Coverage Report

Created: 2025-01-28 06:43

/src/fuzz_textfile.c
Line
Count
Source (jump to first uncovered line)
1
/* Copyright 2022 Google LLC
2
Licensed under the Apache License, Version 2.0 (the "License");
3
you may not use this file except in compliance with the License.
4
You may obtain a copy of the License at
5
      http://www.apache.org/licenses/LICENSE-2.0
6
Unless required by applicable law or agreed to in writing, software
7
distributed under the License is distributed on an "AS IS" BASIS,
8
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
9
See the License for the specific language governing permissions and
10
limitations under the License.
11
*/
12
#include <config.h>
13
14
#include <stdint.h>
15
#include <stdio.h>
16
#include <string.h>
17
#include <stdlib.h>
18
#include <syslog.h>
19
#include <fcntl.h>
20
#include <unistd.h>
21
22
#include "src/textfile.h"
23
24
25
1.89k
char *get_null_terminated(const uint8_t **data, size_t *size) {
26
13.0k
#define STR_SIZE 75
27
1.89k
  if (*size < STR_SIZE || (int)*size < 0) {
28
46
    return NULL;
29
46
  }
30
31
1.84k
  char *new_s = malloc(STR_SIZE + 1);
32
1.84k
  memcpy(new_s, *data, STR_SIZE);
33
1.84k
  new_s[STR_SIZE] = '\0';
34
35
1.84k
  *data = *data+STR_SIZE;
36
1.84k
  *size -= STR_SIZE;
37
1.84k
  return new_s;
38
1.89k
}
39
40
631
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
41
631
  uint8_t *data_ptr = data;
42
631
  size_t size_val = size;
43
44
631
  char *key1 = get_null_terminated(&data_ptr, &size_val);
45
631
  char *val1 = get_null_terminated(&data_ptr, &size_val);
46
631
  char *key2 = get_null_terminated(&data_ptr, &size_val);
47
48
631
  if (!key1 || !val1 || !key2) {
49
18
    goto cleanup;
50
18
  }
51
  // Create a file with rest of content
52
613
  char filename[256];
53
613
  sprintf(filename, "/tmp/libfuzzer.%d", getpid());
54
613
  FILE *fp = fopen(filename, "wb");
55
613
  if (!fp) {
56
0
    return 0;
57
0
  }
58
613
  fwrite(data_ptr, size_val, 1, fp);
59
613
  fclose(fp);
60
61
613
  textfile_put(filename, key1, val1);
62
613
  textfile_get(filename, key2);
63
64
613
  unlink(filename);
65
66
631
cleanup:
67
68
631
  if (key1 != NULL) {
69
618
    free(key1);
70
618
    key1 = NULL;
71
618
  }
72
631
  if (val1 != NULL) {
73
616
    free(val1);
74
616
    val1 = NULL;
75
616
  }
76
631
  if (key2 != NULL) {
77
613
    free(key2);
78
613
    key2 = NULL;
79
613
  }
80
81
631
  return 0;
82
613
}