/src/gnupg/tests/fuzz/fuzz_verify.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* Copyright 2020 Google Inc. |
2 | | |
3 | | Licensed under the Apache License, Version 2.0 (the "License"); |
4 | | you may not use this file except in compliance with the License. |
5 | | You may obtain a copy of the License at |
6 | | |
7 | | http://www.apache.org/licenses/LICENSE-2.0 |
8 | | |
9 | | Unless required by applicable law or agreed to in writing, software |
10 | | distributed under the License is distributed on an "AS IS" BASIS, |
11 | | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 | | See the License for the specific language governing permissions and |
13 | | limitations under the License. |
14 | | */ |
15 | | |
16 | | #include <stdint.h> |
17 | | #include <stddef.h> |
18 | | #include <stdlib.h> |
19 | | #include <stdio.h> |
20 | | #include <stdbool.h> |
21 | | #include <ftw.h> |
22 | | |
23 | | #define INCLUDED_BY_MAIN_MODULE 1 |
24 | | #include "config.h" |
25 | | #include "gpg.h" |
26 | | #include "../common/types.h" |
27 | | #include "../common/iobuf.h" |
28 | | #include "keydb.h" |
29 | | #include "keyedit.h" |
30 | | #include "../common/util.h" |
31 | | #include "main.h" |
32 | | #include "call-dirmngr.h" |
33 | | #include "trustdb.h" |
34 | | |
35 | | #include <sys/stat.h> |
36 | | #include <fcntl.h> |
37 | | #include <sys/types.h> |
38 | | #include <unistd.h> |
39 | | #include <sys/mount.h> |
40 | | |
41 | | static bool initialized = false; |
42 | | ctrl_t ctrlGlobal; |
43 | | int fd; |
44 | | char *filename; |
45 | | |
46 | | //hack not to include gpg.c which has main function |
47 | | int g10_errors_seen = 0; |
48 | | |
49 | | void |
50 | | g10_exit( int rc ) |
51 | 0 | { |
52 | 0 | gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); |
53 | 0 | gcry_control (GCRYCTL_TERM_SECMEM ); |
54 | 0 | exit (rc); |
55 | 0 | } |
56 | | |
57 | | static void |
58 | | gpg_deinit_default_ctrl (ctrl_t ctrl) |
59 | 24.4k | { |
60 | | #ifdef USE_TOFU |
61 | | tofu_closedbs (ctrl); |
62 | | #endif |
63 | 24.4k | gpg_dirmngr_deinit_session_data (ctrl); |
64 | | |
65 | 24.4k | keydb_release (ctrl->cached_getkey_kdb); |
66 | 24.4k | } |
67 | | |
68 | | static void |
69 | | my_gcry_logger (void *dummy, int level, const char *format, va_list arg_ptr) |
70 | 70.7k | { |
71 | 70.7k | return; |
72 | 70.7k | } |
73 | | |
74 | | static int unlink_cb(const char *fpath, const struct stat *sb, int typeflag) |
75 | 0 | { |
76 | 0 | if (typeflag == FTW_F){ |
77 | 0 | unlink(fpath); |
78 | 0 | } |
79 | 0 | return 0; |
80 | 0 | } |
81 | | |
82 | | static void rmrfdir(char *path) |
83 | 1 | { |
84 | 1 | ftw(path, unlink_cb, 16); |
85 | 1 | if (rmdir(path) != 0) { |
86 | 1 | printf("failed rmdir, errno=%d\n", errno); |
87 | 1 | } |
88 | 1 | } |
89 | | |
90 | 12.2k | int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { |
91 | | |
92 | 12.2k | if (! initialized) { |
93 | 1 | ctrlGlobal = (ctrl_t) malloc(sizeof(*ctrlGlobal)); |
94 | 1 | if (!ctrlGlobal) { |
95 | 0 | exit(1); |
96 | 0 | } |
97 | | //deletes previous tmp dir and (re)create it as a ramfs |
98 | | //system("umount /tmp/fuzzdirverify"); |
99 | 1 | rmrfdir("/tmp/fuzzdirverify"); |
100 | 1 | mkdir("/tmp/fuzzdirverify/", 0700); |
101 | | //system("mount -t tmpfs -o size=64M tmpfs /tmp/fuzzdirverify"); |
102 | 1 | filename=strdup("/tmp/fuzzdirverify/fuzz.gpg"); |
103 | 1 | if (!filename) { |
104 | 0 | free(ctrlGlobal); |
105 | 0 | return 0; |
106 | 0 | } |
107 | 1 | fd = open("/tmp/fuzzdirverify/fuzz.gpg", O_RDWR | O_CREAT, 0600); |
108 | 1 | if (fd == -1) { |
109 | 0 | free(ctrlGlobal); |
110 | 0 | free(filename); |
111 | 0 | return 0; |
112 | 0 | } |
113 | 1 | gnupg_set_homedir("/tmp/fuzzdirverify/"); |
114 | 1 | if (keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG, |
115 | 1 | KEYDB_RESOURCE_FLAG_DEFAULT) != GPG_ERR_NO_ERROR) { |
116 | 0 | free(filename); |
117 | 0 | free(ctrlGlobal); |
118 | 0 | close(fd); |
119 | 0 | return 0; |
120 | 0 | } |
121 | 1 | if (setup_trustdb (1, NULL) != GPG_ERR_NO_ERROR) { |
122 | 0 | free(filename); |
123 | 0 | free(ctrlGlobal); |
124 | 0 | close(fd); |
125 | 0 | return 0; |
126 | 0 | } |
127 | | //populate /tmp/fuzzdirverify/ as homedir ~/.gnupg |
128 | 1 | strlist_t sl = NULL; |
129 | 1 | public_key_list (ctrlGlobal, sl, 0, 0); |
130 | 1 | free_strlist(sl); |
131 | | //no output for stderr |
132 | 1 | log_set_file("/dev/null"); |
133 | 1 | gcry_set_log_handler (my_gcry_logger, NULL); |
134 | 1 | gnupg_initialize_compliance (GNUPG_MODULE_NAME_GPG); |
135 | 1 | initialized = true; |
136 | 1 | } |
137 | | |
138 | 12.2k | memset(ctrlGlobal, 0, sizeof(*ctrlGlobal)); |
139 | 12.2k | ctrlGlobal->magic = SERVER_CONTROL_MAGIC; |
140 | | |
141 | 12.2k | if (ftruncate(fd, Size) == -1) { |
142 | 0 | return 0; |
143 | 0 | } |
144 | 12.2k | if (lseek (fd, 0, SEEK_SET) < 0) { |
145 | 0 | return 0; |
146 | 0 | } |
147 | 12.2k | if (write (fd, Data, Size) != Size) { |
148 | 0 | return 0; |
149 | 0 | } |
150 | | |
151 | 12.2k | verify_signatures(ctrlGlobal, 1, &filename); |
152 | 12.2k | gpg_deinit_default_ctrl (ctrlGlobal); |
153 | 12.2k | memset(ctrlGlobal, 0, sizeof(*ctrlGlobal)); |
154 | 12.2k | ctrlGlobal->magic = SERVER_CONTROL_MAGIC; |
155 | 12.2k | verify_files(ctrlGlobal, 1, &filename); |
156 | 12.2k | gpg_deinit_default_ctrl (ctrlGlobal); |
157 | | |
158 | 12.2k | return 0; |
159 | 12.2k | } |