/src/ndpi/fuzz/fuzz_serialization.cpp

Source
#include "ndpi_api.h"
#include "fuzz_common_code.h"

#include <stdint.h>
#include <stdio.h>
#include <assert.h>
#include "fuzzer/FuzzedDataProvider.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  FuzzedDataProvider fuzzed_data(data, size);
  u_int16_t i, num_iteration;
  ndpi_serializer serializer, serializer_cloned, deserializer;
  ndpi_serialization_format fmt;
  int rc;
  std::vector<char>d;
  char kbuf[32];
  u_int32_t buffer_len, kbuf_len;

  /* To allow memory allocation failures */
  fuzz_set_alloc_callbacks_and_seed(size);

  fmt = static_cast<ndpi_serialization_format>(fuzzed_data.ConsumeIntegralInRange(1, 5));

  if (fuzzed_data.ConsumeBool())
    rc = ndpi_init_serializer(&serializer, fmt);
  else
    rc = ndpi_init_serializer_ll(&serializer, fmt, fuzzed_data.ConsumeIntegralInRange(0, 64));

  if (rc != 0)
    return 0;
    
  if (fmt == ndpi_serialization_format_csv)
    ndpi_serializer_set_csv_separator(&serializer, ',');

  num_iteration = fuzzed_data.ConsumeIntegralInRange(0, 8);
  for (i = 0; i < num_iteration; i++) {
    memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
    snprintf(kbuf, sizeof(kbuf), "Key %d", i);

    ndpi_serialize_uint32_uint32(&serializer, i, fuzzed_data.ConsumeIntegral<u_int32_t>());
    ndpi_serialize_uint32_int32(&serializer, i, fuzzed_data.ConsumeIntegral<int32_t>());
    ndpi_serialize_uint32_uint64(&serializer, i, fuzzed_data.ConsumeIntegral<u_int64_t>());
    ndpi_serialize_uint32_int64(&serializer, i, fuzzed_data.ConsumeIntegral<int64_t>());
    ndpi_serialize_uint32_float(&serializer, i, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
    if (fmt != ndpi_serialization_format_tlv)
      ndpi_serialize_uint32_double(&serializer, i, fuzzed_data.ConsumeFloatingPoint<double>(), "%lf");
    d = fuzzed_data.ConsumeBytes<char>(16);
    ndpi_serialize_uint32_binary(&serializer, i, d.data(), d.size());
    ndpi_serialize_uint32_string(&serializer, i, fuzzed_data.ConsumeBytesAsString(8).c_str());
    ndpi_serialize_uint32_boolean(&serializer, i, fuzzed_data.ConsumeIntegral<int8_t>());

    ndpi_serialize_string_uint32(&serializer, kbuf, fuzzed_data.ConsumeIntegral<u_int32_t>());
    ndpi_serialize_string_uint32_format(&serializer, kbuf, fuzzed_data.ConsumeIntegral<u_int32_t>(), "%d");
    ndpi_serialize_string_int32(&serializer, kbuf, fuzzed_data.ConsumeIntegral<int32_t>());
    ndpi_serialize_string_uint64(&serializer, kbuf, fuzzed_data.ConsumeIntegral<u_int64_t>());
    ndpi_serialize_string_int64(&serializer, kbuf, fuzzed_data.ConsumeIntegral<int64_t>());
    ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
    if (fmt != ndpi_serialization_format_tlv)
      ndpi_serialize_string_double(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<double>(), "%lf");
    d = fuzzed_data.ConsumeBytes<char>(16);
    if (d.size())
      ndpi_serialize_string_binary(&serializer, kbuf, d.data(), d.size());
    ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
    d = fuzzed_data.ConsumeBytes<char>(16);
    if (d.size())
      ndpi_serialize_string_raw(&serializer, kbuf, d.data(), d.size());
    ndpi_serialize_string_boolean(&serializer, kbuf, fuzzed_data.ConsumeIntegral<int8_t>());

