/src/libdwarf/fuzz/fuzz_stack_frame_access.c
Line | Count | Source |
1 | | /* Copyright 2021 Google LLC |
2 | | Licensed under the Apache License, Version 2.0 (the "License"); |
3 | | you may not use this file except in compliance with the License. |
4 | | You may obtain a copy of the License at |
5 | | http://www.apache.org/licenses/LICENSE-2.0 |
6 | | Unless required by applicable law or agreed to in writing, software |
7 | | distributed under the License is distributed on an "AS IS" BASIS, |
8 | | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
9 | | See the License for the specific language governing permissions and |
10 | | limitations under the License. |
11 | | */ |
12 | | #include "dwarf.h" |
13 | | #include "libdwarf.h" |
14 | | #include <fcntl.h> /* open() O_RDONLY O_BINARY */ |
15 | | #include <stdint.h> |
16 | | #include <stdio.h> |
17 | | #include <stdlib.h> |
18 | | #include <string.h> |
19 | | #include <sys/stat.h> |
20 | | #include <sys/types.h> |
21 | | #include <unistd.h> |
22 | | |
23 | | #ifndef O_BINARY |
24 | 39.9k | #define O_BINARY 0 |
25 | | #endif |
26 | | |
27 | | |
28 | 39.9k | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
29 | 39.9k | char filename[256]; |
30 | | |
31 | | #ifdef DWREGRESSIONTEMP |
32 | | /* Under msys2, the /tmp/ results in an open fail, |
33 | | so we discard the /tmp/ here */ |
34 | | sprintf(filename, "junklibfuzzer.%d", getpid()); |
35 | | #else |
36 | 39.9k | sprintf(filename, "/tmp/libfuzzer.%d", getpid()); |
37 | 39.9k | #endif |
38 | 39.9k | FILE *fp = fopen(filename, "wb"); |
39 | 39.9k | if (!fp) { |
40 | 0 | printf("FAIL libfuzzer cannot open temp as writeable %s\n", |
41 | 0 | filename); |
42 | 0 | return 0; |
43 | 0 | } |
44 | 39.9k | fwrite(data, size, 1, fp); |
45 | 39.9k | fclose(fp); |
46 | | |
47 | 39.9k | Dwarf_Debug dbg = 0; |
48 | 39.9k | int fuzz_fd = 0; |
49 | 39.9k | int res = DW_DLV_ERROR; |
50 | 39.9k | Dwarf_Error error = 0; |
51 | 39.9k | Dwarf_Handler errhand = 0; |
52 | 39.9k | Dwarf_Ptr errarg = 0; |
53 | 39.9k | Dwarf_Error *errp = 0; |
54 | 39.9k | int i = 0; |
55 | 39.9k | Dwarf_Die die; |
56 | | |
57 | 39.9k | fuzz_fd = open(filename, O_RDONLY|O_BINARY); |
58 | 39.9k | if (fuzz_fd != -1) { |
59 | 39.9k | res = |
60 | 39.9k | dwarf_init_b(fuzz_fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, errp); |
61 | 39.9k | if (res == DW_DLV_OK) { |
62 | 18.5k | Dwarf_Bool is_info = 0; |
63 | 18.5k | Dwarf_Unsigned cu_header_length = 0; |
64 | 18.5k | Dwarf_Half version_stamp = 0; |
65 | 18.5k | Dwarf_Off abbrev_offset = 0; |
66 | 18.5k | Dwarf_Half address_size = 0; |
67 | 18.5k | Dwarf_Half length_size = 0; |
68 | 18.5k | Dwarf_Half extension_size = 0; |
69 | 18.5k | Dwarf_Sig8 type_signature; |
70 | 18.5k | Dwarf_Unsigned typeoffset = 0; |
71 | 18.5k | Dwarf_Unsigned next_cu_header_offset = 0; |
72 | 18.5k | Dwarf_Half header_cu_type = 0; |
73 | 18.5k | int res = 0; |
74 | 18.5k | Dwarf_Die cu_die = 0; |
75 | 18.5k | int level = 0; |
76 | 18.5k | static const Dwarf_Sig8 zerosignature; |
77 | | |
78 | 18.5k | type_signature = zerosignature; |
79 | 18.5k | res = dwarf_next_cu_header_d( |
80 | 18.5k | dbg, is_info, &cu_header_length, &version_stamp, &abbrev_offset, |
81 | 18.5k | &address_size, &length_size, &extension_size, &type_signature, |
82 | 18.5k | &typeoffset, &next_cu_header_offset, &header_cu_type, errp); |
83 | 18.5k | if (res == DW_DLV_OK) { |
84 | 7.57k | res = dwarf_siblingof_b(dbg, NULL, is_info, &cu_die, errp); |
85 | 7.57k | if (res == DW_DLV_OK) { |
86 | 5.93k | Dwarf_Fde dw_returned_fde; |
87 | 5.93k | dwarf_get_fde_for_die(dbg, cu_die, &dw_returned_fde, errp); |
88 | 5.93k | } else { |
89 | 1.64k | } |
90 | 7.57k | dwarf_dealloc(dbg, cu_die, DW_DLA_DIE); |
91 | 7.57k | } |
92 | 18.5k | } |
93 | 39.9k | } |
94 | 39.9k | dwarf_finish(dbg); |
95 | 39.9k | close(fuzz_fd); |
96 | 39.9k | unlink(filename); |
97 | 39.9k | return 0; |
98 | 39.9k | } |