/src/samba/lib/fuzzing/fuzz_ldb_dn_explode.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | Fuzzing ldb_dn_explode |
3 | | Copyright (C) Catalyst IT 2020 |
4 | | |
5 | | This program is free software; you can redistribute it and/or modify |
6 | | it under the terms of the GNU General Public License as published by |
7 | | the Free Software Foundation; either version 3 of the License, or |
8 | | (at your option) any later version. |
9 | | |
10 | | This program is distributed in the hope that it will be useful, |
11 | | but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 | | GNU General Public License for more details. |
14 | | |
15 | | You should have received a copy of the GNU General Public License |
16 | | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | | */ |
18 | | #include "includes.h" |
19 | | #include "fuzzing/fuzzing.h" |
20 | | #include "ldb.h" |
21 | | |
22 | | |
23 | 0 | #define MAX_LENGTH (2 * 1024 * 1024 - 1) |
24 | | char buf[MAX_LENGTH + 1] = {0}; |
25 | | |
26 | | int LLVMFuzzerTestOneInput(const uint8_t *input, size_t len) |
27 | 1 | { |
28 | 1 | struct ldb_dn *dn = NULL; |
29 | 1 | struct ldb_context *ldb = ldb_init(NULL, NULL); |
30 | 1 | if (ldb == NULL) { |
31 | 1 | return 0; |
32 | 1 | } |
33 | | /* |
34 | | * We copy the buffer in order to NUL-terminate, because running off |
35 | | * the end of the string would be an uninteresting crash. |
36 | | */ |
37 | 0 | if (len > MAX_LENGTH) { |
38 | 0 | len = MAX_LENGTH; |
39 | 0 | } |
40 | 0 | memcpy(buf, input, len); |
41 | 0 | buf[len] = 0; |
42 | |
|
43 | 0 | dn = ldb_dn_new(ldb, ldb, buf); |
44 | 0 | ldb_dn_validate(dn); |
45 | 0 | TALLOC_FREE(ldb); |
46 | 0 | return 0; |
47 | 1 | } |
48 | | |
49 | | |
50 | | int LLVMFuzzerInitialize(int *argc, char ***argv) |
51 | 372 | { |
52 | 372 | return 0; |
53 | 372 | } |