/src/libtpms/tests/fuzz.cc

Source (jump to first uncovered line)
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <assert.h>

#include <libtpms/tpm_types.h>
#include <libtpms/tpm_library.h>
#include <libtpms/tpm_error.h>
#include <libtpms/tpm_memory.h>
#include <libtpms/tpm_nvfilename.h>


static void die(const char *msg)
{
    fprintf(stderr, "%s", msg);
    assert(false);
}

static TPM_RESULT mytpm_io_init(void)
{
    return TPM_SUCCESS;
}

static TPM_RESULT mytpm_io_getlocality(TPM_MODIFIER_INDICATOR *locModif,
                                       uint32_t tpm_number)
{
    *locModif = 0;

    return TPM_SUCCESS;
}

static TPM_RESULT mytpm_io_getphysicalpresence(TPM_BOOL *phyPres,
                                               uint32_t tpm_number)
{
    *phyPres = FALSE;

    return TPM_SUCCESS;
}

static unsigned char *permall;
static uint32_t permall_length;

static TPM_RESULT mytpm_nvram_loaddata(unsigned char **data,
                                       uint32_t *length,
                                       uint32_t tpm_number,
                                       const char *name)
{
    if (!strcmp(name, TPM_PERMANENT_ALL_NAME)) {
        if (permall) {
            *data = NULL;
            assert(TPM_Malloc(data, permall_length) == TPM_SUCCESS);
            memcpy(*data, permall, permall_length);
            *length = permall_length;
            return TPM_SUCCESS;
        }
    }
    return TPM_RETRY;
}

static TPM_RESULT mytpm_nvram_storedata(const unsigned char *data,
                                        uint32_t length,
                                        uint32_t tpm_number,
                                        const char *name)
{
    if (!strcmp(name, TPM_PERMANENT_ALL_NAME)) {
        free(permall);
        permall = NULL;
        assert(TPM_Malloc(&permall, length) == TPM_SUCCESS);
        memcpy(permall, data, length);
        permall_length = length;
    }
    return TPM_SUCCESS;
}

extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
    unsigned char *rbuffer = NULL;
    uint32_t rlength;
    uint32_t rtotal = 0;
    TPM_RESULT res;
    unsigned char *vol_buffer = NULL;
    uint32_t vol_buffer_len;
    unsigned char *perm_buffer = NULL;
    uint32_t perm_buffer_len;
    unsigned char startup[] = {
        0x80, 0x01, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x00, 0x01, 0x44, 0x00, 0x00
    };
    struct libtpms_callbacks cbs = {
        .sizeOfStruct               = sizeof(struct libtpms_callbacks),
        .tpm_nvram_init             = NULL,
        .tpm_nvram_loaddata         = mytpm_nvram_loaddata,
        .tpm_nvram_storedata        = mytpm_nvram_storedata,
        .tpm_nvram_deletename       = NULL,
        .tpm_io_init                = mytpm_io_init,
        .tpm_io_getlocality         = mytpm_io_getlocality,
        .tpm_io_getphysicalpresence = mytpm_io_getphysicalpresence,
    };
    res = TPMLIB_RegisterCallbacks(&cbs);
    if (res != TPM_SUCCESS)
        die("Could not register callbacks\n");

    res = TPMLIB_ChooseTPMVersion(TPMLIB_TPM_VERSION_2);
    if (res != TPM_SUCCESS)
        die("Could not choose the TPM version\n");

    res = TPMLIB_MainInit();
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_MainInit() failed\n");

    res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, startup, sizeof(startup));
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_Process(Startup) failed\n");

    res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, (unsigned char*)data, size);
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_Process(fuzz-command) failed\n");

    /* state suspend */
    res = TPMLIB_GetState(TPMLIB_STATE_VOLATILE, &vol_buffer, &vol_buffer_len);
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_GetState(TPMLIB_STATE_VOLATILE) failed\n");

    res = TPMLIB_GetState(TPMLIB_STATE_PERMANENT, &perm_buffer, &perm_buffer_len);
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_GetState(TPMLIB_STATE_PERMANENT) failed\n");

