summaryrefslogtreecommitdiffstats
path: root/lib/fuzzstub
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--lib/fuzzstub/Makefile.in176
-rw-r--r--lib/fuzzstub/fuzzstub.c133
2 files changed, 309 insertions, 0 deletions
diff --git a/lib/fuzzstub/Makefile.in b/lib/fuzzstub/Makefile.in
new file mode 100644
index 0000000..8c472b5
--- /dev/null
+++ b/lib/fuzzstub/Makefile.in
@@ -0,0 +1,176 @@
+#
+# SPDX-License-Identifier: ISC
+#
+# Copyright (c) 2021 Todd C. Miller <Todd.Miller@sudo.ws>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+# @configure_input@
+#
+
+#### Start of system configuration section. ####
+
+srcdir = @srcdir@
+abs_srcdir = @abs_srcdir@
+top_srcdir = @top_srcdir@
+abs_top_srcdir = @abs_top_srcdir@
+top_builddir = @top_builddir@
+abs_top_builddir = @abs_top_builddir@
+devdir = @devdir@
+scriptdir = $(top_srcdir)/scripts
+incdir = $(top_srcdir)/include
+
+# Compiler & tools to use
+CC = @CC@
+LIBTOOL = @LIBTOOL@
+
+# C preprocessor flags
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(srcdir) -I$(top_srcdir) @CPPFLAGS@
+
+# Usually -O and/or -g
+CFLAGS = @CFLAGS@
+
+# Flags to pass to the link stage
+LDFLAGS = @LDFLAGS@
+
+# Flags to pass to libtool
+LTFLAGS = @LT_STATIC@
+
+# Libraries
+LT_LIBS =
+LIBS = $(LT_LIBS)
+
+# Address sanitizer flags
+ASAN_CFLAGS = @ASAN_CFLAGS@
+ASAN_LDFLAGS = @ASAN_LDFLAGS@
+
+# PIE flags
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+
+# Stack smashing protection flags
+HARDENING_CFLAGS = @HARDENING_CFLAGS@
+HARDENING_LDFLAGS = @HARDENING_LDFLAGS@
+
+# cppcheck options, usually set in the top-level Makefile
+CPPCHECK_OPTS = -q --enable=warning,performance,portability --suppress=constStatement --suppress=compareBoolExpressionWithInt --error-exitcode=1 --inline-suppr -Dva_copy=va_copy -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX -U__NBBY -DNSIG=64
+
+# splint options, usually set in the top-level Makefile
+SPLINT_OPTS = -D__restrict= -checks
+
+# PVS-studio options
+PVS_CFG = $(top_srcdir)/PVS-Studio.cfg
+PVS_IGNORE = 'V707,V011,V002,V536'
+PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
+
+# Set to non-empty for development mode
+DEVEL = @DEVEL@
+
+#### End of system configuration section. ####
+
+SHELL = @SHELL@
+
+LIBFUZZSTUB_OBJS = fuzzstub.lo
+
+IOBJS = $(LIBFUZZSTUB_OBJS:.lo=.i)
+
+POBJS = $(IOBJS:.i=.plog)
+
+all: libsudo_fuzzstub.la
+
+depend:
+ $(scriptdir)/mkdep.pl --srcdir=$(abs_top_srcdir) \
+ --builddir=$(abs_top_builddir) lib/fuzzstub/Makefile.in
+ cd $(top_builddir) && ./config.status --file lib/fuzzstub/Makefile
+
+Makefile: $(srcdir)/Makefile.in
+ cd $(top_builddir) && ./config.status --file lib/fuzzstub/Makefile
+
+.SUFFIXES: .c .h .i .lo .plog
+
+.c.lo:
+ $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $<
+
+.c.i:
+ $(CC) -E -o $@ $(CPPFLAGS) $<
+
+.i.plog:
+ ifile=$<; rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $${ifile%i}c --i-file $< --output-file $@
+
+libsudo_fuzzstub.la: $(LIBFUZZSTUB_OBJS)
+ $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(LIBFUZZSTUB_OBJS) $(LT_LIBS)
+
+pre-install:
+
+install:
+
+install-binaries:
+
+install-includes:
+
+install-doc:
+
+install-plugin:
+
+install-fuzzer:
+
+uninstall:
+
+splint:
+ splint $(SPLINT_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+cppcheck:
+ cppcheck $(CPPCHECK_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+pvs-log-files: $(POBJS)
+
+pvs-studio: $(POBJS)
+ plog-converter $(PVS_LOG_OPTS) $(POBJS)
+
+fuzz:
+
+check-fuzzer:
+
+check: check-fuzzer
+
