/src/resiprocate/resip/stack/test/fuzzStack.cxx
Line | Count | Source (jump to first uncovered line) |
1 | | #include "rutil/DataStream.hxx" |
2 | | #include "rutil/Logger.hxx" |
3 | | |
4 | | #include "resip/stack/Auth.hxx" |
5 | | #include "resip/stack/CSeqCategory.hxx" |
6 | | #include "resip/stack/CallId.hxx" |
7 | | #include "resip/stack/CpimContents.hxx" |
8 | | #include "resip/stack/DateCategory.hxx" |
9 | | #include "resip/stack/DialogInfoContents.hxx" |
10 | | #include "resip/stack/DtmfPayloadContents.hxx" |
11 | | #include "resip/stack/ExpiresCategory.hxx" |
12 | | #include "resip/stack/GenericPidfContents.hxx" |
13 | | #include "resip/stack/GenericUri.hxx" |
14 | | #include "resip/stack/IntegerCategory.hxx" |
15 | | #include "resip/stack/InvalidContents.hxx" |
16 | | #include "resip/stack/MessageWaitingContents.hxx" |
17 | | #include "resip/stack/Mime.hxx" |
18 | | #include "resip/stack/MultipartMixedContents.hxx" |
19 | | #include "resip/stack/NameAddr.hxx" |
20 | | #include "resip/stack/OctetContents.hxx" |
21 | | #include "resip/stack/Pidf.hxx" |
22 | | #include "resip/stack/Pkcs7Contents.hxx" |
23 | | #include "resip/stack/Pkcs8Contents.hxx" |
24 | | #include "resip/stack/PlainContents.hxx" |
25 | | #include "resip/stack/PrivacyCategory.hxx" |
26 | | #include "resip/stack/RAckCategory.hxx" |
27 | | #include "resip/stack/RequestLine.hxx" |
28 | | #include "resip/stack/Rlmi.hxx" |
29 | | #include "resip/stack/SdpContents.hxx" |
30 | | #include "resip/stack/SipFrag.hxx" |
31 | | #include "resip/stack/StatusLine.hxx" |
32 | | #include "resip/stack/StringCategory.hxx" |
33 | | #include "resip/stack/Token.hxx" |
34 | | #include "resip/stack/TokenOrQuotedStringCategory.hxx" |
35 | | #include "resip/stack/UInt32Category.hxx" |
36 | | #include "resip/stack/Uri.hxx" |
37 | | #include "resip/stack/Via.hxx" |
38 | | #include "resip/stack/WarningCategory.hxx" |
39 | | #include "resip/stack/X509Contents.hxx" |
40 | | |
41 | | #include "TestSupport.hxx" |
42 | | |
43 | | static void fuzzAuth(const resip::HeaderFieldValue& hfv) |
44 | 6.23k | { |
45 | 6.23k | resip::Auth payload(hfv, resip::Headers::UNKNOWN); |
46 | 6.23k | try |
47 | 6.23k | { |
48 | 6.23k | payload.checkParsed(); |
49 | 6.23k | } |
50 | 6.23k | catch (const resip::ParseException&) |
51 | 6.23k | { |
52 | 345 | } |
53 | 6.23k | } |
54 | | |
55 | | static void fuzzCSeqCategory(const resip::HeaderFieldValue& hfv) |
56 | 6.23k | { |
57 | 6.23k | resip::CSeqCategory payload(hfv, resip::Headers::UNKNOWN); |
58 | 6.23k | try |
59 | 6.23k | { |
60 | 6.23k | payload.checkParsed(); |
61 | 6.23k | } |
62 | 6.23k | catch (const resip::ParseException&) |
63 | 6.23k | { |
64 | 5.91k | } |
65 | 6.23k | } |
66 | | |
67 | | static void fuzzCpimContents(const resip::HeaderFieldValue& hfv) |
68 | 6.23k | { |
69 | 6.23k | static const resip::Mime type("message", "cpim"); |
70 | 6.23k | resip::CpimContents payload(hfv, type); |
71 | 6.23k | try |
72 | 6.23k | { |
73 | 6.23k | payload.checkParsed(); |
74 | 6.23k | } |
