aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPřemysl Eric Janouch <p@janouch.name>2020-10-11 21:58:56 +0200
committerPřemysl Eric Janouch <p@janouch.name>2020-10-12 02:07:07 +0200
commitc2c5031538e9d48925c758b23df8d093358ba3fd (patch)
tree48c9997e2c3985240113f92aeaccac06cea866c0
parentdf3f53bd5c370dcd46074189f3ad545c6aab942b (diff)
downloadliberty-c2c5031538e9d48925c758b23df8d093358ba3fd.tar.gz
liberty-c2c5031538e9d48925c758b23df8d093358ba3fd.tar.xz
liberty-c2c5031538e9d48925c758b23df8d093358ba3fd.zip
Add remaining fuzzing entry points
Closes #1
-rwxr-xr-xfuzz2
-rw-r--r--tests/fuzz.c99
2 files changed, 94 insertions, 7 deletions
diff --git a/fuzz b/fuzz
index 0964712..071bb17 100755
--- a/fuzz
+++ b/fuzz
@@ -8,7 +8,7 @@ fuzz () {
echo "`tput bold`-- Fuzzing $1`tput sgr0`"
mkdir -p /tmp/corpus-$1
./fuzz-executor -test=$1 -artifact_prefix=$1- \
- -max_len=32 -max_total_time=600 -timeout=1 /tmp/corpus-$1
+ -max_total_time=600 -timeout=1 /tmp/corpus-$1
}
if [ $# -gt 0 ]; then
diff --git a/tests/fuzz.c b/tests/fuzz.c
index abc8eb7..74db020 100644
--- a/tests/fuzz.c
+++ b/tests/fuzz.c
@@ -32,6 +32,13 @@
#define LIBERTY_WANT_PROTO_MPD
#include "../liberty.c"
+#include "../liberty-tui.c"
+
+static bool
+app_is_character_in_locale (ucs4_t ch)
+{
+ return ch < 128;
+}
// --- UTF-8 -------------------------------------------------------------------
@@ -46,9 +53,14 @@ test_utf8_validate (const uint8_t *data, size_t size)
static void
test_base64_decode (const uint8_t *data, size_t size)
{
+ struct str wrap = str_make ();
+ str_append_data (&wrap, data, size);
+
struct str out = str_make ();
- base64_decode ((const char *) data, size, &out);
+ base64_decode (wrap.str, true /* ignore_ws */, &out);
str_free (&out);
+
+ str_free (&wrap);
}
// --- IRC ---------------------------------------------------------------------
@@ -131,7 +143,7 @@ test_scgi_parser_push (const uint8_t *data, size_t size)
// --- WebSockets --------------------------------------------------------------
static bool
-test_websockets_on_frame_header (void *user_data, const struct ws_parser *self)
+test_ws_parser_on_frame_header (void *user_data, const struct ws_parser *self)
{
(void) user_data;
(void) self;
@@ -139,7 +151,7 @@ test_websockets_on_frame_header (void *user_data, const struct ws_parser *self)
}
static bool
-test_websockets_on_frame (void *user_data, const struct ws_parser *self)
+test_ws_parser_on_frame (void *user_data, const struct ws_parser *self)
{
(void) user_data;
(void) self;
@@ -150,13 +162,84 @@ static void
test_ws_parser_push (const uint8_t *data, size_t size)
{
struct ws_parser parser = ws_parser_make ();
- parser.on_frame_header = test_websockets_on_frame_header;
- parser.on_frame = test_websockets_on_frame;
+ parser.on_frame_header = test_ws_parser_on_frame_header;
+ parser.on_frame = test_ws_parser_on_frame;
ws_parser_push (&parser, data, size);
ws_parser_free (&parser);
}
+// --- FastCGI -----------------------------------------------------------------
+
+static bool
+test_fcgi_parser_on_message (const struct fcgi_parser *parser, void *user_data)
+{
+ (void) parser;
+ (void) user_data;
+ return true;
+}
+
+static void
+test_fcgi_parser_push (const uint8_t *data, size_t size)
+{
+ struct fcgi_parser parser = fcgi_parser_make ();
+ parser.on_message = test_fcgi_parser_on_message;
+ fcgi_parser_push (&parser, data, size);
+ fcgi_parser_free (&parser);
+}
+
+static void
+test_fcgi_nv_parser_push (const uint8_t *data, size_t size)
+{
+ struct str_map values = str_map_make (free);
+ struct fcgi_nv_parser nv_parser = fcgi_nv_parser_make ();
+ nv_parser.output = &values;
+
+ fcgi_nv_parser_push (&nv_parser, data, size);
+ fcgi_nv_parser_free (&nv_parser);
+ str_map_free (&values);
+}
+
+// --- Config ------------------------------------------------------------------
+
+static void
+test_config_item_parse (const uint8_t *data, size_t size)
+{
+ struct config_item *item =
+ config_item_parse ((const char *) data, size, false, NULL);
+ if (item)
+ config_item_destroy (item);
+}
+
+// --- TUI ---------------------------------------------------------------------
+
+static void
+test_attrs_decode (const uint8_t *data, size_t size)
+{
+ struct str wrap = str_make ();
+ str_append_data (&wrap, data, size);
+
+ attrs_decode (wrap.str);
+
+ str_free (&wrap);
+}
+
+// --- MPD ---------------------------------------------------------------------
+
+static void
+test_mpd_client_process_input (const uint8_t *data, size_t size)
+{
+ struct poller poller;
+ poller_init (&poller);
+
+ struct mpd_client mpd = mpd_client_make (&poller);
+ str_append_data (&mpd.read_buffer, data, size);
+ mpd_client_process_input (&mpd);
+ mpd_client_free (&mpd);
+
+ poller_free (&poller);
+}
+
// --- Main --------------------------------------------------------------------
typedef void (*fuzz_test_fn) (const uint8_t *data, size_t size);
@@ -180,7 +263,11 @@ LLVMFuzzerInitialize (int *argcp, char ***argvp)
REGISTER (http_parse_upgrade)
REGISTER (scgi_parser_push)
REGISTER (ws_parser_push)
- // TODO: add more parsers/processors
+ REGISTER (fcgi_parser_push)
+ REGISTER (fcgi_nv_parser_push)
+ REGISTER (config_item_parse)
+ REGISTER (attrs_decode)
+ REGISTER (mpd_client_process_input)
char **argv = *argvp, *option = "-test=", *name = NULL;
for (int i = 1; i < *argcp; i++)