diff options
Diffstat (limited to 'fuzz')
-rw-r--r-- | fuzz/Makefile.am | 23 | ||||
-rw-r--r-- | fuzz/Makefile.in | 235 | ||||
-rw-r--r-- | fuzz/libFuzzerLocal.c | 59 |
3 files changed, 277 insertions, 40 deletions
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index 66debc226..bdc3e2ebc 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -1,12 +1,12 @@ -CPPFLAGS = @CPPFLAGS@ \ +AM_CPPFLAGS = @CPPFLAGS@ \ -I$(top_srcdir)/src/libstrongswan \ -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ -DPLUGINS="\"${fuzz_plugins}\"" -LDFLAGS = @LDFLAGS@ ${libfuzzer} \ +fuzz_ldflags = ${libfuzzer} \ $(top_builddir)/src/libstrongswan/.libs/libstrongswan.a \ -Wl,-Bstatic -lgmp -Wl,-Bdynamic \ - -stdlib=libc++ -lstdc++ + @FUZZING_LDFLAGS@ FUZZ_TARGETS=fuzz_certs @@ -14,5 +14,18 @@ all-local: $(FUZZ_TARGETS) CLEANFILES=$(FUZZ_TARGETS) -fuzz_certs: fuzz_certs.c - $(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $< $(LDFLAGS) +fuzz_certs: fuzz_certs.c ${libfuzzer} + $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) + +noinst_LIBRARIES = libFuzzerLocal.a +libFuzzerLocal_a_SOURCES = libFuzzerLocal.c +libFuzzerLocal_a_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la + +check: all + for f in $(FUZZ_TARGETS); do \ + corpus=$${f#fuzz_}; \ + corpus=$${corpus%%_*}; \ + ./$$f $(FUZZING_CORPORA)/$${corpus}/*; \ + crashes=$(FUZZING_CORPORA)/$${corpus}-crash; \ + test ! -d $${crashes} || ./$$f $${crashes}/*; \ + done diff --git a/fuzz/Makefile.in b/fuzz/Makefile.in index 8306f44ec..31b590273 100644 --- a/fuzz/Makefile.in +++ b/fuzz/Makefile.in @@ -13,6 +13,7 @@ # PARTICULAR PURPOSE. @SET_MAKE@ + VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ @@ -106,6 +107,17 @@ mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = +LIBRARIES = $(noinst_LIBRARIES) +ARFLAGS = cru +AM_V_AR = $(am__v_AR_@AM_V@) +am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) +am__v_AR_0 = @echo " AR " $@; +am__v_AR_1 = +libFuzzerLocal_a_AR = $(AR) $(ARFLAGS) +libFuzzerLocal_a_DEPENDENCIES = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la +am_libFuzzerLocal_a_OBJECTS = libFuzzerLocal.$(OBJEXT) +libFuzzerLocal_a_OBJECTS = $(am_libFuzzerLocal_a_OBJECTS) AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false @@ -118,15 +130,59 @@ AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = -SOURCES = -DIST_SOURCES = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libFuzzerLocal_a_SOURCES) +DIST_SOURCES = $(libFuzzerLocal_a_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -am__DIST_COMMON = $(srcdir)/Makefile.in +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ ALLOCA = @ALLOCA@ @@ -146,11 +202,7 @@ CFLAGS = @CFLAGS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ \ - -I$(top_srcdir)/src/libstrongswan \ - -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ - -DPLUGINS="\"${fuzz_plugins}\"" - +CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ @@ -165,9 +217,11 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +FUZZING_LDFLAGS = @FUZZING_LDFLAGS@ GEM = @GEM@ GENHTML = @GENHTML@ GPERF = @GPERF@ +GPERF_LEN_TYPE = @GPERF_LEN_TYPE@ GPRBUILD = @GPRBUILD@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -177,11 +231,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LCOV = @LCOV@ LD = @LD@ -LDFLAGS = @LDFLAGS@ ${libfuzzer} \ - $(top_builddir)/src/libstrongswan/.libs/libstrongswan.a \ - -Wl,-Bstatic -lgmp -Wl,-Bdynamic \ - -stdlib=libc++ -lstdc++ - +LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ @@ -372,11 +422,25 @@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ +AM_CPPFLAGS = @CPPFLAGS@ \ + -I$(top_srcdir)/src/libstrongswan \ + -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ + -DPLUGINS="\"${fuzz_plugins}\"" + +fuzz_ldflags = ${libfuzzer} \ + $(top_builddir)/src/libstrongswan/.libs/libstrongswan.a \ + -Wl,-Bstatic -lgmp -Wl,-Bdynamic \ + @FUZZING_LDFLAGS@ + FUZZ_TARGETS = fuzz_certs CLEANFILES = $(FUZZ_TARGETS) +noinst_LIBRARIES = libFuzzerLocal.a +libFuzzerLocal_a_SOURCES = libFuzzerLocal.c +libFuzzerLocal_a_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la all: all-am .SUFFIXES: +.SUFFIXES: .c .lo .o .obj $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ @@ -407,17 +471,103 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): +clean-noinstLIBRARIES: + -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) + +libFuzzerLocal.a: $(libFuzzerLocal_a_OBJECTS) $(libFuzzerLocal_a_DEPENDENCIES) $(EXTRA_libFuzzerLocal_a_DEPENDENCIES) + $(AM_V_at)-rm -f libFuzzerLocal.a + $(AM_V_AR)$(libFuzzerLocal_a_AR) libFuzzerLocal.a $(libFuzzerLocal_a_OBJECTS) $(libFuzzerLocal_a_LIBADD) + $(AM_V_at)$(RANLIB) libFuzzerLocal.a + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libFuzzerLocal.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -tags TAGS: -ctags CTAGS: - -cscope cscopelist: +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @@ -451,7 +601,7 @@ distdir: $(DISTFILES) done check-am: all-am check: check-am -all-am: Makefile all-local +all-am: Makefile $(LIBRARIES) all-local installdirs: install: install-am install-exec: install-exec-am @@ -486,11 +636,14 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ + mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile -distclean-am: clean-am distclean-generic +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags dvi: dvi-am @@ -533,12 +686,14 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am -mostlyclean-am: mostlyclean-generic mostlyclean-libtool +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf: pdf-am @@ -552,26 +707,36 @@ uninstall-am: .MAKE: install-am install-strip -.PHONY: all all-am all-local check check-am clean clean-generic \ - clean-libtool cscopelist-am ctags-am distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am +.PHONY: CTAGS GTAGS TAGS all all-am all-local check check-am clean \ + clean-generic clean-libtool clean-noinstLIBRARIES \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am .PRECIOUS: Makefile all-local: $(FUZZ_TARGETS) -fuzz_certs: fuzz_certs.c - $(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $< $(LDFLAGS) +fuzz_certs: fuzz_certs.c ${libfuzzer} + $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) + +check: all + for f in $(FUZZ_TARGETS); do \ + corpus=$${f#fuzz_}; \ + corpus=$${corpus%%_*}; \ + ./$$f $(FUZZING_CORPORA)/$${corpus}/*; \ + crashes=$(FUZZING_CORPORA)/$${corpus}-crash; \ + test ! -d $${crashes} || ./$$f $${crashes}/*; \ + done # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/fuzz/libFuzzerLocal.c b/fuzz/libFuzzerLocal.c new file mode 100644 index 000000000..af5c50c66 --- /dev/null +++ b/fuzz/libFuzzerLocal.c @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2017 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <errno.h> +#include <library.h> + +extern int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size); +__attribute__((weak)) extern int LLVMFuzzerInitialize(int *argc, char ***argv); + +/** + * This is a simple driver for the fuzz targets to verify test inputs outside + * of OSS-Fuzz. + * + * Failures will usually cause crashes. + */ +int main(int argc, char **argv) +{ + chunk_t *data; + int i, res = 0; + + fprintf(stderr, "%s: running %d inputs\n", argv[0], argc - 1); + if (LLVMFuzzerInitialize) + { + LLVMFuzzerInitialize(&argc, &argv); + } + for (i = 1; i < argc; i++) + { + fprintf(stderr, "running: %s\n", argv[i]); + data = chunk_map(argv[i], FALSE); + if (!data) + { + fprintf(stderr, "opening %s failed: %s\n", argv[i], strerror(errno)); + return 1; + } + res = LLVMFuzzerTestOneInput(data->ptr, data->len); + fprintf(stderr, "done: %s: (%zd bytes)\n", argv[i], data->len); + chunk_unmap(data); + if (res) + { + break; + } + } + fprintf(stderr, "%s: completed %d inputs\n", argv[0], i-1); + return res; +} |