75 | 6.23k | catch (const resip::ParseException&) |
76 | 6.23k | { |
77 | 0 | } |
78 | 6.23k | } |
79 | | |
80 | | static void fuzzCallId(const resip::HeaderFieldValue& hfv) |
81 | 6.23k | { |
82 | 6.23k | resip::CallId payload(hfv, resip::Headers::UNKNOWN); |
83 | 6.23k | try |
84 | 6.23k | { |
85 | 6.23k | payload.checkParsed(); |
86 | 6.23k | } |
87 | 6.23k | catch (const resip::ParseException&) |
88 | 6.23k | { |
89 | 149 | } |
90 | 6.23k | } |
91 | | |
92 | | static void fuzzDtmfPayloadContents(const resip::HeaderFieldValue& hfv) |
93 | 6.23k | { |
94 | 6.23k | static const resip::Mime type("application", "dtmf-relay"); |
95 | 6.23k | resip::DtmfPayloadContents payload(hfv, type); |
96 | 6.23k | try |
97 | 6.23k | { |
98 | 6.23k | payload.checkParsed(); |
99 | 6.23k | } |
100 | 6.23k | catch (const resip::ParseException&) |
101 | 6.23k | { |
102 | 6.21k | } |
103 | 6.23k | } |
104 | | |
105 | | static void fuzzDateCategory(const resip::HeaderFieldValue& hfv) |
106 | 6.23k | { |
107 | 6.23k | resip::DateCategory payload(hfv, resip::Headers::UNKNOWN); |
108 | 6.23k | try |
109 | 6.23k | { |
110 | 6.23k | payload.checkParsed(); |
111 | 6.23k | } |
112 | 6.23k | catch (const resip::ParseException&) |
113 | 6.23k | { |
114 | 6.23k | } |
115 | 6.23k | } |
116 | | |
117 | | static void fuzzDialogInfoContents(const resip::HeaderFieldValue& hfv) |
118 | 0 | { |
119 | 0 | static const resip::Mime type("application", "sdp"); |
120 | 0 | resip::DialogInfoContents payload(hfv, type); |
121 | 0 | try |
122 | 0 | { |
123 | 0 | payload.checkParsed(); |
124 | 0 | } |
125 | 0 | catch (const resip::ParseException&) |
126 | 0 | { |
127 | 0 | } |
128 | 0 | } |
129 | | |
130 | | static void fuzzExpiresCategory(const resip::HeaderFieldValue& hfv) |
131 | 6.23k | { |
132 | 6.23k | resip::ExpiresCategory payload(hfv, resip::Headers::UNKNOWN); |
133 | 6.23k | try |
134 | 6.23k | { |
135 | 6.23k | payload.checkParsed(); |
136 | 6.23k | } |
137 | 6.23k | catch (const resip::ParseException&) |
138 | 6.23k | { |
139 | 208 | } |
140 | 6.23k | } |
141 | | |
142 | | static void fuzzGenericPidfContents(const resip::HeaderFieldValue& hfv) |
143 | 0 | { |
144 | 0 | static const resip::Mime type("application", "pidf+xml"); |
145 | 0 | resip::GenericPidfContents payload(hfv, type); |
146 | 0 | try |
147 | 0 | { |
148 | 0 | payload.checkParsed(); |
149 | 0 | } |
150 | 0 | catch (const resip::ParseException&) |
151 | 0 | { |
152 | 0 | } |
153 | 0 | } |
154 | | |
155 | | static void fuzzGenericUri(const resip::HeaderFieldValue& hfv) |
156 | 6.23k | { |
157 | 6.23k | resip::GenericURI payload(hfv, resip::Headers::UNKNOWN); |
158 | 6.23k | try |
159 | 6.23k | { |
160 | 6.23k | payload.checkParsed(); |
161 | 6.23k | } |
162 | 6.23k | catch (const resip::ParseException&) |
163 | 6.23k | { |
164 | 6.21k | } |
165 | 6.23k | } |
166 | | |
167 | | static void fuzzIntegerCategory(const resip::HeaderFieldValue& hfv) |
168 | 6.23k | { |
169 | 6.23k | resip::IntegerCategory payload(hfv, resip::Headers::UNKNOWN); |
170 | 6.23k | try |
