[gentoo-commits] proj/pax-utils:master commit in: /

Fri, 09 Aug 2024 03:06:26 -0700 

commit:     dcd8f6a8a98c8af7e8749fe80478d42b2eeed37d
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 26 04:44:54 2024 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Aug  9 10:06:17 2024 +0000
URL:        https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=dcd8f6a8

fuzz-ar: fuzzer for the archive parsing API

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>
(cherry picked from commit 4bfa4576e7b64b16937f71094641ec0f39ee47c7)
Signed-off-by: Sam James <sam <AT> gentoo.org>

 fuzz-ar.c   | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 meson.build | 17 +++++++++++++++++
 2 files changed, 63 insertions(+)

diff --git a/fuzz-ar.c b/fuzz-ar.c
new file mode 100644
index 0000000..360194f
--- /dev/null
+++ b/fuzz-ar.c
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2024 Gentoo Foundation
+ * Distributed under the terms of the GNU General Public License v2
+ *
+ * Copyright 2024 Mike Frysinger  - <[email protected]>
+ */
+
+/* Fuzz the ar interface. */
+
+const char argv0[] = "fuzz-ar";
+
+#include "paxinc.h"
+
+static int fd;
+
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+       (void)argc;
+       (void)argv;
+
+       fd = memfd_create("fuzz-input.a", MFD_CLOEXEC);
+       if (fd == -1)
+               errp("memfd_create() failed");
+       return 0;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+       if (ftruncate(fd, size) != 0)
+               errp("ftruncate(%i, %zu) failed", fd, size);
+       if (pwrite(fd, data, size, 0) != (ssize_t)size)
+               errp("pwrite() failed");
+       if (lseek(fd, 0, SEEK_SET) != 0)
+               errp("lseek() failed");
+
+       int afd = dup(fd);
+       archive_handle *ar = ar_open_fd("fuzz-input.a", afd, 0);
+       if (ar == NULL) {
+               close(afd);
+               return 0;
+       }
+       while (ar_next(ar) != NULL)
+               continue;
+
+       return 0;
+}

diff --git a/meson.build b/meson.build
index 64fcc14..6de7a30 100644
--- a/meson.build
+++ b/meson.build
@@ -171,5 +171,22 @@ if do_tests and get_option('use_fuzzing')
         '-print_final_stats',
       ]
     )
+
+    fuzz_ar = executable('fuzz-ar',
+      common_src + ['fuzz-ar.c'],
+      override_options : [
+        'buildtype=debug',
+      ],
+      c_args : fuzz_flags,
+      link_args : fuzz_flags,
+      install : false
+    )
+    test('fuzz-ar', fuzz_ar,
+      args : [
+        '-close_fd_mask=3',
+        '-max_total_time=10',
+        '-print_final_stats=1',
+      ]
+    )
   endif
 endif

Reply via email to