skip_deps = want_ossfuzz or get_option('skip-deps')
fuzzer_build = want_ossfuzz or want_libfuzzer
+# If we're building *not* for actual fuzzing, allow input samples of any size
+# (for testing and for reproduction of issues discovered with previously-higher
+# limits).
+conf.set10('FUZZ_USE_SIZE_LIMIT', fuzzer_build)
+
# Create a title-less summary section early, so it ends up first in the output.
# More items are added later after they have been detected.
summary({'build mode' : get_option('mode')})
_cleanup_free_ void *p = NULL;
/* This limit was borrowed from src/boot/efi/boot.c */
- if (size > 100*1024)
+ if (outside_size_range(size, 0, 100*1024))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
const char *name;
long offset;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
f = data_to_file(data, size);
_cleanup_(boot_config_free) BootConfig config = BOOT_CONFIG_NULL;
int r;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
/* Disable most logging if not running standalone */
_cleanup_fclose_ FILE *f = NULL;
_cleanup_strv_free_ char **rl = NULL, **rlp = NULL;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
f = data_to_file(data, size);
#include <stddef.h>
#include <stdint.h>
+#include "env-util.h"
#include "fileio.h"
/* The entry point into the fuzzer */
else
return fmemopen_unlocked((char*) data, size, "re");
}
+
+/* Check if we are within the specified size range.
+ * The upper limit is ignored if FUZZ_USE_SIZE_LIMIT is unset.
+ */
+static inline bool outside_size_range(size_t size, size_t lower, size_t upper) {
+ if (size < lower)
+ return true;
+ if (size > upper)
+ return FUZZ_USE_SIZE_LIMIT;
+ return false;
+}
_cleanup_(journal_remote_server_destroy) RemoteServer s = {};
int r;
- if (size <= 2 || size > 65536)
+ if (outside_size_range(size, 3, 65536))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
StdoutStream *stream;
int v;
- if (size == 0 || size > 65536)
+ if (outside_size_range(size, 1, 65536))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
struct in6_addr hint = { { { 0x3f, 0xfe, 0x05, 0x01, 0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 } } };
static const char *v1_data = "hogehoge", *v2_data = "foobar";
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
assert_se(sd_event_new(&e) >= 0);
_cleanup_(sd_event_unrefp) sd_event *e = NULL;
_cleanup_(sd_lldp_rx_unrefp) sd_lldp_rx *lldp_rx = NULL;
- if (size > 2048)
+ if (outside_size_range(size, 0, 2048))
return 0;
assert_se(sd_event_new(&e) == 0);
_cleanup_(sd_event_unrefp) sd_event *e = NULL;
_cleanup_(sd_ndisc_unrefp) sd_ndisc *nd = NULL;
- if (size > 2048)
+ if (outside_size_range(size, 0, 2048))
return 0;
assert_se(sd_event_new(&e) >= 0);
_cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
int r;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
/* We don't want to fill the logs with messages about parse errors.
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(unlink_tempfilep) char netdev_config[] = "/tmp/fuzz-networkd.XXXXXX";
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(unlink_tempfilep) char network_config[] = "/tmp/fuzz-networkd.XXXXXX";
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(settings_freep) Settings *s = NULL;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
f = data_to_file(data, size);
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(settings_freep) Settings *s = NULL;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
f = data_to_file(data, size);
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
- if (size > DNS_PACKET_SIZE_MAX)
+ if (outside_size_range(size, 0, DNS_PACKET_SIZE_MAX))
return 0;
assert_se(dns_packet_new(&p, DNS_PROTOCOL_DNS, 0, DNS_PACKET_SIZE_MAX) >= 0);
if (!getenv("SYSTEMD_LOG_LEVEL"))
log_set_max_level(LOG_CRIT);
- if (size > HID_MAX_DESCRIPTOR_SIZE)
+ if (outside_size_range(size, 0, HID_MAX_DESCRIPTOR_SIZE))
return 0;
+
(void) is_fido_security_token_desc(data, size);
return 0;
_cleanup_(unlink_tempfilep) char filename[] = "/tmp/fuzz-udev-rules.XXXXXX";
int r;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
_cleanup_(unlink_tempfilep) char filename[] = "/tmp/fuzz-link-config.XXXXXX";
_cleanup_fclose_ FILE *f = NULL;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
if (!getenv("SYSTEMD_LOG_LEVEL"))
_cleanup_(xdg_autostart_service_freep) XdgAutostartService *service = NULL;
_cleanup_(rm_rf_physical_and_freep) char *tmpdir = NULL;
- if (size > 65536)
+ if (outside_size_range(size, 0, 65536))
return 0;
/* We don't want to fill the logs with messages about parse errors.
projects / thirdparty / systemd.git / commitdiff
