Line | Count | Source (jump to first uncovered line) |
1 | | /* Copyright 2022 Google LLC |
2 | | Licensed under the Apache License, Version 2.0 (the "License"); |
3 | | you may not use this file except in compliance with the License. |
4 | | You may obtain a copy of the License at |
5 | | http://www.apache.org/licenses/LICENSE-2.0 |
6 | | Unless required by applicable law or agreed to in writing, software |
7 | | distributed under the License is distributed on an "AS IS" BASIS, |
8 | | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
9 | | See the License for the specific language governing permissions and |
10 | | limitations under the License. |
11 | | */ |
12 | | #include <config.h> |
13 | | |
14 | | #include <stdint.h> |
15 | | #include <stdio.h> |
16 | | #include <string.h> |
17 | | #include <stdlib.h> |
18 | | #include <syslog.h> |
19 | | #include <fcntl.h> |
20 | | #include <unistd.h> |
21 | | |
22 | | #include "src/textfile.h" |
23 | | |
24 | | |
25 | 1.89k | char *get_null_terminated(const uint8_t **data, size_t *size) { |
26 | 13.0k | #define STR_SIZE 75 |
27 | 1.89k | if (*size < STR_SIZE || (int)*size < 0) { |
28 | 46 | return NULL; |
29 | 46 | } |
30 | | |
31 | 1.84k | char *new_s = malloc(STR_SIZE + 1); |
32 | 1.84k | memcpy(new_s, *data, STR_SIZE); |
33 | 1.84k | new_s[STR_SIZE] = '\0'; |
34 | | |
35 | 1.84k | *data = *data+STR_SIZE; |
36 | 1.84k | *size -= STR_SIZE; |
37 | 1.84k | return new_s; |
38 | 1.89k | } |
39 | | |
40 | 631 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
41 | 631 | uint8_t *data_ptr = data; |
42 | 631 | size_t size_val = size; |
43 | | |
44 | 631 | char *key1 = get_null_terminated(&data_ptr, &size_val); |
45 | 631 | char *val1 = get_null_terminated(&data_ptr, &size_val); |
46 | 631 | char *key2 = get_null_terminated(&data_ptr, &size_val); |
47 | | |
48 | 631 | if (!key1 || !val1 || !key2) { |
49 | 18 | goto cleanup; |
50 | 18 | } |
51 | | // Create a file with rest of content |
52 | 613 | char filename[256]; |
53 | 613 | sprintf(filename, "/tmp/libfuzzer.%d", getpid()); |
54 | 613 | FILE *fp = fopen(filename, "wb"); |
55 | 613 | if (!fp) { |
56 | 0 | return 0; |
57 | 0 | } |
58 | 613 | fwrite(data_ptr, size_val, 1, fp); |
59 | 613 | fclose(fp); |
60 | | |
61 | 613 | textfile_put(filename, key1, val1); |
62 | 613 | textfile_get(filename, key2); |
63 | | |
64 | 613 | unlink(filename); |
65 | | |
66 | 631 | cleanup: |
67 | | |
68 | 631 | if (key1 != NULL) { |
69 | 618 | free(key1); |
70 | 618 | key1 = NULL; |
71 | 618 | } |
72 | 631 | if (val1 != NULL) { |
73 | 616 | free(val1); |
74 | 616 | val1 = NULL; |
75 | 616 | } |
76 | 631 | if (key2 != NULL) { |
77 | 613 | free(key2); |
78 | 613 | key2 = NULL; |
79 | 613 | } |
80 | | |
81 | 631 | return 0; |
82 | 613 | } |