From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Thu, 21 Mar 2019 22:16:56 +0000 (+0100)
Subject: fuzz-nspawn-oci: add fuzzer for the oci bundle loader
X-Git-Tag: v242-rc1~78^2~4
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9ddd62cda1cda0df88060c236da7652873553419;p=thirdparty%2Fsystemd.git

fuzz-nspawn-oci: add fuzzer for the oci bundle loader
---

diff --git a/src/fuzz/fuzz-nspawn-oci.c b/src/fuzz/fuzz-nspawn-oci.c
new file mode 100644
index 00000000000..f7b59f13ba8
--- /dev/null
+++ b/src/fuzz/fuzz-nspawn-oci.c
@@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include <errno.h>
+
+#include "alloc-util.h"
+#include "fd-util.h"
+#include "fuzz.h"
+#include "nspawn-oci.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+        _cleanup_fclose_ FILE *f = NULL;
+        _cleanup_(settings_freep) Settings *s = NULL;
+
+        if (size == 0)
+                return 0;
+
+        f = fmemopen((char*) data, size, "re");
+        assert_se(f);
+
+        /* We don't want to fill the logs with messages about parse errors.
+         * Disable most logging if not running standalone */
+        if (!getenv("SYSTEMD_LOG_LEVEL"))
+                log_set_max_level(LOG_CRIT);
+
+        (void) oci_load(f, "/dev/null", &s);
+
+        return 0;
+}
diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build
index 241fe02edbb..0d1ad2b1e1a 100644
--- a/src/fuzz/meson.build
+++ b/src/fuzz/meson.build
@@ -130,6 +130,11 @@ fuzzers += [
           libnspawn_core],
          []],
 
+        [['src/fuzz/fuzz-nspawn-oci.c'],
+         [libshared,
+          libnspawn_core],
+         []],
+
         [['src/fuzz/fuzz-calendarspec.c'],
          [libshared],
          []],
diff --git a/test/fuzz/fuzz-nspawn-oci/basic.json b/test/fuzz/fuzz-nspawn-oci/basic.json
new file mode 100644
index 00000000000..f42739e03a0
--- /dev/null
+++ b/test/fuzz/fuzz-nspawn-oci/basic.json
@@ -0,0 +1,141 @@
+{
+    "ociVersion": "1.0.0",
+
+    "root": {
+        "path": "rootfs",
+        "readonly": true
+    },
+
+    "process": {
+        "terminal": false,
+        "consoleSize": {
+            "height":6667,
+            "width":6668
+        },
+
+        "user": {
+            "uid": 14,
+            "gid": 14,
+            "additionalGids": [59, 81]
+        },
+
+        "args": [
+            "/tmp/verify.sh"
+        ],
+
+        "env": [
+            "FOO=BAR",
+            "WITHSPACES=FOO BAR",
+            "WITHSHELLCHARS=$ASDF \\\"asdf asdf\\\" !",
+            "WITHCONTROLCHARS=\\123\\125\\010\\020",
+            "TERM=xterm"
+        ],
+
+        "cwd": "/tmp/src",
+
+        "rlimits": [
+            {
+                "type": "RLIMIT_NOFILE",
+                "hard": 1020,
+                "soft": 1020
+            }
+        ]
+    },
+
+    "mounts": [
+        {
+            "destination": "/tmp/src",
+            "source": "src",
+            "options": ["ro"]
+        },
+
+        {
+            "destination": "/tmp/verify.sh",
+            "source": "verify.sh",
+            "options": ["ro"]
+        },
+
+        {
+            "destination": "/proc",
+            "type": "proc",
+            "source": "proc"
+        },
+        {
+            "destination": "/dev",
+            "type": "tmpfs",
+            "source": "tmpfs",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/dev/pts",
+            "type": "devpts",
+            "source": "devpts",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/dev/shm",
+            "type": "tmpfs",
+            "source": "shm",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/dev/mqueue",
+            "type": "mqueue",
+            "source": "mqueue",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/sys",
+            "type": "sysfs",
+            "source": "sysfs",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/sys/fs/cgroup",
+            "type": "cgroup",
+            "source": "cgroup",
+            "options": [
+                "mode=777"
+            ]
+        }
+    ],
+
+    "hooks": {},
+
+    "linux": {
+        "resources": {
+            "devices": [
+                {
+                    "allow": false,
+                    "access": "rwm"
+                }
+            ]
+        },
+        "namespaces": [
+            {
+                "type": "pid"
+            },
+            {
+                "type": "ipc"
+            },
+            {
+                "type": "mount"
+            }
+        ]
+    },
+
+    "annotations": {
+        "com.example.key1": "value1",
+        "com.example.key2": "value2"
+    }
+}