    TPMLIB_Terminate();

    /* state resume */
    res = TPMLIB_SetState(TPMLIB_STATE_PERMANENT, perm_buffer, perm_buffer_len);
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_SetState(TPMLIB_STATE_PERMANENT) failed\n");

    res = TPMLIB_SetState(TPMLIB_STATE_VOLATILE, vol_buffer, vol_buffer_len);
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_SetState(TPMLIB_STATE_VOLATILE) failed\n");

    res = TPMLIB_MainInit();
    if (res != TPM_SUCCESS)
        die("Error: TPMLIB_MainInit() to resume with the state failed\n");

    TPMLIB_Terminate();
    TPM_Free(rbuffer);
    TPM_Free(vol_buffer);
    TPM_Free(perm_buffer);
    TPM_Free(permall);
    permall = NULL;

    return 0;
}

Line	Count	Source (jump to first uncovered line)
1		#include <stdlib.h>
2		#include <stdio.h>
3		#include <string.h>
4		#include <unistd.h>
5		#include <assert.h>
6
7		#include <libtpms/tpm_types.h>
8		#include <libtpms/tpm_library.h>
9		#include <libtpms/tpm_error.h>
10		#include <libtpms/tpm_memory.h>
11		#include <libtpms/tpm_nvfilename.h>
12
13
14		static void die(const char *msg)
15	0	{
16	0	fprintf(stderr, "%s", msg);
17	0	assert(false);
18	0	}
19
20		static TPM_RESULT mytpm_io_init(void)
21	14.5k	{
22	14.5k	return TPM_SUCCESS;
23	14.5k	}
24
25		static TPM_RESULT mytpm_io_getlocality(TPM_MODIFIER_INDICATOR *locModif,
26		uint32_t tpm_number)
27	14.5k	{
28	14.5k	*locModif = 0;
29
30	14.5k	return TPM_SUCCESS;
31	14.5k	}
32
33		static TPM_RESULT mytpm_io_getphysicalpresence(TPM_BOOL *phyPres,
34		uint32_t tpm_number)
35	1	{
36	1	*phyPres = FALSE;
37
38	1	return TPM_SUCCESS;
39	1	}
40
41		static unsigned char *permall;
42		static uint32_t permall_length;
43
44		static TPM_RESULT mytpm_nvram_loaddata(unsigned char **data,
45		uint32_t *length,
46		uint32_t tpm_number,
47		const char *name)
48	36.3k	{
49	36.3k	if (!strcmp(name, TPM_PERMANENT_ALL_NAME)) {
50	29.0k	if (permall) {
51	14.5k	*data = NULL;
52	14.5k	assert(TPM_Malloc(data, permall_length) == TPM_SUCCESS);
53	14.5k	memcpy(*data, permall, permall_length);
54	14.5k	*length = permall_length;
55	14.5k	return TPM_SUCCESS;
56	14.5k	}
57	29.0k	}
58	21.8k	return TPM_RETRY;
59	36.3k	}
60
61		static TPM_RESULT mytpm_nvram_storedata(const unsigned char *data,
62		uint32_t length,
63		uint32_t tpm_number,
64		const char *name)
65	22.0k	{
66	22.0k	if (!strcmp(name, TPM_PERMANENT_ALL_NAME)) {
67	22.0k	free(permall);
68	22.0k	permall = NULL;
69	22.0k	assert(TPM_Malloc(&permall, length) == TPM_SUCCESS);
70	22.0k	memcpy(permall, data, length);
71	22.0k	permall_length = length;
72	22.0k	}
73	22.0k	return TPM_SUCCESS;
74	22.0k	}
75
76		extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
77	7.27k	{
78	7.27k	unsigned char *rbuffer = NULL;
79	7.27k	uint32_t rlength;
80	7.27k	uint32_t rtotal = 0;
81	7.27k	TPM_RESULT res;
