/src/libgit2/fuzzers/midx_fuzzer.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * libgit2 multi-pack-index fuzzer target. |
3 | | * |
4 | | * Copyright (C) the libgit2 contributors. All rights reserved. |
5 | | * |
6 | | * This file is part of libgit2, distributed under the GNU GPL v2 with |
7 | | * a Linking Exception. For full terms see the included COPYING file. |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | |
12 | | #include "git2.h" |
13 | | |
14 | | #include "common.h" |
15 | | #include "futils.h" |
16 | | #include "hash.h" |
17 | | #include "midx.h" |
18 | | |
19 | | #include "standalone_driver.h" |
20 | | |
21 | | int LLVMFuzzerInitialize(int *argc, char ***argv) |
22 | 2 | { |
23 | 2 | GIT_UNUSED(argc); |
24 | 2 | GIT_UNUSED(argv); |
25 | | |
26 | 2 | if (git_libgit2_init() < 0) { |
27 | 0 | fprintf(stderr, "Failed to initialize libgit2\n"); |
28 | 0 | abort(); |
29 | 0 | } |
30 | 2 | return 0; |
31 | 2 | } |
32 | | |
33 | | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) |
34 | 1.91k | { |
35 | 1.91k | git_midx_file idx = {{0}}; |
36 | 1.91k | git_midx_entry e; |
37 | 1.91k | git_str midx_buf = GIT_STR_INIT; |
38 | 1.91k | unsigned char hash[GIT_HASH_SHA1_SIZE]; |
39 | 1.91k | git_oid oid = GIT_OID_NONE; |
40 | 1.91k | bool append_hash = false; |
41 | | |
42 | 1.91k | if (size < 4) |
43 | 2 | return 0; |
44 | | |
45 | | /* |
46 | | * If the first byte in the stream has the high bit set, append the |
47 | | * SHA1 hash so that the packfile is somewhat valid. |
48 | | */ |
49 | 1.90k | append_hash = *data & 0x80; |
50 | | /* Keep a 4-byte alignment to avoid unaligned accesses. */ |
51 | 1.90k | data += 4; |
52 | 1.90k | size -= 4; |
53 | | |
54 | 1.90k | if (append_hash) { |
55 | 948 | if (git_str_init(&midx_buf, size + GIT_HASH_SHA1_SIZE) < 0) |
56 | 0 | goto cleanup; |
57 | 948 | if (git_hash_buf(hash, data, size, GIT_HASH_ALGORITHM_SHA1) < 0) { |
58 | 0 | fprintf(stderr, "Failed to compute the SHA1 hash\n"); |
59 | 0 | abort(); |
60 | 0 | } |
61 | 948 | memcpy(midx_buf.ptr, data, size); |
62 | 948 | memcpy(midx_buf.ptr + size, hash, GIT_HASH_SHA1_SIZE); |
63 | | |
64 | 948 | memcpy(oid.id, hash, GIT_OID_SHA1_SIZE); |
65 | 961 | } else { |
66 | 961 | git_str_attach_notowned(&midx_buf, (char *)data, size); |
67 | 961 | } |
68 | | |
69 | 1.90k | if (git_midx_parse(&idx, (const unsigned char *)git_str_cstr(&midx_buf), git_str_len(&midx_buf)) < 0) |
70 | 1.90k | goto cleanup; |
71 | | |
72 | | /* Search for any oid, just to exercise that codepath. */ |
73 | 0 | if (git_midx_entry_find(&e, &idx, &oid, GIT_OID_SHA1_HEXSIZE) < 0) |
74 | 0 | goto cleanup; |
75 | | |
76 | 1.90k | cleanup: |
77 | 1.90k | git_midx_close(&idx); |
78 | 1.90k | git_str_dispose(&midx_buf); |
79 | 1.90k | return 0; |
80 | 0 | } |