171 | 6.23k | { |
172 | 6.23k | payload.checkParsed(); |
173 | 6.23k | } |
174 | 6.23k | catch (const resip::ParseException&) |
175 | 6.23k | { |
176 | 5.86k | } |
177 | 6.23k | } |
178 | | |
179 | | static void fuzzInvalidContents(const resip::HeaderFieldValue& hfv) |
180 | 6.23k | { |
181 | 6.23k | static const resip::Mime type("Invalid", "Invalid"); |
182 | 6.23k | resip::InvalidContents payload(hfv, type, type); |
183 | 6.23k | try |
184 | 6.23k | { |
185 | 6.23k | payload.checkParsed(); |
186 | 6.23k | } |
187 | 6.23k | catch (const resip::ParseException&) |
188 | 6.23k | { |
189 | 0 | } |
190 | 6.23k | } |
191 | | |
192 | | static void fuzzMessageWaitingContents(const resip::HeaderFieldValue& hfv) |
193 | 6.23k | { |
194 | 6.23k | static const resip::Mime type("application", "simple-message-summary"); |
195 | 6.23k | resip::MessageWaitingContents payload(hfv, type); |
196 | 6.23k | try |
197 | 6.23k | { |
198 | 6.23k | payload.checkParsed(); |
199 | 6.23k | } |
200 | 6.23k | catch (const resip::ParseException&) |
201 | 6.23k | { |
202 | 6.23k | } |
203 | 6.23k | } |
204 | | |
205 | | static void fuzzMime(const resip::HeaderFieldValue& hfv) |
206 | 6.23k | { |
207 | 6.23k | resip::Mime payload(hfv, resip::Headers::UNKNOWN); |
208 | 6.23k | try |
209 | 6.23k | { |
210 | 6.23k | payload.checkParsed(); |
211 | 6.23k | } |
212 | 6.23k | catch (const resip::ParseException&) |
213 | 6.23k | { |
214 | 5.57k | } |
215 | 6.23k | } |
216 | | |
217 | | static void fuzzMultipartMixedContents(const resip::HeaderFieldValue& hfv) |
218 | 6.23k | { |
219 | 6.23k | static const resip::Mime type("multipart", "mixed"); |
220 | 6.23k | resip::MultipartMixedContents payload(hfv, type); |
221 | 6.23k | try |
222 | 6.23k | { |
223 | 6.23k | payload.checkParsed(); |
224 | 6.23k | } |
225 | 6.23k | catch (const resip::ParseException&) |
226 | 6.23k | { |
227 | 6.23k | } |
228 | 6.23k | } |
229 | | |
230 | | static void fuzzNameAddr(const resip::Data& buffer) |
231 | 6.23k | { |
232 | 6.23k | try |
233 | 6.23k | { |
234 | 6.23k | resip::NameAddr illegal(buffer); |
235 | 6.23k | } |
236 | 6.23k | catch (const resip::ParseException&) |
237 | 6.23k | { |
238 | 3.17k | } |
239 | 6.23k | } |
240 | | |
241 | | static void fuzzOctetContents(const resip::HeaderFieldValue& hfv) |
242 | 6.23k | { |
243 | 6.23k | static const resip::Mime type("application", "octet-stream"); |
244 | 6.23k | resip::OctetContents payload(hfv, type); |
245 | 6.23k | try |
246 | 6.23k | { |
247 | 6.23k | payload.checkParsed(); |
248 | 6.23k | } |
249 | 6.23k | catch (const resip::ParseException&) |
250 | 6.23k | { |
251 | 0 | } |
252 | 6.23k | } |
253 | | |
254 | | static void fuzzPidf(const resip::HeaderFieldValue& hfv) |
255 | 0 | { |
256 | 0 | static const resip::Mime type("application", "pidf+xml"); |
257 | 0 | resip::Pidf payload(hfv, type); |
258 | 0 | try |
259 | 0 | { |
260 | 0 | payload.checkParsed(); |
261 | 0 | } |
262 | 0 | catch (const resip::ParseException&) |
263 | 0 | { |
264 | 0 | } |
265 | 0 | } |
266 | | |