    if (fuzzed_data.ConsumeBool()) {
      snprintf(kbuf, sizeof(kbuf), "%d", i); /* To trigger OPTIMIZE_NUMERIC_KEYS */
      kbuf_len = strlen(kbuf);
    } else {
      kbuf_len = sizeof(kbuf);
    }
    ndpi_serialize_binary_uint32(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<u_int32_t>());
    ndpi_serialize_binary_int32(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<int32_t>());
    ndpi_serialize_binary_uint64(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<u_int64_t>());
    ndpi_serialize_binary_int64(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<int64_t>());
    ndpi_serialize_binary_float(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
    if (fmt != ndpi_serialization_format_tlv)
      ndpi_serialize_binary_double(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeFloatingPoint<double>(), "%lf");
    ndpi_serialize_binary_boolean(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<int8_t>());
    d = fuzzed_data.ConsumeBytes<char>(16);
    if (d.size())
      ndpi_serialize_binary_binary(&serializer, kbuf, kbuf_len, d.data(), d.size());

    if ((i & 0x3) == 0x3)
      ndpi_serialize_end_of_record(&serializer);
  }

  ndpi_serializer_create_snapshot(&serializer);

  if (fuzzed_data.ConsumeBool())
    ndpi_serializer_skip_header(&serializer);

  if (fuzzed_data.ConsumeBool()) {
    ndpi_serialize_start_of_block(&serializer, "Block");
    memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
    snprintf(kbuf, sizeof(kbuf), "K-Ignored");
    ndpi_serialize_uint32_uint32(&serializer, fuzzed_data.ConsumeIntegral<u_int32_t>(), fuzzed_data.ConsumeIntegral<u_int32_t>());
    ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
    ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
    ndpi_serialize_binary_boolean(&serializer, kbuf, sizeof(kbuf), fuzzed_data.ConsumeIntegral<int8_t>());
    ndpi_serialize_end_of_block(&serializer);
  }

  if (fuzzed_data.ConsumeBool()) {
    ndpi_serialize_start_of_block_uint32(&serializer, 0);
    memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
    snprintf(kbuf, sizeof(kbuf), "K32-Ignored");
    ndpi_serialize_uint32_uint32(&serializer, i, fuzzed_data.ConsumeIntegral<u_int32_t>());
    ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
    ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
    ndpi_serialize_binary_boolean(&serializer, kbuf, sizeof(kbuf), fuzzed_data.ConsumeIntegral<int8_t>());
    ndpi_serialize_end_of_block(&serializer);
  }

  if (fmt == ndpi_serialization_format_json) {
    if (fuzzed_data.ConsumeBool()) {
      d = fuzzed_data.ConsumeBytes<char>(8);
      if (d.size())
        ndpi_serialize_raw_record(&serializer, (u_char *)d.data(), d.size());
    }
  }

  if (fuzzed_data.ConsumeBool())
    ndpi_serializer_rollback_snapshot(&serializer);

  rc = ndpi_serialize_start_of_list(&serializer, "List");
  if (rc == 0) {

    num_iteration = fuzzed_data.ConsumeIntegralInRange(0, 8);
    for (i = 0; i < num_iteration; i++) {
      memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
      snprintf(kbuf, sizeof(kbuf), "Ignored");
      ndpi_serialize_uint32_uint32(&serializer, i, fuzzed_data.ConsumeIntegral<u_int32_t>());
      ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
      ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
      ndpi_serialize_binary_boolean(&serializer, kbuf, sizeof(kbuf), fuzzed_data.ConsumeIntegral<int8_t>());
    }

    ndpi_serialize_end_of_list(&serializer);
    ndpi_serialize_string_string(&serializer, "Last", "Ok");
  }

  if (fmt == ndpi_serialization_format_csv) {
    ndpi_serializer_get_header(&serializer, &buffer_len);
    ndpi_serializer_get_buffer(&serializer, &buffer_len);
    ndpi_serializer_set_buffer_len(&serializer, fuzzed_data.ConsumeIntegral<u_int32_t>());
  } else if (fmt == ndpi_serialization_format_tlv) {
    /* Conversion from tlv to json */
    rc = ndpi_init_deserializer(&deserializer, &serializer);
    if (rc == 0) {
      rc = ndpi_init_serializer_ll(&serializer_cloned, ndpi_serialization_format_json, fuzzed_data.ConsumeIntegralInRange(0, 2048));
      if (rc == 0) {
        ndpi_deserialize_clone_all(&deserializer, &serializer_cloned);
  ndpi_serializer_get_format(&serializer_cloned);
        ndpi_serializer_get_buffer(&serializer_cloned, &buffer_len);
  ndpi_serializer_get_buffer_len(&serializer_cloned);
  ndpi_serializer_get_internal_buffer_size(&serializer_cloned);
  ndpi_term_serializer(&serializer_cloned);
  assert(ndpi_deserialize_get_format(&deserializer) == ndpi_serialization_format_tlv);
      }
    }

