/src/libdwarf/fuzz/fuzz_debug_str.c
Line | Count | Source |
1 | | /* Copyright 2021 Google LLC |
2 | | Licensed under the Apache License, Version 2.0 (the "License"); |
3 | | you may not use this file except in compliance with the License. |
4 | | You may obtain a copy of the License at |
5 | | http://www.apache.org/licenses/LICENSE-2.0 |
6 | | Unless required by applicable law or agreed to in writing, software |
7 | | distributed under the License is distributed on an "AS IS" BASIS, |
8 | | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
9 | | See the License for the specific language governing permissions and |
10 | | limitations under the License. |
11 | | */ |
12 | | #include <fcntl.h> /* open() O_RDONLY O_BINARY */ |
13 | | #include <stdint.h> |
14 | | #include <stdio.h> |
15 | | #include <stdlib.h> |
16 | | #include <string.h> |
17 | | #include <sys/types.h> |
18 | | #include <unistd.h> |
19 | | |
20 | | #ifndef O_BINARY |
21 | 8.22k | #define O_BINARY 0 /* So it does nothing in Linux/Unix */ |
22 | | #endif |
23 | | |
24 | | /* |
25 | | * Libdwarf library callers can only use these headers. |
26 | | */ |
27 | | #include "dwarf.h" |
28 | | #include "libdwarf.h" |
29 | | |
30 | | /* |
31 | | * Fuzzer function |
32 | | */ |
33 | 8.22k | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
34 | 8.22k | char filename[256]; |
35 | | #ifdef DWREGRESSIONTEMP |
36 | | /* Under msys2, the /tmp/ results in an open fail */ |
37 | | sprintf(filename, "libfuzzer.%d", getpid()); |
38 | | #else |
39 | 8.22k | sprintf(filename, "/tmp/libfuzzer.%d", getpid()); |
40 | 8.22k | #endif |
41 | 8.22k | FILE *fp = fopen(filename, "wb"); |
42 | 8.22k | if (!fp) { |
43 | 0 | printf("FAIL libfuzzer cannot open temp as writeable %s\n", |
44 | 0 | filename); |
45 | 0 | return 0; |
46 | 0 | } |
47 | 8.22k | fwrite(data, size, 1, fp); |
48 | 8.22k | fclose(fp); |
49 | | |
50 | 8.22k | Dwarf_Debug dbg = 0; |
51 | 8.22k | int res = DW_DLV_ERROR; |
52 | 8.22k | Dwarf_Error error = 0; |
53 | 8.22k | Dwarf_Handler errhand = 0; |
54 | 8.22k | Dwarf_Ptr errarg = 0; |
55 | | |
56 | 8.22k | int fd = open(filename, O_RDONLY | O_BINARY); |
57 | 8.22k | if (fd < 0) { |
58 | 0 | exit(EXIT_FAILURE); |
59 | 0 | } |
60 | | |
61 | 8.22k | res = dwarf_init_b(fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, &error); |
62 | | |
63 | 8.22k | if (res != DW_DLV_OK) { |
64 | 7.67k | dwarf_dealloc_error(dbg, error); |
65 | 7.67k | } else { |
66 | | /* libdwarf does not require offset to be anything in |
67 | | particular, and will work fine regardless |
68 | | (possibly returning DW_DLV_ERROR or DW_DLV_OK). But |
69 | | valgrind generates a warning passing in the uninitialized |
70 | | value so let us initialize it to ... something. */ |
71 | 547 | Dwarf_Off dw_offset = 11; |
72 | 547 | char *dw_string; |
73 | 547 | Dwarf_Signed dw_strlen_of_string; |
74 | | |
75 | 418k | while ((res = dwarf_get_str(dbg, dw_offset, &dw_string, |
76 | 418k | &dw_strlen_of_string, &error)) == DW_DLV_OK) { |
77 | 417k | dw_offset += dw_strlen_of_string + 1; |
78 | 417k | } |
79 | 547 | } |
80 | | |
81 | 8.22k | dwarf_finish(dbg); |
82 | 8.22k | close(fd); |
83 | 8.22k | unlink(filename); |
84 | 8.22k | return 0; |
85 | 8.22k | } |