/src/ndpi/fuzz/fuzz_quic_get_crypto_data.c

Source
#include "ndpi_api.h"
#include "ndpi_private.h"
#include "fuzz_common_code.h"

#include <stdint.h>
#include <stdio.h>

struct ndpi_detection_module_struct *ndpi_info_mod = NULL;
struct ndpi_flow_struct *flow = NULL;

int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
  const u_int8_t *crypto_data;
  uint64_t crypto_data_len;
  u_int32_t first_int, version = 0;

  if(ndpi_info_mod == NULL) {
    fuzz_init_detection_module(&ndpi_info_mod, NULL);

    flow = ndpi_calloc(1, SIZEOF_FLOW_STRUCT);
  }

  if(Size < 4)
    return 0;

  first_int = ntohl(*(u_int32_t *)Data);
  if((first_int % 4) == 0)
    version = 0x00000001; /* v1 */
  else if((first_int % 4) == 1)
    version = 0x51303530; /* Q050 */
  else if((first_int % 4) == 2)
    version = 0x51303436; /* Q046 */
  else if((first_int % 4) == 3)
    version = 0x709A50C4; /* v2 */

  memset(flow, '\0', sizeof(*flow));
  flow->detected_protocol_stack[0] = NDPI_PROTOCOL_QUIC;
  flow->l4_proto = IPPROTO_UDP;
  flow->protos.tls_quic.quic_version = version;

  crypto_data = get_crypto_data(ndpi_info_mod, flow, (u_int8_t *)Data + 4, Size - 4, &crypto_data_len);

  if(crypto_data) {
    if(!is_version_with_tls(version)) {
      process_chlo(ndpi_info_mod, flow, crypto_data, crypto_data_len);
    } else {
      process_tls(ndpi_info_mod, flow, crypto_data, crypto_data_len);
    }
  }

  ndpi_free_flow_data(flow);

  return 0;
}

Line	Count	Source
1		#include "ndpi_api.h"
2		#include "ndpi_private.h"
3		#include "fuzz_common_code.h"
4
5		#include <stdint.h>
6		#include <stdio.h>
7
8		struct ndpi_detection_module_struct *ndpi_info_mod = NULL;
9		struct ndpi_flow_struct *flow = NULL;
10
11	4.34k	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
12	4.34k	const u_int8_t *crypto_data;
13	4.34k	uint64_t crypto_data_len;
14	4.34k	u_int32_t first_int, version = 0;
15
16	4.34k	if(ndpi_info_mod == NULL) {
17	1	fuzz_init_detection_module(&ndpi_info_mod, NULL);
18
19	1	flow = ndpi_calloc(1, SIZEOF_FLOW_STRUCT);
20	1	}
21
22	4.34k	if(Size < 4)
23	3	return 0;
24
25	4.33k	first_int = ntohl((u_int32_t )Data);
26	4.33k	if((first_int % 4) == 0)
27	2.96k	version = 0x00000001; /* v1 */
28	1.37k	else if((first_int % 4) == 1)
29	1.08k	version = 0x51303530; /* Q050 */
30	289	else if((first_int % 4) == 2)
31	229	version = 0x51303436; /* Q046 */
32	60	else if((first_int % 4) == 3)
33	60	version = 0x709A50C4; /* v2 */
34
35	4.33k	memset(flow, '\0', sizeof(*flow));
36	4.33k	flow->detected_protocol_stack[0] = NDPI_PROTOCOL_QUIC;
37	4.33k	flow->l4_proto = IPPROTO_UDP;
38	4.33k	flow->protos.tls_quic.quic_version = version;
39
40	4.33k	crypto_data = get_crypto_data(ndpi_info_mod, flow, (u_int8_t *)Data + 4, Size - 4, &crypto_data_len);
41
42	4.33k	if(crypto_data) {
43	3.58k	if(!is_version_with_tls(version)) {
44	1.09k	process_chlo(ndpi_info_mod, flow, crypto_data, crypto_data_len);
45	2.49k	} else {
46	2.49k	process_tls(ndpi_info_mod, flow, crypto_data, crypto_data_len);
47	2.49k	}
48	3.58k	}
49
50	4.33k	ndpi_free_flow_data(flow);
51
52	4.33k	return 0;
53	4.34k	}

Coverage Report

Created: 2025-07-02 06:28