267 | | static void fuzzPkcs7Contents(const resip::HeaderFieldValue& hfv) |
268 | 6.23k | { |
269 | 6.23k | static const resip::Mime type("application", "pkcs7-mime"); |
270 | 6.23k | resip::Pkcs7Contents payload(hfv, type); |
271 | 6.23k | try |
272 | 6.23k | { |
273 | 6.23k | payload.checkParsed(); |
274 | 6.23k | } |
275 | 6.23k | catch (const resip::ParseException&) |
276 | 6.23k | { |
277 | 0 | } |
278 | 6.23k | } |
279 | | |
280 | | static void fuzzPkcs8Contents(const resip::HeaderFieldValue& hfv) |
281 | 6.23k | { |
282 | 6.23k | static const resip::Mime type("application", "pkcs8"); |
283 | 6.23k | resip::Pkcs8Contents payload(hfv, type); |
284 | 6.23k | try |
285 | 6.23k | { |
286 | 6.23k | payload.checkParsed(); |
287 | 6.23k | } |
288 | 6.23k | catch (const resip::ParseException&) |
289 | 6.23k | { |
290 | 0 | } |
291 | 6.23k | } |
292 | | |
293 | | static void fuzzPlainContents(const resip::HeaderFieldValue& hfv) |
294 | 6.23k | { |
295 | 6.23k | static const resip::Mime type("text", "plain"); |
296 | 6.23k | resip::PlainContents payload(hfv, type); |
297 | 6.23k | try |
298 | 6.23k | { |
299 | 6.23k | payload.checkParsed(); |
300 | 6.23k | } |
301 | 6.23k | catch (const resip::ParseException&) |
302 | 6.23k | { |
303 | 0 | } |
304 | 6.23k | } |
305 | | |
306 | | static void fuzzPrivacyCategory(const resip::HeaderFieldValue& hfv) |
307 | 6.23k | { |
308 | 6.23k | resip::PrivacyCategory payload(hfv, resip::Headers::UNKNOWN); |
309 | 6.23k | try |
310 | 6.23k | { |
311 | 6.23k | payload.checkParsed(); |
312 | 6.23k | } |
313 | 6.23k | catch (const resip::ParseException&) |
314 | 6.23k | { |
315 | 3.65k | } |
316 | 6.23k | } |
317 | | |
318 | | static void fuzzRAckCategory(const resip::HeaderFieldValue& hfv) |
319 | 6.23k | { |
320 | 6.23k | resip::RAckCategory payload(hfv, resip::Headers::UNKNOWN); |
321 | 6.23k | try |
322 | 6.23k | { |
323 | 6.23k | payload.checkParsed(); |
324 | 6.23k | } |
325 | 6.23k | catch (const resip::ParseException&) |
326 | 6.23k | { |
327 | 6.22k | } |
328 | 6.23k | } |
329 | | |
330 | | static void fuzzRequestLine(const resip::HeaderFieldValue& hfv) |
331 | 6.23k | { |
332 | 6.23k | resip::RequestLine payload(hfv); |
333 | 6.23k | try |
334 | 6.23k | { |
335 | 6.23k | payload.checkParsed(); |
336 | 6.23k | } |
337 | 6.23k | catch (const resip::ParseException&) |
338 | 6.23k | { |
339 | 5.55k | } |
340 | 6.23k | } |
341 | | |
342 | | static void fuzzRlmi(const resip::HeaderFieldValue& hfv) |
343 | 6.23k | { |
344 | 6.23k | static const resip::Mime type("application", "rlmi+xml"); |
345 | 6.23k | resip::Rlmi payload(hfv, type); |
346 | 6.23k | try |
347 | 6.23k | { |
348 | 6.23k | payload.checkParsed(); |
349 | 6.23k | } |
350 | 6.23k | catch (const resip::ParseException&) |
351 | 6.23k | { |
352 | 0 | } |
353 | 6.23k | } |
354 | | |
355 | | static void fuzzSdp(const resip::HeaderFieldValue& hfv) |
356 | 6.23k | { |
357 | 6.23k | static const resip::Mime type("application", "sdp"); |
358 | 6.23k | resip::SdpContents sdp(hfv, type); |
359 | 6.23k | try |