+check-verbose: check
+
+clean:
+ -$(LIBTOOL) $(LTFLAGS) --mode=clean rm -f *.lo *.o *.la
+ -rm -f *.i *.plog stamp-* core *.core core.*
+
+mostlyclean: clean
+
+distclean: clean
+ -rm -rf Makefile .libs
+
+clobber: distclean
+
+realclean: distclean
+ rm -f TAGS tags
+
+cleandir: realclean
+
+.PHONY: clean mostlyclean distclean cleandir clobber realclean
+
+# Autogenerated dependencies, do not modify
+fuzzstub.lo: $(srcdir)/fuzzstub.c $(incdir)/compat/stdbool.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_util.h \
+ $(top_builddir)/config.h
+ $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $(srcdir)/fuzzstub.c
+fuzzstub.i: $(srcdir)/fuzzstub.c $(incdir)/compat/stdbool.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_util.h \
+ $(top_builddir)/config.h
+ $(CC) -E -o $@ $(CPPFLAGS) $<
+fuzzstub.plog: fuzzstub.i
+ rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/fuzzstub.c --i-file $< --output-file $@
diff --git a/lib/fuzzstub/fuzzstub.c b/lib/fuzzstub/fuzzstub.c
new file mode 100644
index 0000000..bc28cad
--- /dev/null
+++ b/lib/fuzzstub/fuzzstub.c
@@ -0,0 +1,133 @@
+/*
+ * SPDX-License-Identifier: ISC
+ *
+ * Copyright (c) 2021 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/stat.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <time.h>
+#include <unistd.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+sudo_dso_public int main(int argc, char *argv[]);
+
+/*
+ * Simple driver for fuzzers built for LLVM libfuzzer.
+ * This stub library allows fuzz targets to be built and run without
+ * libfuzzer. No actual fuzzing will occur but the provided inputs
+ * will be tested.
+ */
+int
+main(int argc, char *argv[])
+{
+ struct timespec start_time, stop_time;
+ size_t filesize, bufsize = 0;
+ ssize_t nread;
+ struct stat sb;
+ uint8_t *buf = NULL;
+ int fd, i, errors = 0;
+ int verbose = 0;
+ long ms;
+
+ /* Test provided input files. */
+ for (i = 1; i < argc; i++) {
+ const char *arg = argv[i];
+ if (*arg == '-') {
+ if (strncmp(arg, "-verbosity=", sizeof("-verbosity=") - 1) == 0) {
+ verbose = atoi(arg + sizeof("-verbosity=") - 1);
+ }
+ continue;
+ }
+ fd = open(arg, O_RDONLY);
+ if (fd == -1 || fstat(fd, &sb) != 0) {
+ fprintf(stderr, "open %s: %s\n", arg, strerror(errno));
+ if (fd != -1)
+ close(fd);
+ errors++;
+ continue;
+ }
+#ifndef __LP64__
+ if (sizeof(sb.st_size) > sizeof(size_t) && sb.st_size > SSIZE_MAX) {
+ errno = E2BIG;
+ fprintf(stderr, "%s: %s\n", arg, strerror(errno));
+ close(fd);
+ errors++;
+ continue;
+ }
+#endif
+ filesize = sb.st_size;
+ if (bufsize < filesize) {
+ void *tmp = realloc(buf, filesize);
+ if (tmp == NULL) {
+ fprintf(stderr, "realloc: %s\n", strerror(errno));
+ close(fd);
+ errors++;
+ continue;
+ }
+ buf = tmp;
+ bufsize = filesize;
+ }
+ nread = read(fd, buf, filesize);
+ if ((size_t)nread != filesize) {
+ if (nread == -1)
+ fprintf(stderr, "read %s: %s\n", arg, strerror(errno));
+ else
+ fprintf(stderr, "read %s: short read\n", arg);
+ close(fd);
+ errors++;
+ continue;
+ }
+ close(fd);
+
+ /* NOTE: doesn't support LLVMFuzzerInitialize() (but we don't use it) */
+ if (verbose > 0) {
+ fprintf(stderr, "Running: %s\n", arg);
+ sudo_gettime_mono(&start_time);
+ }
+ LLVMFuzzerTestOneInput(buf, nread);
+ if (verbose > 0) {
+ sudo_gettime_mono(&stop_time);
+ sudo_timespecsub(&stop_time, &start_time, &stop_time);
+ ms = (stop_time.tv_sec * 1000) + (stop_time.tv_nsec / 1000000);
+ fprintf(stderr, "Executed %s in %ld ms\n", arg, ms);
+ }
+ }
+ free(buf);
+
+ return errors;
+}