/src/systemd/src/fuzz/fuzz-dhcp-server.c

Source
/* SPDX-License-Identifier: LGPL-2.1+ */

#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>

#include "fuzz.h"

#include "sd-dhcp-server.c"

/* stub out network so that the server doesn't send */
ssize_t sendto(int sockfd, const void *buf, size_t len, int flags, const struct sockaddr *dest_addr, socklen_t addrlen) {
        return len;
}

ssize_t sendmsg(int sockfd, const struct msghdr *msg, int flags) {
        return 0;
}

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        _cleanup_(sd_dhcp_server_unrefp) sd_dhcp_server *server = NULL;
        struct in_addr address = {.s_addr = htobe32(UINT32_C(10) << 24 | UINT32_C(1))};
        static const uint8_t chaddr[] = {3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3};
        uint8_t *client_id;
        DHCPLease *lease;
        int pool_offset;

        if (size < sizeof(DHCPMessage))
                return 0;

        assert_se(sd_dhcp_server_new(&server, 1) >= 0);
        server->fd = open("/dev/null", O_RDWR|O_CLOEXEC|O_NOCTTY);
        assert_se(server->fd >= 0);
        assert_se(sd_dhcp_server_configure_pool(server, &address, 24, 0, 0) >= 0);

        /* add a lease to the pool to expose additional code paths */
        client_id = malloc(2);
        assert_se(client_id);
        client_id[0] = 2;
        client_id[1] = 2;
        lease = new0(DHCPLease, 1);
        assert_se(lease);
        lease->client_id.length = 2;
        lease->client_id.data = client_id;
        lease->address = htobe32(UINT32_C(10) << 24 | UINT32_C(2));
        lease->gateway = htobe32(UINT32_C(10) << 24 | UINT32_C(1));
        lease->expiration = UINT64_MAX;
        memcpy(lease->chaddr, chaddr, 16);
        pool_offset = get_pool_offset(server, lease->address);
        server->bound_leases[pool_offset] = lease;
        assert_se(hashmap_put(server->leases_by_client_id, &lease->client_id, lease) >= 0);

        (void) dhcp_server_handle_message(server, (DHCPMessage*)data, size);

        return 0;
}

Line	Count	Source
1		/* SPDX-License-Identifier: LGPL-2.1+ */
2
3		#include <fcntl.h>
4		#include <sys/stat.h>
5		#include <sys/types.h>
6
7		#include "fuzz.h"
8
9		#include "sd-dhcp-server.c"
10
11		/* stub out network so that the server doesn't send */
12	92	ssize_t sendto(int sockfd, const void buf, size_t len, int flags, const struct sockaddr dest_addr, socklen_t addrlen) {
13	92	return len;
14	92	}
15
16	157	ssize_t sendmsg(int sockfd, const struct msghdr *msg, int flags) {
17	157	return 0;
18	157	}
19
20	887	int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
21	887	_cleanup_(sd_dhcp_server_unrefp) sd_dhcp_server *server = NULL;
22	887	struct in_addr address = {.s_addr = htobe32(UINT32_C(10) << 24 \| UINT32_C(1))};
23	887	static const uint8_t chaddr[] = {3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3};
24	887	uint8_t *client_id;
25	887	DHCPLease *lease;
26	887	int pool_offset;
27	887
28	887	if (size < sizeof(DHCPMessage))
29	15	return 0;
30	872
31	872	assert_se(sd_dhcp_server_new(&server, 1) >= 0);
32	872	server->fd = open("/dev/null", O_RDWR\|O_CLOEXEC\|O_NOCTTY);
33	872	assert_se(server->fd >= 0);
34	872	assert_se(sd_dhcp_server_configure_pool(server, &address, 24, 0, 0) >= 0);
35	872
36	872	/* add a lease to the pool to expose additional code paths */
37	872	client_id = malloc(2);
38	872	assert_se(client_id);
39	872	client_id[0] = 2;
40	872	client_id[1] = 2;
41	872	lease = new0(DHCPLease, 1);
42	872	assert_se(lease);
43	872	lease->client_id.length = 2;
44	872	lease->client_id.data = client_id;
45	872	lease->address = htobe32(UINT32_C(10) << 24 \| UINT32_C(2));
46	872	lease->gateway = htobe32(UINT32_C(10) << 24 \| UINT32_C(1));
47	872	lease->expiration = UINT64_MAX;
48	872	memcpy(lease->chaddr, chaddr, 16);
49	872	pool_offset = get_pool_offset(server, lease->address);
50	872	server->bound_leases[pool_offset] = lease;
51	872	assert_se(hashmap_put(server->leases_by_client_id, &lease->client_id, lease) >= 0);
52	872
53	872	(void) dhcp_server_handle_message(server, (DHCPMessage*)data, size);
54	872
55	872	return 0;
56	872	}

Coverage Report

Created: 2019-06-19 13:33