From: Arjun <36335769+0x34d@users.noreply.github.com> Date: Sat, 3 Jun 2023 20:20:54 +0000 (+0530) Subject: [Fuzzing] oss-fuzz cifuzz (#587) X-Git-Tag: 1.0.18~56 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=93a40b3515c983530bcf7f97ff9d2280b5d1884c;p=thirdparty%2Flldpd.git [Fuzzing] oss-fuzz cifuzz (#587) * [Fuzzing] oss-fuzz cifuzz Signed-off-by: Arjun Singh --- diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml new file mode 100644 index 00000000..bde0e12e --- /dev/null +++ b/.github/workflows/cifuzz.yml @@ -0,0 +1,32 @@ +name: CIFuzz +on: [pull_request] +jobs: + Fuzzing: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + sanitizer: [address, undefined, memory] + steps: + - name: Build Fuzzers (${{ matrix.sanitizer }}) + id: build + uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master + with: + oss-fuzz-project-name: 'lldpd' + dry-run: false + language: c + sanitizer: ${{ matrix.sanitizer }} + - name: Run Fuzzers (${{ matrix.sanitizer }}) + uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master + with: + oss-fuzz-project-name: 'lldpd' + dry-run: false + language: c + fuzz-seconds: 300 + sanitizer: ${{ matrix.sanitizer }} + - name: Upload Crash + uses: actions/upload-artifact@v1 + if: failure() && steps.build.outcome == 'success' + with: + name: ${{ matrix.sanitizer }}-artifacts + path: ./out/artifacts diff --git a/src/daemon/protocols/edp.c b/src/daemon/protocols/edp.c index 79b6c510..02375668 100644 --- a/src/daemon/protocols/edp.c +++ b/src/daemon/protocols/edp.c @@ -348,14 +348,14 @@ edp_decode(struct lldpd *cfg, char *frame, int s, struct lldpd_hardware *hardwar edp_slot = PEEK_UINT16; edp_port = PEEK_UINT16; free(port->p_id); - if (asprintf(&port->p_id, "%d/%d", edp_slot + 1, - edp_port + 1) == -1) { + port->p_id_len = + asprintf(&port->p_id, "%d/%d", edp_slot + 1, edp_port + 1); + if (port->p_id_len == -1) { log_warn("edp", "unable to allocate memory for " "port ID"); goto malformed; } - port->p_id_len = strlen(port->p_id); free(port->p_descr); if (asprintf(&port->p_descr, "Slot %d / Port %d", edp_slot + 1, edp_port + 1) == -1) { diff --git a/src/daemon/protocols/sonmp.c b/src/daemon/protocols/sonmp.c index 9f4c4909..34ebcd7e 100644 --- a/src/daemon/protocols/sonmp.c +++ b/src/daemon/protocols/sonmp.c @@ -366,12 +366,14 @@ sonmp_decode(struct lldpd *cfg, char *frame, int s, struct lldpd_hardware *hardw port->p_ttl = (port->p_ttl + 999) / 1000; port->p_id_subtype = LLDP_PORTID_SUBTYPE_LOCAL; - if (asprintf(&port->p_id, "%02x-%02x-%02x", seg[0], seg[1], seg[2]) == -1) { + + port->p_id_len = + asprintf(&port->p_id, "%02x-%02x-%02x", seg[0], seg[1], seg[2]); + if (port->p_id_len == -1) { log_warn("sonmp", "unable to allocate memory for port id on %s", hardware->h_ifname); goto malformed; } - port->p_id_len = strlen(port->p_id); /* Port description depend on the number of segments */ if ((seg[0] == 0) && (seg[1] == 0)) { diff --git a/src/log.c b/src/log.c index 3fd6d100..0f3835e8 100644 --- a/src/log.c +++ b/src/log.c @@ -152,7 +152,7 @@ static void vlog(int pri, const char *token, const char *fmt, va_list ap) { if (logh) { - char *result; + char *result = NULL; if (vasprintf(&result, fmt, ap) != -1) { logh(pri, result); free(result);