    rc = ndpi_init_deserializer(&deserializer, &serializer);
    if (rc == 0) {
      rc = ndpi_init_serializer_ll(&serializer_cloned, ndpi_serialization_format_tlv, fuzzed_data.ConsumeIntegralInRange(0, 2048));
      if (rc == 0) {
        ndpi_deserialize_clone_item(&deserializer, &serializer_cloned);
  ndpi_term_serializer(&serializer_cloned);
      }
    }
  }

  ndpi_term_serializer(&serializer);

  return 0;
}

Line	Count	Source
1		#include "ndpi_api.h"
2		#include "fuzz_common_code.h"
3
4		#include <stdint.h>
5		#include <stdio.h>
6		#include <assert.h>
7		#include "fuzzer/FuzzedDataProvider.h"
8
9	4.18k	extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
10	4.18k	FuzzedDataProvider fuzzed_data(data, size);
11	4.18k	u_int16_t i, num_iteration;
12	4.18k	ndpi_serializer serializer, serializer_cloned, deserializer;
13	4.18k	ndpi_serialization_format fmt;
14	4.18k	int rc;
15	4.18k	std::vector<char>d;
16	4.18k	char kbuf[32];
17	4.18k	u_int32_t buffer_len, kbuf_len;
18
19		/* To allow memory allocation failures */
20	4.18k	fuzz_set_alloc_callbacks_and_seed(size);
21
22	4.18k	fmt = static_cast<ndpi_serialization_format>(fuzzed_data.ConsumeIntegralInRange(1, 5));
23
24	4.18k	if (fuzzed_data.ConsumeBool())
25	3.17k	rc = ndpi_init_serializer(&serializer, fmt);
26	1.01k	else
27	1.01k	rc = ndpi_init_serializer_ll(&serializer, fmt, fuzzed_data.ConsumeIntegralInRange(0, 64));
28
29	4.18k	if (rc != 0)
30	54	return 0;
31
32	4.13k	if (fmt == ndpi_serialization_format_csv)
33	607	ndpi_serializer_set_csv_separator(&serializer, ',');
34
35	4.13k	num_iteration = fuzzed_data.ConsumeIntegralInRange(0, 8);
36	18.6k	for (i = 0; i < num_iteration; i++) {
37	14.5k	memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
38	14.5k	snprintf(kbuf, sizeof(kbuf), "Key %d", i);
39
40	14.5k	ndpi_serialize_uint32_uint32(&serializer, i, fuzzed_data.ConsumeIntegral<u_int32_t>());
41	14.5k	ndpi_serialize_uint32_int32(&serializer, i, fuzzed_data.ConsumeIntegral<int32_t>());
42	14.5k	ndpi_serialize_uint32_uint64(&serializer, i, fuzzed_data.ConsumeIntegral<u_int64_t>());
43	14.5k	ndpi_serialize_uint32_int64(&serializer, i, fuzzed_data.ConsumeIntegral<int64_t>());
44	14.5k	ndpi_serialize_uint32_float(&serializer, i, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
45	14.5k	if (fmt != ndpi_serialization_format_tlv)
46	5.82k	ndpi_serialize_uint32_double(&serializer, i, fuzzed_data.ConsumeFloatingPoint<double>(), "%lf");
47	14.5k	d = fuzzed_data.ConsumeBytes<char>(16);
48	14.5k	ndpi_serialize_uint32_binary(&serializer, i, d.data(), d.size());
49	14.5k	ndpi_serialize_uint32_string(&serializer, i, fuzzed_data.ConsumeBytesAsString(8).c_str());
50	14.5k	ndpi_serialize_uint32_boolean(&serializer, i, fuzzed_data.ConsumeIntegral<int8_t>());
51
52	14.5k	ndpi_serialize_string_uint32(&serializer, kbuf, fuzzed_data.ConsumeIntegral<u_int32_t>());
53	14.5k	ndpi_serialize_string_uint32_format(&serializer, kbuf, fuzzed_data.ConsumeIntegral<u_int32_t>(), "%d");
54	14.5k	ndpi_serialize_string_int32(&serializer, kbuf, fuzzed_data.ConsumeIntegral<int32_t>());
55	14.5k	ndpi_serialize_string_uint64(&serializer, kbuf, fuzzed_data.ConsumeIntegral<u_int64_t>());
