summaryrefslogtreecommitdiffstats
path: root/fuzzers/midx_fuzzer.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 12:47:08 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 12:47:08 +0000
commit29b5ab554790bb57337a3b6ab9dcd963cf69d22e (patch)
treebe1456d2bc6c1fb078695fad7bc8f6b212062d3c /fuzzers/midx_fuzzer.c
parentInitial commit. (diff)
downloadlibgit2-29b5ab554790bb57337a3b6ab9dcd963cf69d22e.tar.xz
libgit2-29b5ab554790bb57337a3b6ab9dcd963cf69d22e.zip
Adding upstream version 1.7.2+ds.upstream/1.7.2+ds
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'fuzzers/midx_fuzzer.c')
-rw-r--r--fuzzers/midx_fuzzer.c80
1 files changed, 80 insertions, 0 deletions
diff --git a/fuzzers/midx_fuzzer.c b/fuzzers/midx_fuzzer.c
new file mode 100644
index 0000000..21fb903
--- /dev/null
+++ b/fuzzers/midx_fuzzer.c
@@ -0,0 +1,80 @@
+/*
+ * libgit2 multi-pack-index fuzzer target.
+ *
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+
+#include <stdio.h>
+
+#include "git2.h"
+
+#include "common.h"
+#include "futils.h"
+#include "hash.h"
+#include "midx.h"
+
+#include "standalone_driver.h"
+
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+ GIT_UNUSED(argc);
+ GIT_UNUSED(argv);
+
+ if (git_libgit2_init() < 0) {
+ fprintf(stderr, "Failed to initialize libgit2\n");
+ abort();
+ }
+ return 0;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+ git_midx_file idx = {{0}};
+ git_midx_entry e;
+ git_str midx_buf = GIT_STR_INIT;
+ unsigned char hash[GIT_HASH_SHA1_SIZE];
+ git_oid oid = GIT_OID_NONE;
+ bool append_hash = false;
+
+ if (size < 4)
+ return 0;
+
+ /*
+ * If the first byte in the stream has the high bit set, append the
+ * SHA1 hash so that the packfile is somewhat valid.
+ */
+ append_hash = *data & 0x80;
+ /* Keep a 4-byte alignment to avoid unaligned accesses. */
+ data += 4;
+ size -= 4;
+
+ if (append_hash) {
+ if (git_str_init(&midx_buf, size + GIT_HASH_SHA1_SIZE) < 0)
+ goto cleanup;
+ if (git_hash_buf(hash, data, size, GIT_HASH_ALGORITHM_SHA1) < 0) {
+ fprintf(stderr, "Failed to compute the SHA1 hash\n");
+ abort();
+ }
+ memcpy(midx_buf.ptr, data, size);
+ memcpy(midx_buf.ptr + size, hash, GIT_HASH_SHA1_SIZE);
+
+ memcpy(oid.id, hash, GIT_OID_SHA1_SIZE);
+ } else {
+ git_str_attach_notowned(&midx_buf, (char *)data, size);
+ }
+
+ if (git_midx_parse(&idx, (const unsigned char *)git_str_cstr(&midx_buf), git_str_len(&midx_buf)) < 0)
+ goto cleanup;
+
+ /* Search for any oid, just to exercise that codepath. */
+ if (git_midx_entry_find(&e, &idx, &oid, GIT_OID_SHA1_HEXSIZE) < 0)
+ goto cleanup;
+
+cleanup:
+ git_midx_close(&idx);
+ git_str_dispose(&midx_buf);
+ return 0;
+}