82	7.27k	unsigned char *vol_buffer = NULL;
83	7.27k	uint32_t vol_buffer_len;
84	7.27k	unsigned char *perm_buffer = NULL;
85	7.27k	uint32_t perm_buffer_len;
86	7.27k	unsigned char startup[] = {
87	7.27k	0x80, 0x01, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x00, 0x01, 0x44, 0x00, 0x00
88	7.27k	};
89	7.27k	struct libtpms_callbacks cbs = {
90	7.27k	.sizeOfStruct = sizeof(struct libtpms_callbacks),
91	7.27k	.tpm_nvram_init = NULL,
92	7.27k	.tpm_nvram_loaddata = mytpm_nvram_loaddata,
93	7.27k	.tpm_nvram_storedata = mytpm_nvram_storedata,
94	7.27k	.tpm_nvram_deletename = NULL,
95	7.27k	.tpm_io_init = mytpm_io_init,
96	7.27k	.tpm_io_getlocality = mytpm_io_getlocality,
97	7.27k	.tpm_io_getphysicalpresence = mytpm_io_getphysicalpresence,
98	7.27k	};
99	7.27k	res = TPMLIB_RegisterCallbacks(&cbs);
100	7.27k	if (res != TPM_SUCCESS)
101	0	die("Could not register callbacks\n");
102
103	7.27k	res = TPMLIB_ChooseTPMVersion(TPMLIB_TPM_VERSION_2);
104	7.27k	if (res != TPM_SUCCESS)
105	0	die("Could not choose the TPM version\n");
106
107	7.27k	res = TPMLIB_MainInit();
108	7.27k	if (res != TPM_SUCCESS)
109	0	die("Error: TPMLIB_MainInit() failed\n");
110
111	7.27k	res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, startup, sizeof(startup));
112	7.27k	if (res != TPM_SUCCESS)
113	0	die("Error: TPMLIB_Process(Startup) failed\n");
114
115	7.27k	res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, (unsigned char*)data, size);
116	7.27k	if (res != TPM_SUCCESS)
117	0	die("Error: TPMLIB_Process(fuzz-command) failed\n");
118
119		/* state suspend */
120	7.27k	res = TPMLIB_GetState(TPMLIB_STATE_VOLATILE, &vol_buffer, &vol_buffer_len);
121	7.27k	if (res != TPM_SUCCESS)
122	0	die("Error: TPMLIB_GetState(TPMLIB_STATE_VOLATILE) failed\n");
123
124	7.27k	res = TPMLIB_GetState(TPMLIB_STATE_PERMANENT, &perm_buffer, &perm_buffer_len);
125	7.27k	if (res != TPM_SUCCESS)
126	0	die("Error: TPMLIB_GetState(TPMLIB_STATE_PERMANENT) failed\n");
127
128	7.27k	TPMLIB_Terminate();
129
130		/* state resume */
131	7.27k	res = TPMLIB_SetState(TPMLIB_STATE_PERMANENT, perm_buffer, perm_buffer_len);
132	7.27k	if (res != TPM_SUCCESS)
133	0	die("Error: TPMLIB_SetState(TPMLIB_STATE_PERMANENT) failed\n");
134
135	7.27k	res = TPMLIB_SetState(TPMLIB_STATE_VOLATILE, vol_buffer, vol_buffer_len);
136	7.27k	if (res != TPM_SUCCESS)
137	0	die("Error: TPMLIB_SetState(TPMLIB_STATE_VOLATILE) failed\n");
138
139	7.27k	res = TPMLIB_MainInit();
140	7.27k	if (res != TPM_SUCCESS)
141	0	die("Error: TPMLIB_MainInit() to resume with the state failed\n");
142
143	7.27k	TPMLIB_Terminate();
144	7.27k	TPM_Free(rbuffer);
145	7.27k	TPM_Free(vol_buffer);
146	7.27k	TPM_Free(perm_buffer);
147	7.27k	TPM_Free(permall);
148	7.27k	permall = NULL;
149
150	7.27k	return 0;
151	7.27k	}

Coverage Report

Created: 2025-07-09 06:11