/src/mosquitto/fuzzing/broker/broker_fuzz_queue_msg.cpp

Source
/*
Copyright (c) 2024 Roger Light <roger@atchoo.org>

All rights reserved. This program and the accompanying materials
are made available under the terms of the Eclipse Public License 2.0
and Eclipse Distribution License v1.0 which accompany this distribution.

The Eclipse Public License is available at
   https://www.eclipse.org/legal/epl-2.0/
and the Eclipse Distribution License is available at
  http://www.eclipse.org/org/documents/edl-v10.php.

SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause

Contributors:
   Roger Light - initial implementation and documentation.
*/

#include <cstdio>
#include <cstdint>
#include <cstdlib>
#include <cstring>
#include <unistd.h>
#include <sys/stat.h>

/*
 * Broker check of acl file
 */
extern "C" {
#include "mosquitto_broker_internal.h"
}


//int sub__messages_queue(const char *source_id, const char *topic, uint8_t qos, int retain, struct mosquitto__base_msg **stored)


extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
  struct mosquitto__config config = {0};
  struct mosquitto__base_msg basemsg, *pbasemsg;

  if(mosquitto_pub_topic_check2((const char *)data, size)){
    /* sub__messages_queue only receives topics that have already been
     * checked with mosquitto_pub_topic_check2(), so we give it that benefit
     * here. */
    return 0;
  }

  memset(&basemsg, 0, sizeof(basemsg));
  basemsg.ref_count = 1;
  pbasemsg = &basemsg;

  db.config = &config;
  config.log_type = 0;
  config.log_dest = 0;
  log__init(&config);
  db__open(&config);

  char *data0 = (char *)calloc(1, size+1);
  memcpy(data0, data, size);
  sub__messages_queue("fuzzer", data0, 0, 1, &pbasemsg);
  free(data0);

  db__close();

  return 0;
}

Line	Count	Source
1		/*
2		Copyright (c) 2024 Roger Light <roger@atchoo.org>
3
4		All rights reserved. This program and the accompanying materials
5		are made available under the terms of the Eclipse Public License 2.0
6		and Eclipse Distribution License v1.0 which accompany this distribution.
7
8		The Eclipse Public License is available at
9		https://www.eclipse.org/legal/epl-2.0/
10		and the Eclipse Distribution License is available at
11		http://www.eclipse.org/org/documents/edl-v10.php.
12
13		SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
14
15		Contributors:
16		Roger Light - initial implementation and documentation.
17		*/
18
19		#include <cstdio>
20		#include <cstdint>
21		#include <cstdlib>
22		#include <cstring>
23		#include <unistd.h>
24		#include <sys/stat.h>
25
26		/*
27		* Broker check of acl file
28		*/
29		extern "C" {
30		#include "mosquitto_broker_internal.h"
31		}
32
33
34		//int sub__messages_queue(const char source_id, const char topic, uint8_t qos, int retain, struct mosquitto__base_msg **stored)
35
36
37		extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
38	469	{
39	469	struct mosquitto__config config = {0};
40	469	struct mosquitto__base_msg basemsg, *pbasemsg;
41
42	469	if(mosquitto_pub_topic_check2((const char *)data, size)){
43		/* sub__messages_queue only receives topics that have already been
44		* checked with mosquitto_pub_topic_check2(), so we give it that benefit
45		* here. */
46	28	return 0;
47	28	}
48
49	441	memset(&basemsg, 0, sizeof(basemsg));
50	441	basemsg.ref_count = 1;
51	441	pbasemsg = &basemsg;
52
53	441	db.config = &config;
54	441	config.log_type = 0;
55	441	config.log_dest = 0;
56	441	log__init(&config);
57	441	db__open(&config);
58
59	441	char data0 = (char )calloc(1, size+1);
60	441	memcpy(data0, data, size);
61	441	sub__messages_queue("fuzzer", data0, 0, 1, &pbasemsg);
62	441	free(data0);
63
64	441	db__close();
65
66	441	return 0;
67	469	}

Coverage Report

Created: 2026-02-27 06:59