/src/libdwarf/fuzz/fuzz_debug_addr_access.c

Source
/* Copyright 2021 Google LLC
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
      http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include <fcntl.h> /* open() O_RDONLY O_BINARY */
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>

/*
 * Libdwarf library callers can only use these headers.
 */
#include "dwarf.h"
#include "libdwarf.h"

#ifndef O_BINARY
#define O_BINARY 0
#endif

/*
 * Fuzzer function
 */
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  char filename[256];
#ifdef DWREGRESSIONTEMP
  /* Under msys2, the /tmp/ results in an open fail */
  sprintf(filename, "libfuzzer.%d", getpid());
#else
  sprintf(filename, "/tmp/libfuzzer.%d", getpid());
#endif
  FILE *fp = fopen(filename, "wb");
  if (!fp) {
    printf("FAIL libfuzzer cannot open temp as writeable %s\n",
        filename);
    return 0;
  }
  fwrite(data, size, 1, fp);
  fclose(fp);

  int fuzz_fd = 0;
  Dwarf_Ptr errarg = 0;
  Dwarf_Handler errhand = 0;
  Dwarf_Error *errp = 0;
  Dwarf_Debug dbg = 0;

  fuzz_fd = open(filename, O_RDONLY|O_BINARY);
  if (fuzz_fd != -1) {
    int res =
        dwarf_init_b(fuzz_fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, errp);

    if (res != DW_DLV_OK) {
      dwarf_finish(dbg);
      close(fuzz_fd);
      unlink(filename);
      return 0;
    }
    Dwarf_Debug_Addr_Table debug_address_table;
    Dwarf_Unsigned dw_section_offset = 0;
    Dwarf_Unsigned dw_debug_address_table_length = 0;
    Dwarf_Half dw_version;
    Dwarf_Small dw_address_size;
    Dwarf_Unsigned dw_dw_at_addr_base;
    Dwarf_Unsigned dw_entry_count;
    Dwarf_Unsigned dw_next_table_offset;
    res = dwarf_debug_addr_table(dbg, dw_section_offset, &debug_address_table,
                                 &dw_debug_address_table_length, &dw_version,
                                 &dw_address_size, &dw_dw_at_addr_base,
                                 &dw_entry_count, &dw_next_table_offset, errp);

    if (res != DW_DLV_OK) {
      if (res == DW_DLV_ERROR) {
        if (errp) {
          dwarf_dealloc_error(dbg, *errp);
        }
      }
      dwarf_finish(dbg);
      close(fuzz_fd);
      unlink(filename);
      return 0;
    }
    for (Dwarf_Unsigned curindex = 0; curindex < dw_entry_count; ++curindex) {
      Dwarf_Unsigned addr = 0;
      res =
          dwarf_debug_addr_by_index(debug_address_table, curindex, &addr, errp);

      if (res != DW_DLV_OK) {
        break;
      }
    }
    if (errp) {
        dwarf_dealloc_error(dbg, *errp);
    }
    dwarf_dealloc_debug_addr_table(debug_address_table);
    dwarf_finish(dbg);
    close(fuzz_fd);
  }

