test/fuzz/fuzz_extrainfo.c b/src/test/fuzz/fuzz_extrainfo.c new file mode 100644 index 0000000..6bfc425 --- /dev/null +++ b/src/test/fuzz/fuzz_extrainfo.c @@ -0,0 +1,63 @@ +#define ROUTERPARSE_PRIVATE +#include "or.h" +#include "routerparse.h" +#include "routerlist.h" +#include "routerkeys.h" +#include "fuzzing.h" + +static void +mock_dump_desc__nodump(const char *desc, const char *type) +{ + (void)desc; + (void)type; +} + +static int +mock_router_produce_hash_final__nohash(char *digest, + const char *start, size_t len, + digest_algorithm_t alg) +{ + (void)start; + (void)len; + /* we could look at start[..] */ + if (alg == DIGEST_SHA1) + memset(digest, 0x01, 20); + else + memset(digest, 0x02, 32); + return 0; +} + +int +fuzz_init(void) +{ + disable_signature_checking(); + MOCK(dump_desc, mock_dump_desc__nodump); + MOCK(router_compute_hash_final, mock_router_produce_hash_final__nohash); + ed25519_init(); + return 0; +} + +int +fuzz_cleanup(void) +{ + return 0; +} + +int +fuzz_main(const uint8_t *data, size_t sz) +{ + extrainfo_t *ei; + const char *str = (const char*) data; + int again = 0; + ei = extrainfo_parse_entry_from_string((const char *)str, + str+sz, + 0, NULL, &again); + if (ei) { + log_debug(LD_GENERAL, "Parsing okay"); + extrainfo_free(ei); + } else { + log_debug(LD_GENERAL, "Parsing failed"); + } + return 0; +} + diff --git a/src/test/fuzz/include.am b/src/test/fuzz/include.am index 7948b20..7f41318 100644 --- a/src/test/fuzz/include.am +++ b/src/test/fuzz/include.am @@ -39,8 +39,17 @@ src_test_fuzz_fuzz_http_CFLAGS = $(FUZZING_CFLAGS) src_test_fuzz_fuzz_http_LDFLAGS = $(FUZZING_LDFLAG) src_test_fuzz_fuzz_http_LDADD = $(FUZZING_LIBS)
+src_test_fuzz_fuzz_extrainfo_SOURCES = \ + src/test/fuzz/fuzzing_common.c \ + src/test/fuzz/fuzz_extrainfo.c +src_test_fuzz_fuzz_extrainfo_CPPFLAGS = $(FUZZING_CPPFLAGS) +src_test_fuzz_fuzz_extrainfo_CFLAGS = $(FUZZING_CFLAGS) +src_test_fuzz_fuzz_extrainfo_LDFLAGS = $(FUZZING_LDFLAG) +src_test_fuzz_fuzz_extrainfo_LDADD = $(FUZZING_LIBS) + FUZZERS = \ src/test/fuzz/fuzz-descriptor \ + src/test/fuzz/fuzz-extrainfo \ src/test/fuzz/fuzz-http
# The fuzzers aren't built by default right now. That should change.