56	14.5k	ndpi_serialize_string_int64(&serializer, kbuf, fuzzed_data.ConsumeIntegral<int64_t>());
57	14.5k	ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
58	14.5k	if (fmt != ndpi_serialization_format_tlv)
59	5.82k	ndpi_serialize_string_double(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<double>(), "%lf");
60	14.5k	d = fuzzed_data.ConsumeBytes<char>(16);
61	14.5k	if (d.size())
62	6.27k	ndpi_serialize_string_binary(&serializer, kbuf, d.data(), d.size());
63	14.5k	ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
64	14.5k	d = fuzzed_data.ConsumeBytes<char>(16);
65	14.5k	if (d.size())
66	6.19k	ndpi_serialize_string_raw(&serializer, kbuf, d.data(), d.size());
67	14.5k	ndpi_serialize_string_boolean(&serializer, kbuf, fuzzed_data.ConsumeIntegral<int8_t>());
68
69	14.5k	if (fuzzed_data.ConsumeBool()) {
70	2.64k	snprintf(kbuf, sizeof(kbuf), "%d", i); /* To trigger OPTIMIZE_NUMERIC_KEYS */
71	2.64k	kbuf_len = strlen(kbuf);
72	11.9k	} else {
73	11.9k	kbuf_len = sizeof(kbuf);
74	11.9k	}
75	14.5k	ndpi_serialize_binary_uint32(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<u_int32_t>());
76	14.5k	ndpi_serialize_binary_int32(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<int32_t>());
77	14.5k	ndpi_serialize_binary_uint64(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<u_int64_t>());
78	14.5k	ndpi_serialize_binary_int64(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<int64_t>());
79	14.5k	ndpi_serialize_binary_float(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
80	14.5k	if (fmt != ndpi_serialization_format_tlv)
81	5.82k	ndpi_serialize_binary_double(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeFloatingPoint<double>(), "%lf");
82	14.5k	ndpi_serialize_binary_boolean(&serializer, kbuf, kbuf_len, fuzzed_data.ConsumeIntegral<int8_t>());
83	14.5k	d = fuzzed_data.ConsumeBytes<char>(16);
84	14.5k	if (d.size())
85	5.92k	ndpi_serialize_binary_binary(&serializer, kbuf, kbuf_len, d.data(), d.size());
86
87	14.5k	if ((i & 0x3) == 0x3)
88	2.63k	ndpi_serialize_end_of_record(&serializer);
89	14.5k	}
90
91	4.13k	ndpi_serializer_create_snapshot(&serializer);
92
93	4.13k	if (fuzzed_data.ConsumeBool())
94	836	ndpi_serializer_skip_header(&serializer);
95
96	4.13k	if (fuzzed_data.ConsumeBool()) {
97	646	ndpi_serialize_start_of_block(&serializer, "Block");
98	646	memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
99	646	snprintf(kbuf, sizeof(kbuf), "K-Ignored");
100	646	ndpi_serialize_uint32_uint32(&serializer, fuzzed_data.ConsumeIntegral<u_int32_t>(), fuzzed_data.ConsumeIntegral<u_int32_t>());
101	646	ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
102	646	ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
103	646	ndpi_serialize_binary_boolean(&serializer, kbuf, sizeof(kbuf), fuzzed_data.ConsumeIntegral<int8_t>());
104	646	ndpi_serialize_end_of_block(&serializer);
105	646	}
106
107	4.13k	if (fuzzed_data.ConsumeBool()) {
108	823	ndpi_serialize_start_of_block_uint32(&serializer, 0);
109	823	memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
110	823	snprintf(kbuf, sizeof(kbuf), "K32-Ignored");
111	823	ndpi_serialize_uint32_uint32(&serializer, i, fuzzed_data.ConsumeIntegral<u_int32_t>());
112	823	ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