360 | 6.23k | { |
361 | 6.23k | sdp.checkParsed(); |
362 | 6.23k | } |
363 | 6.23k | catch (const resip::ParseException&) |
364 | 6.23k | { |
365 | 5.51k | } |
366 | 6.23k | } |
367 | | |
368 | | static void fuzzSip(const resip::Data& buffer) |
369 | 6.23k | { |
370 | 6.23k | try |
371 | 6.23k | { |
372 | 6.23k | std::unique_ptr<resip::SipMessage> msg(resip::TestSupport::makeMessage(buffer)); |
373 | 6.23k | } |
374 | 6.23k | catch (const resip::ParseException&) |
375 | 6.23k | { |
376 | 0 | } |
377 | 6.23k | } |
378 | | |
379 | | /* |
380 | | |
381 | | TODO: add fuzzing for those classes |
382 | | |
383 | | resip/stack/SipFrag.cxx:SipFrag::parse(ParseBuffer& pb) |
384 | | resip/stack/StatusLine.cxx:StatusLine::parse(ParseBuffer& pb) |
385 | | resip/stack/StringCategory.cxx:StringCategory::parse(ParseBuffer& pb) |
386 | | resip/stack/Token.cxx:Token::parse(ParseBuffer& pb) |
387 | | resip/stack/TokenOrQuotedStringCategory.cxx:TokenOrQuotedStringCategory::parse(ParseBuffer& pb) |
388 | | resip/stack/UInt32Category.cxx:UInt32Category::parse(ParseBuffer& pb) |
389 | | resip/stack/Via.cxx:Via::parse(ParseBuffer& pb) |
390 | | resip/stack/WarningCategory.cxx:WarningCategory::parse(ParseBuffer& pb) |
391 | | resip/stack/X509Contents.cxx:X509Contents::parse(ParseBuffer& pb) |
392 | | |
393 | | */ |
394 | | |
395 | | static void fuzzUri(const resip::HeaderFieldValue& hfv) |
396 | 6.23k | { |
397 | 6.23k | resip::Uri uri(hfv, resip::Headers::UNKNOWN); |
398 | 6.23k | try |
399 | 6.23k | { |
400 | 6.23k | uri.embedded(); |
401 | 6.23k | } |
402 | 6.23k | catch (const resip::ParseException&) |
403 | 6.23k | { |
404 | 3.14k | } |
405 | 6.23k | } |
406 | | |
407 | 4 | extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) { |
408 | 4 | resip::Log::initialize(resip::Log::Cout, resip::Log::None, *argv[0]); |
409 | 4 | return 0; |
410 | 4 | } |
411 | | |
412 | | // Entrypoint for Clang's libfuzzer |
413 | | extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, |
414 | 6.39k | unsigned long size) { |
415 | | |
416 | 6.39k | const resip::Data buffer(resip::Data::Share, reinterpret_cast<const char*>(data), size); |
417 | 6.39k | const resip::HeaderFieldValue hfv(reinterpret_cast<const char*>(data), size); |
418 | | |
419 | 6.39k | fuzzAuth(hfv); |
420 | 6.39k | fuzzCSeqCategory(hfv); |
421 | 6.39k | fuzzCallId(hfv); |
422 | 6.39k | fuzzCpimContents(hfv); |
423 | 6.39k | fuzzDtmfPayloadContents(hfv); |
424 | 6.39k | fuzzDateCategory(hfv); |
425 | 6.39k | fuzzExpiresCategory(hfv); |
426 | 6.39k | fuzzGenericUri(hfv); |
427 | 6.39k | fuzzIntegerCategory(hfv); |
428 | 6.39k | fuzzInvalidContents(hfv); |
429 | 6.39k | fuzzMessageWaitingContents(hfv); |
430 | 6.39k | fuzzMime(hfv); |
431 | 6.39k | fuzzMultipartMixedContents(hfv); |
432 | 6.39k | fuzzNameAddr(buffer); |
433 | 6.39k | fuzzOctetContents(hfv); |
434 | | |
435 | 6.39k | fuzzPkcs7Contents(hfv); |
436 | 6.39k | fuzzPkcs8Contents(hfv); |
437 | 6.39k | fuzzPlainContents(hfv); |
438 | 6.39k | fuzzPrivacyCategory(hfv); |
