From 19fcec84d8d7d21e796c7624e521b60d28ee21ed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 20:45:59 +0200 Subject: Adding upstream version 16.2.11+ds. Signed-off-by: Daniel Baumann --- src/c-ares/test/ares-fuzz.c | 58 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 src/c-ares/test/ares-fuzz.c (limited to 'src/c-ares/test/ares-fuzz.c') diff --git a/src/c-ares/test/ares-fuzz.c b/src/c-ares/test/ares-fuzz.c new file mode 100644 index 000000000..92761286b --- /dev/null +++ b/src/c-ares/test/ares-fuzz.c @@ -0,0 +1,58 @@ +/* + * General driver to allow command-line fuzzer (i.e. afl) to + * exercise the libFuzzer entrypoint. + */ + +#include +#include +#include +#include +#include +#include + +#define kMaxAflInputSize (1 << 20) +static unsigned char afl_buffer[kMaxAflInputSize]; + +#ifdef __AFL_LOOP +/* If we are built with afl-clang-fast, use persistent mode */ +#define KEEP_FUZZING(count) __AFL_LOOP(1000) +#else +/* If we are built with afl-clang, execute each input once */ +#define KEEP_FUZZING(count) ((count) < 1) +#endif + +/* In ares-test-fuzz.c: */ +int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size); + +static void ProcessFile(int fd) { + ssize_t count = read(fd, afl_buffer, kMaxAflInputSize); + /* + * Make a copy of the data so that it's not part of a larger + * buffer (where buffer overflows would go unnoticed). + */ + unsigned char *copied_data = (unsigned char *)malloc(count); + LLVMFuzzerTestOneInput(copied_data, count); + free(copied_data); +} + +int main(int argc, char *argv[]) { + if (argc == 1) { + int count = 0; + while (KEEP_FUZZING(count)) { + ProcessFile(fileno(stdin)); + count++; + } + } else { + int ii; + for (ii = 1; ii < argc; ++ii) { + int fd = open(argv[ii], O_RDONLY); + if (fd < 0) { + fprintf(stderr, "Failed to open '%s'\n", argv[ii]); + continue; + } + ProcessFile(fd); + close(fd); + } + } + return 0; +} -- cgit v1.2.3