summaryrefslogtreecommitdiff
path: root/tests/fuzz
diff options
context:
space:
mode:
Diffstat (limited to 'tests/fuzz')
-rw-r--r--tests/fuzz/CMakeLists.txt18
-rw-r--r--tests/fuzz/corpus/05fe405753166f125559e7c9ac558654f107c7e9bin0 -> 8 bytes
-rw-r--r--tests/fuzz/corpus/0660e49c13f6d167a8298d885f724bad8f62fc35bin0 -> 8 bytes
-rw-r--r--tests/fuzz/corpus/37dadeab8d8ce7611f230f9524c1e8ab751c4a6abin0 -> 8 bytes
-rw-r--r--tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44abin0 -> 2 bytes
-rw-r--r--tests/fuzz/corpus/73c72a4d2bd1cd31b0b44256a888feec9eaaba27bin0 -> 9 bytes
-rw-r--r--tests/fuzz/corpus/8db068f76b98df8730f5308b12c793fdf04c47c2bin0 -> 8 bytes
-rw-r--r--tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e2781
-rw-r--r--tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9bin0 -> 3 bytes
-rw-r--r--tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4fbin0 -> 6 bytes
-rw-r--r--tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627bin0 -> 17 bytes
-rw-r--r--tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5bbin0 -> 86 bytes
-rw-r--r--tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2abin0 -> 4 bytes
-rw-r--r--tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50fbin0 -> 36 bytes
-rw-r--r--tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795bin0 -> 6 bytes
-rw-r--r--tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea11
-rw-r--r--tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2bin0 -> 16 bytes
-rw-r--r--tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2bin0 -> 66 bytes
-rw-r--r--tests/fuzz/corpus/e2814b29dd2fd5db02b1ab7c5e147e1194a489cebin0 -> 8 bytes
-rw-r--r--tests/fuzz/corpus/valid-blobmsg.binbin0 -> 176 bytes
-rw-r--r--tests/fuzz/test-fuzz.c40
21 files changed, 60 insertions, 0 deletions
diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt
new file mode 100644
index 0000000..ecdfd32
--- /dev/null
+++ b/tests/fuzz/CMakeLists.txt
@@ -0,0 +1,18 @@
+FILE(GLOB test_cases "test-*.c")
+
+MACRO(ADD_FUZZER_TEST name)
+ ADD_EXECUTABLE(${name} ${name}.c)
+ TARGET_COMPILE_OPTIONS(${name} PRIVATE -g -O1 -fno-omit-frame-pointer -fsanitize=fuzzer,address,leak,undefined)
+ TARGET_INCLUDE_DIRECTORIES(${name} PRIVATE ${PROJECT_SOURCE_DIR})
+ TARGET_LINK_OPTIONS(${name} PRIVATE -stdlib=libc++ -fsanitize=fuzzer,address,leak,undefined)
+ TARGET_LINK_LIBRARIES(${name} ubus ubusd_library ${ubox_library} ${blob_library} ${json})
+ ADD_TEST(
+ NAME ${name}
+ COMMAND ${name} -max_len=256 -timeout=10 -max_total_time=300 ${CMAKE_CURRENT_SOURCE_DIR}/corpus
+ )
+ENDMACRO(ADD_FUZZER_TEST)
+
+FOREACH(test_case ${test_cases})
+ GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE)
+ ADD_FUZZER_TEST(${test_case})
+ENDFOREACH(test_case)
diff --git a/tests/fuzz/corpus/05fe405753166f125559e7c9ac558654f107c7e9 b/tests/fuzz/corpus/05fe405753166f125559e7c9ac558654f107c7e9
new file mode 100644
index 0000000..1b1cb4d
--- /dev/null
+++ b/tests/fuzz/corpus/05fe405753166f125559e7c9ac558654f107c7e9
Binary files differ
diff --git a/tests/fuzz/corpus/0660e49c13f6d167a8298d885f724bad8f62fc35 b/tests/fuzz/corpus/0660e49c13f6d167a8298d885f724bad8f62fc35
new file mode 100644
index 0000000..ec23f71
--- /dev/null
+++ b/tests/fuzz/corpus/0660e49c13f6d167a8298d885f724bad8f62fc35
Binary files differ
diff --git a/tests/fuzz/corpus/37dadeab8d8ce7611f230f9524c1e8ab751c4a6a b/tests/fuzz/corpus/37dadeab8d8ce7611f230f9524c1e8ab751c4a6a
new file mode 100644
index 0000000..9281635
--- /dev/null
+++ b/tests/fuzz/corpus/37dadeab8d8ce7611f230f9524c1e8ab751c4a6a
Binary files differ
diff --git a/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a b/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
new file mode 100644
index 0000000..b4e009d
--- /dev/null
+++ b/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
Binary files differ
diff --git a/tests/fuzz/corpus/73c72a4d2bd1cd31b0b44256a888feec9eaaba27 b/tests/fuzz/corpus/73c72a4d2bd1cd31b0b44256a888feec9eaaba27
new file mode 100644
index 0000000..490a43d
--- /dev/null
+++ b/tests/fuzz/corpus/73c72a4d2bd1cd31b0b44256a888feec9eaaba27
Binary files differ
diff --git a/tests/fuzz/corpus/8db068f76b98df8730f5308b12c793fdf04c47c2 b/tests/fuzz/corpus/8db068f76b98df8730f5308b12c793fdf04c47c2
new file mode 100644
index 0000000..91fa1a0
--- /dev/null
+++ b/tests/fuzz/corpus/8db068f76b98df8730f5308b12c793fdf04c47c2
Binary files differ
