diff options
author | Randy <randy408@protonmail.com> | 2020-02-29 10:47:54 +0100 |
---|---|---|
committer | Randy <randy408@protonmail.com> | 2020-02-29 12:02:24 +0000 |
commit | 836217c48d2b499f9dda2dcc848cf1dc85a4b18a (patch) | |
tree | 66205f9409f503c225b6c5d83edcec4a849c4258 | |
parent | 920c30cf1d4353b28266fc91f88b2ae72e0f5e4f (diff) |
ossfuzz: integrate into build, add entrypoint
-rw-r--r-- | test/Makefile.am | 16 | ||||
-rw-r--r-- | test/README | 9 | ||||
-rw-r--r-- | test/fuzz_main.c | 54 |
3 files changed, 78 insertions, 1 deletions
diff --git a/test/Makefile.am b/test/Makefile.am index 1606541..92565df 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -1,4 +1,4 @@ -noinst_PROGRAMS = spectre-test parser-test +noinst_PROGRAMS = spectre-test parser-test fuzz-test spectre_test_SOURCES = \ spectre-test.c \ @@ -26,3 +26,17 @@ parser_test_CPPFLAGS = \ $(SPECTRE_CFLAGS) parser_test_LDADD = $(top_builddir)/libspectre/libspectre.la + +fuzz_test_SOURCES = \ + fuzz_main.c \ + spectre_read_fuzzer.c \ + $(top_srcdir)/libspectre/ps.c \ + $(top_srcdir)/libspectre/ps.h \ + $(top_srcdir)/libspectre/spectre-utils.c \ + $(top_srcdir)/libspectre/spectre-utils.h + +fuzz_test_CPPFLAGS = \ + -I$(top_srcdir)/libspectre \ + $(SPECTRE_CFLAGS) + +fuzz_test_LDADD = $(top_builddir)/libspectre/libspectre.la diff --git a/test/README b/test/README new file mode 100644 index 0000000..de7b344 --- /dev/null +++ b/test/README @@ -0,0 +1,9 @@ +Fuzz testing +============ + +fuzz-test is an executable used for reproducing test cases, it takes a file +as argument and passes it to the fuzz target, set CFLAGS to enable a sanitizer, +for example: CFLAGS="-fsanitize=address -g" ./autogen.sh; make + +NOTE: The executables may be linked against the system library, check with + `ldd fuzz-test` and use `sudo make install` as a workaround if necessary. diff --git a/test/fuzz_main.c b/test/fuzz_main.c new file mode 100644 index 0000000..40c0cc8 --- /dev/null +++ b/test/fuzz_main.c @@ -0,0 +1,54 @@ +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> + +/* fuzz target entry point, works without libFuzzer */ + +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); + +int main(int argc, char **argv) +{ + FILE *f; + char *buf = NULL; + long siz_buf; + + if(argc < 2) + { + fprintf(stderr, "no input file\n"); + goto err; + } + + f = fopen(argv[1], "rb"); + if(f == NULL) + { + fprintf(stderr, "error opening input file %s\n", argv[1]); + goto err; + } + + fseek(f, 0, SEEK_END); + + siz_buf = ftell(f); + rewind(f); + + if(siz_buf < 1) goto err; + + buf = (char*)malloc((size_t)siz_buf); + if(buf == NULL) + { + fprintf(stderr, "malloc() failed\n"); + goto err; + } + + if(fread(buf, (size_t)siz_buf, 1, f) != 1) + { + fprintf(stderr, "fread() failed\n"); + goto err; + } + + (void)LLVMFuzzerTestOneInput((uint8_t*)buf, (size_t)siz_buf); + +err: + free(buf); + + return 0; +} |