From: Philippe Antoine <contact@catenacyber.fr>
Date: Mon, 29 Mar 2021 18:27:34 +0000 (+0200)
Subject: fuzz: specify protocol with fuzz target name
X-Git-Tag: suricata-6.0.10~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7986919df0f0ffc3974f27013afba0b8c2523aaa;p=thirdparty%2Fsuricata.git

fuzz: specify protocol with fuzz target name

cf https://redmine.openinfosecfoundation.org/issues/4125

This allows fuzz_applayerparser_parse to fuzz one specific
app-layer protocol based on the binary name, as is done
with the environment variable FUZZ_APPLAYER
That is if we rename/copy to fuzz_applayerparser_parse_smb,
it will fuzz only SMB protocol
This way, we can easily produce different fuzz targets for
each protocol in oss-fuzz

(cherry picked from commit e9b76a0e663ce5c2f8900f90a4f4fd7ed3436335)
---

diff --git a/src/tests/fuzz/fuzz_applayerparserparse.c b/src/tests/fuzz/fuzz_applayerparserparse.c
index 6d5a560cd7..01886a6c97 100644
--- a/src/tests/fuzz/fuzz_applayerparserparse.c
+++ b/src/tests/fuzz/fuzz_applayerparserparse.c
@@ -16,6 +16,7 @@
 #define HEADER_LEN 6
 
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int LLVMFuzzerInitialize(int *argc, char ***argv);
 
 AppLayerParserThreadCtx *alp_tctx = NULL;
 
@@ -35,6 +36,30 @@ const uint8_t separator[] = {0x01, 0xD5, 0xCA, 0x7A};
 SCInstance surifuzz;
 uint64_t forceLayer = 0;
 
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+    char *target_suffix = strrchr((*argv)[0], '_');
+    if (target_suffix != NULL) {
+        AppProto applayer = StringToAppProto(target_suffix + 1);
+        if (applayer != ALPROTO_UNKNOWN) {
+            forceLayer = applayer;
+            printf("Forcing %s=%" PRIu64 "\n", AppProtoToString(forceLayer), forceLayer);
+            return 0;
+        }
+    }
+    // else
+    const char *forceLayerStr = getenv("FUZZ_APPLAYER");
+    if (forceLayerStr) {
+        if (ByteExtractStringUint64(&forceLayer, 10, 0, forceLayerStr) < 0) {
+            forceLayer = 0;
+            printf("Invalid numeric value for FUZZ_APPLAYER environment variable");
+        } else {
+            printf("Forcing %s\n", AppProtoToString(forceLayer));
+        }
+    }
+    return 0;
+}
+
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 {
     Flow * f;
@@ -68,15 +93,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 
         PostConfLoadedSetup(&surifuzz);
         alp_tctx = AppLayerParserThreadCtxAlloc();
-        const char* forceLayerStr = getenv("FUZZ_APPLAYER");
-        if (forceLayerStr) {
-            if (ByteExtractStringUint64(&forceLayer, 10, 0, forceLayerStr) < 0) {
-                forceLayer = 0;
-                printf("Invalid numeric value for FUZZ_APPLAYER environment variable");
-            } else {
-                printf("Forcing %s\n", AppProtoToString(forceLayer));
-            }
-        }
     }
 
     if (data[0] >= ALPROTO_MAX) {