From 97e673a0fa5409aafaa99022269f064a35d216ae Mon Sep 17 00:00:00 2001 From: =?utf8?q?Thomas=20Wei=C3=9Fschuh?= Date: Wed, 25 Jan 2023 17:21:18 +0000 Subject: [PATCH] libblkid: add test_blkid_fuzz_sample MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This can be used to easily reproduce crashes produced by the fuzzers. Signed-off-by: Thomas Weißschuh --- libblkid/src/Makemodule.am | 10 +++++++++- libblkid/src/fuzz.c | 41 ++++++++++++++++++++++++++++---------- meson.build | 9 +++++++++ 3 files changed, 49 insertions(+), 11 deletions(-) diff --git a/libblkid/src/Makemodule.am b/libblkid/src/Makemodule.am index 6cd8642e36..b760a802e0 100644 --- a/libblkid/src/Makemodule.am +++ b/libblkid/src/Makemodule.am @@ -219,13 +219,21 @@ test_blkid_fuzz_SOURCES = libblkid/src/fuzz.c # https://google.github.io/oss-fuzz/getting-started/new-project-guide/#Requirements nodist_EXTRA_test_blkid_fuzz_SOURCES = dummy.cxx -test_blkid_fuzz_CFLAGS = $(blkid_tests_cflags) +test_blkid_fuzz_CFLAGS = $(blkid_tests_cflags) -DFUZZ_TARGET test_blkid_fuzz_LDFLAGS = $(blkid_tests_ldflags) -lpthread test_blkid_fuzz_LDADD = $(blkid_tests_ldadd) $(LIB_FUZZING_ENGINE) endif endif # BUILD_LIBBLKID_TESTS +check_PROGRAMS += test_blkid_fuzz_sample + +test_blkid_fuzz_sample_SOURCES = libblkid/src/fuzz.c + +test_blkid_fuzz_sample_CFLAGS = $(blkid_tests_cflags) +test_blkid_fuzz_sample_LDFLAGS = $(blkid_tests_ldflags) +test_blkid_fuzz_sample_LDADD = $(blkid_tests_ldadd) + # move lib from $(usrlib_execdir) to $(libdir) if needed install-exec-hook-libblkid: diff --git a/libblkid/src/fuzz.c b/libblkid/src/fuzz.c index 7d07f595b6..772340b6a1 100644 --- a/libblkid/src/fuzz.c +++ b/libblkid/src/fuzz.c @@ -4,6 +4,21 @@ #include #include +static int process_file(const char *name) +{ + int rc = -1; + blkid_probe pr = blkid_new_probe_from_filename(name); + if (pr != NULL) { + blkid_probe_enable_partitions(pr, TRUE); + blkid_probe_set_partitions_flags(pr, FALSE); + blkid_probe_enable_superblocks(pr, TRUE); + blkid_probe_set_superblocks_flags(pr, BLKID_SUBLKS_DEFAULT | BLKID_SUBLKS_FSINFO | BLKID_SUBLKS_MAGIC | BLKID_SUBLKS_VERSION | BLKID_SUBLKS_BADCSUM); + rc = blkid_do_safeprobe(pr) == -1 ? -1 : 0; + } + blkid_free_probe(pr); + return rc; +} + int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { int fd; char name[] = "/tmp/test-script-fuzz.XXXXXX"; @@ -15,17 +30,23 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (write(fd, data, size) != (ssize_t)size) goto out; - blkid_probe pr = blkid_new_probe_from_filename(name); - if (pr != NULL) { - blkid_probe_enable_partitions(pr, TRUE); - blkid_probe_set_partitions_flags(pr, FALSE); - blkid_probe_enable_superblocks(pr, TRUE); - blkid_probe_set_superblocks_flags(pr, BLKID_SUBLKS_DEFAULT | BLKID_SUBLKS_FSINFO | BLKID_SUBLKS_MAGIC | BLKID_SUBLKS_VERSION | BLKID_SUBLKS_BADCSUM); - blkid_do_safeprobe(pr); - } - blkid_free_probe(pr); + process_file(name); out: close(fd); unlink(name); return 0; -} \ No newline at end of file +} + +#ifndef FUZZ_TARGET +int main(int argc, char **argv) +{ + for (int i = 1; i < argc; i++) { + printf("%s ", argv[i]); + if (process_file(argv[i]) == 0) + printf(" OK\n"); + else + printf(" FAILED\n"); + + } +} +#endif diff --git a/meson.build b/meson.build index d263cb6d20..afb49bf233 100644 --- a/meson.build +++ b/meson.build @@ -2665,6 +2665,15 @@ if not is_disabler(exe) exes += exe endif +exe = executable( + 'test_blkid_fuzz_sample', + 'libblkid/src/fuzz.c', + include_directories: includes, + link_with: lib_blkid) +if not is_disabler(exe) + exes += exe +endif + ############################################################ exe = executable( -- 2.47.3