113	823	ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
114	823	ndpi_serialize_binary_boolean(&serializer, kbuf, sizeof(kbuf), fuzzed_data.ConsumeIntegral<int8_t>());
115	823	ndpi_serialize_end_of_block(&serializer);
116	823	}
117
118	4.13k	if (fmt == ndpi_serialization_format_json) {
119	352	if (fuzzed_data.ConsumeBool()) {
120	94	d = fuzzed_data.ConsumeBytes<char>(8);
121	94	if (d.size())
122	92	ndpi_serialize_raw_record(&serializer, (u_char *)d.data(), d.size());
123	94	}
124	352	}
125
126	4.13k	if (fuzzed_data.ConsumeBool())
127	528	ndpi_serializer_rollback_snapshot(&serializer);
128
129	4.13k	rc = ndpi_serialize_start_of_list(&serializer, "List");
130	4.13k	if (rc == 0) {
131
132	3.48k	num_iteration = fuzzed_data.ConsumeIntegralInRange(0, 8);
133	7.62k	for (i = 0; i < num_iteration; i++) {
134	4.14k	memset(kbuf, '\0', sizeof(kbuf)); /* It is also used as binary key */
135	4.14k	snprintf(kbuf, sizeof(kbuf), "Ignored");
136	4.14k	ndpi_serialize_uint32_uint32(&serializer, i, fuzzed_data.ConsumeIntegral<u_int32_t>());
137	4.14k	ndpi_serialize_string_string(&serializer, kbuf, fuzzed_data.ConsumeBytesAsString(8).c_str());
138	4.14k	ndpi_serialize_string_float(&serializer, kbuf, fuzzed_data.ConsumeFloatingPoint<float>(), "%f");
139	4.14k	ndpi_serialize_binary_boolean(&serializer, kbuf, sizeof(kbuf), fuzzed_data.ConsumeIntegral<int8_t>());
140	4.14k	}
141
142	3.48k	ndpi_serialize_end_of_list(&serializer);
143	3.48k	ndpi_serialize_string_string(&serializer, "Last", "Ok");
144	3.48k	}
145
146	4.13k	if (fmt == ndpi_serialization_format_csv) {
147	607	ndpi_serializer_get_header(&serializer, &buffer_len);
148	607	ndpi_serializer_get_buffer(&serializer, &buffer_len);
149	607	ndpi_serializer_set_buffer_len(&serializer, fuzzed_data.ConsumeIntegral<u_int32_t>());
150	3.52k	} else if (fmt == ndpi_serialization_format_tlv) {
151		/* Conversion from tlv to json */
152	2.53k	rc = ndpi_init_deserializer(&deserializer, &serializer);
153	2.53k	if (rc == 0) {
154	2.53k	rc = ndpi_init_serializer_ll(&serializer_cloned, ndpi_serialization_format_json, fuzzed_data.ConsumeIntegralInRange(0, 2048));
155	2.53k	if (rc == 0) {
156	1.02k	ndpi_deserialize_clone_all(&deserializer, &serializer_cloned);
157	1.02k	ndpi_serializer_get_format(&serializer_cloned);
158	1.02k	ndpi_serializer_get_buffer(&serializer_cloned, &buffer_len);
159	1.02k	ndpi_serializer_get_buffer_len(&serializer_cloned);
160	1.02k	ndpi_serializer_get_internal_buffer_size(&serializer_cloned);
161	1.02k	ndpi_term_serializer(&serializer_cloned);
162	1.02k	assert(ndpi_deserialize_get_format(&deserializer) == ndpi_serialization_format_tlv);
163	1.02k	}
164	2.53k	}
165
166	2.53k	rc = ndpi_init_deserializer(&deserializer, &serializer);
167	2.53k	if (rc == 0) {
168	2.53k	rc = ndpi_init_serializer_ll(&serializer_cloned, ndpi_serialization_format_tlv, fuzzed_data.ConsumeIntegralInRange(0, 2048));
169	2.53k	if (rc == 0) {
170	535	ndpi_deserialize_clone_item(&deserializer, &serializer_cloned);
171	535	ndpi_term_serializer(&serializer_cloned);
172	535	}
173	2.53k	}
174	2.53k	}
175
176	4.13k	ndpi_term_serializer(&serializer);
177
178	4.13k	return 0;
179	4.13k	}

Coverage Report

Created: 2025-07-02 06:28