439 | 6.39k | fuzzRAckCategory(hfv); |
440 | 6.39k | fuzzRequestLine(hfv); |
441 | 6.39k | fuzzRlmi(hfv); |
442 | 6.39k | fuzzSdp(hfv); |
443 | 6.39k | fuzzSip(buffer); |
444 | 6.39k | fuzzUri(hfv); |
445 | | |
446 | | // leaks or hogs memory |
447 | | //fuzzDialogInfoContents(hfv); |
448 | | //fuzzGenericPidfContents(hfv); |
449 | | //fuzzPidf(hfv); return 0; |
450 | | |
451 | 6.39k | return 0; |
452 | 6.39k | } |
453 | | |
454 | | /* ==================================================================== |
455 | | * The Vovida Software License, Version 1.0 |
456 | | * |
457 | | * Copyright (c) 2000 Vovida Networks, Inc. All rights reserved. |
458 | | * |
459 | | * Redistribution and use in source and binary forms, with or without |
460 | | * modification, are permitted provided that the following conditions |
461 | | * are met: |
462 | | * |
463 | | * 1. Redistributions of source code must retain the above copyright |
464 | | * notice, this list of conditions and the following disclaimer. |
465 | | * |
466 | | * 2. Redistributions in binary form must reproduce the above copyright |
467 | | * notice, this list of conditions and the following disclaimer in |
468 | | * the documentation and/or other materials provided with the |
469 | | * distribution. |
470 | | * |
471 | | * 3. The names "VOCAL", "Vovida Open Communication Application Library", |
472 | | * and "Vovida Open Communication Application Library (VOCAL)" must |
473 | | * not be used to endorse or promote products derived from this |
474 | | * software without prior written permission. For written |
475 | | * permission, please contact vocal@vovida.org. |
476 | | * |
477 | | * 4. Products derived from this software may not be called "VOCAL", nor |
478 | | * may "VOCAL" appear in their name, without prior written |
479 | | * permission of Vovida Networks, Inc. |
480 | | * |
481 | | * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED |
482 | | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
483 | | * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND |
484 | | * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA |
485 | | * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES |
486 | | * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL, |
487 | | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
488 | | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR |
489 | | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
490 | | * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
491 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE |
492 | | * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH |
493 | | * DAMAGE. |
494 | | * |
495 | | * ==================================================================== |
496 | | * |
497 | | * This software consists of voluntary contributions made by Vovida |
498 | | * Networks, Inc. and many individuals on behalf of Vovida Networks, |
499 | | * Inc. For more information on Vovida Networks, Inc., please see |
500 | | * <http://www.vovida.org/>. |
501 | | * |
502 | | */ |