  unlink(filename);
  return 0;
}

Line	Count	Source
1		/* Copyright 2021 Google LLC
2		Licensed under the Apache License, Version 2.0 (the "License");
3		you may not use this file except in compliance with the License.
4		You may obtain a copy of the License at
5		http://www.apache.org/licenses/LICENSE-2.0
6		Unless required by applicable law or agreed to in writing, software
7		distributed under the License is distributed on an "AS IS" BASIS,
8		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
9		See the License for the specific language governing permissions and
10		limitations under the License.
11		*/
12		#include <fcntl.h> /* open() O_RDONLY O_BINARY */
13		#include <stdint.h>
14		#include <stdio.h>
15		#include <stdlib.h>
16		#include <string.h>
17		#include <sys/stat.h>
18		#include <sys/types.h>
19		#include <unistd.h>
20
21		/*
22		* Libdwarf library callers can only use these headers.
23		*/
24		#include "dwarf.h"
25		#include "libdwarf.h"
26
27		#ifndef O_BINARY
28	8.53k	#define O_BINARY 0
29		#endif
30
31		/*
32		* Fuzzer function
33		*/
34	8.53k	int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
35	8.53k	char filename[256];
36		#ifdef DWREGRESSIONTEMP
37		/* Under msys2, the /tmp/ results in an open fail */
38		sprintf(filename, "libfuzzer.%d", getpid());
39		#else
40	8.53k	sprintf(filename, "/tmp/libfuzzer.%d", getpid());
41	8.53k	#endif
42	8.53k	FILE *fp = fopen(filename, "wb");
43	8.53k	if (!fp) {
44	0	printf("FAIL libfuzzer cannot open temp as writeable %s\n",
45	0	filename);
46	0	return 0;
47	0	}
48	8.53k	fwrite(data, size, 1, fp);
49	8.53k	fclose(fp);
50
51	8.53k	int fuzz_fd = 0;
52	8.53k	Dwarf_Ptr errarg = 0;
53	8.53k	Dwarf_Handler errhand = 0;
54	8.53k	Dwarf_Error *errp = 0;
55	8.53k	Dwarf_Debug dbg = 0;
56
57	8.53k	fuzz_fd = open(filename, O_RDONLY\|O_BINARY);
58	8.53k	if (fuzz_fd != -1) {
59	8.53k	int res =
60	8.53k	dwarf_init_b(fuzz_fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, errp);
61
62	8.53k	if (res != DW_DLV_OK) {
63	7.14k	dwarf_finish(dbg);
64	7.14k	close(fuzz_fd);
65	7.14k	unlink(filename);
66	7.14k	return 0;
67	7.14k	}
68	1.39k	Dwarf_Debug_Addr_Table debug_address_table;
69	1.39k	Dwarf_Unsigned dw_section_offset = 0;
70	1.39k	Dwarf_Unsigned dw_debug_address_table_length = 0;
71	1.39k	Dwarf_Half dw_version;
72	1.39k	Dwarf_Small dw_address_size;
73	1.39k	Dwarf_Unsigned dw_dw_at_addr_base;
74	1.39k	Dwarf_Unsigned dw_entry_count;
75	1.39k	Dwarf_Unsigned dw_next_table_offset;
76	1.39k	res = dwarf_debug_addr_table(dbg, dw_section_offset, &debug_address_table,
77	1.39k	&dw_debug_address_table_length, &dw_version,
78	1.39k	&dw_address_size, &dw_dw_at_addr_base,
79	1.39k	&dw_entry_count, &dw_next_table_offset, errp);
80
81	1.39k	if (res != DW_DLV_OK) {
82	1.37k	if (res == DW_DLV_ERROR) {
83	1.08k	if (errp) {
84	0	dwarf_dealloc_error(dbg, *errp);
85	0	}
86	1.08k	}
87	1.37k	dwarf_finish(dbg);
88	1.37k	close(fuzz_fd);
89	1.37k	unlink(filename);
90	1.37k	return 0;
91	1.37k	}
92	25.3k	for (Dwarf_Unsigned curindex = 0; curindex < dw_entry_count; ++curindex) {
93	25.2k	Dwarf_Unsigned addr = 0;
94	25.2k	res =
95	25.2k	dwarf_debug_addr_by_index(debug_address_table, curindex, &addr, errp);
96
97	25.2k	if (res != DW_DLV_OK) {
98	0	break;
99	0	}
100	25.2k	}
101	18	if (errp) {
102	0	dwarf_dealloc_error(dbg, *errp);
103	0	}
104	18	dwarf_dealloc_debug_addr_table(debug_address_table);
105	18	dwarf_finish(dbg);
106	18	close(fuzz_fd);
107	18	}
108
109	18	unlink(filename);
110	18	return 0;
111	8.53k	}

Coverage Report

Created: 2026-01-17 06:05