diff --git a/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278 b/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
new file mode 100644
index 0000000..62f9457
--- /dev/null
+++ b/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
@@ -0,0 +1 @@
+6 \ No newline at end of file
diff --git a/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 b/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
new file mode 100644
index 0000000..3d70d85
--- /dev/null
+++ b/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
Binary files differ
diff --git a/tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f b/tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
new file mode 100644
index 0000000..407114e
--- /dev/null
+++ b/tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
Binary files differ
diff --git a/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 b/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
new file mode 100644
index 0000000..2ca392f
--- /dev/null
+++ b/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
Binary files differ
diff --git a/tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b b/tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
new file mode 100644
index 0000000..b49d3e7
--- /dev/null
+++ b/tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
Binary files differ
diff --git a/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a b/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
new file mode 100644
index 0000000..39ae859
--- /dev/null
+++ b/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
Binary files differ
diff --git a/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f b/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
new file mode 100644
index 0000000..62338ff
--- /dev/null
+++ b/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
Binary files differ
diff --git a/tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795 b/tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
new file mode 100644
index 0000000..530ae8f
--- /dev/null
+++ b/tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
Binary files differ
diff --git a/tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 b/tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
new file mode 100644
index 0000000..46b749e
--- /dev/null
+++ b/tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
@@ -0,0 +1 @@
+ÿÿÿÿÝ
diff --git a/tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2 b/tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
new file mode 100644
index 0000000..f6899b5
--- /dev/null
+++ b/tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
Binary files differ
diff --git a/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 b/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
new file mode 100644
index 0000000..92a30d2
--- /dev/null
+++ b/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
Binary files differ
diff --git a/tests/fuzz/corpus/e2814b29dd2fd5db02b1ab7c5e147e1194a489ce b/tests/fuzz/corpus/e2814b29dd2fd5db02b1ab7c5e147e1194a489ce
new file mode 100644
index 0000000..cc81c2c
--- /dev/null
+++ b/tests/fuzz/corpus/e2814b29dd2fd5db02b1ab7c5e147e1194a489ce
Binary files differ
diff --git a/tests/fuzz/corpus/valid-blobmsg.bin b/tests/fuzz/corpus/valid-blobmsg.bin
new file mode 100644
index 0000000..2d0c68e
--- /dev/null
+++ b/tests/fuzz/corpus/valid-blobmsg.bin
Binary files differ
diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c
new file mode 100644
index 0000000..9922ff9
--- /dev/null
+++ b/tests/fuzz/test-fuzz.c
@@ -0,0 +1,40 @@
+#include <stdio.h>
+#include <stdint.h>
+#include <stddef.h>
+#include <limits.h>
+
+#include <libubox/blob.h>
+#include <libubox/blobmsg.h>
+
+#include "ubusmsg.h"
+#include "libubus.h"
+#include "libubus-internal.h"
+
+static void _ubus_validate_hdr(const uint8_t *data, size_t size)
+{
+ if (size > sizeof(struct ubus_msghdr))
+ return;
+
+ ubus_validate_hdr((struct ubus_msghdr *) data);
+}
+
+static void _ubus_parse_msg(const uint8_t *data, size_t size)
+{
+ struct blob_attr *attr = (struct blob_attr *) data;
+
+ if (size < sizeof(struct blob_attr *))
+ return;
+
+ if (blob_pad_len(attr) > UBUS_MAX_MSGLEN)
+ return;
+
+ ubus_parse_msg(attr);
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+ _ubus_validate_hdr(data, size);
+ _ubus_parse_msg(data, size);
+
+ return 0;
+}
View Lorry Controller Status