/src/wget/fuzz/wget_netrc_fuzzer.c

Source (jump to first uncovered line)
/*
 * Copyright (c) 2017-2024 Free Software Foundation, Inc.
 *
 * This file is part of GNU Wget.
 *
 * GNU Wget is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * GNU Wget is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with Wget.  If not, see <https://www.gnu.org/licenses/>.
 */

#include <config.h>

#include <sys/types.h>
#include <stdint.h> // uint8_t
#include <stdio.h>  // fmemopen
#include <string.h>  // strncmp
#include <stdlib.h>  // free
#include <setjmp.h> // longjmp, setjmp
#include <fcntl.h>  // open flags
#include <unistd.h>  // close

#include "wget.h"
#undef fopen_wgetrc

#ifdef __cplusplus
  extern "C" {
#endif
  #include "netrc.h"

  // declarations for wget internal functions
  int main_wget(int argc, const char **argv);
  void cleanup(void);
  FILE *fopen_wget(const char *pathname, const char *mode);
  FILE *fopen_wgetrc(const char *pathname, const char *mode);
  void exit_wget(int status);
#ifdef __cplusplus
  }
#endif

#include "fuzzer.h"

FILE *fopen_wget(const char *pathname, const char *mode)
{
  return fopen("/dev/null", mode);
}

FILE *fopen_wgetrc(const char *pathname, const char *mode)
{
  return NULL;
}

static int do_jump;
static jmp_buf jmpbuf;
#ifdef FUZZING
void exit_wget(int status)
{
  longjmp(jmpbuf, 1);
}
#elif defined HAVE_DLFCN_H
#include <dlfcn.h> // dlsym
#ifndef RTLD_NEXT
#define RTLD_NEXT RTLD_GLOBAL
#endif
void exit(int status)
{
  if (do_jump) {
    longjmp(jmpbuf, 1);
  } else {
    void (*libc_exit)(int) = (void(*)(int)) dlsym (RTLD_NEXT, "exit");
    libc_exit(status);
  }
}
#endif

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
#ifdef HAVE_FMEMOPEN
  FILE *fp;
  struct fileinfo *fi;
  const char *user = NULL, *pw = NULL;

  if (size > 4096) // same as max_len = ... in .options file
    return 0;

  fp = fmemopen((void *) data, size, "r");
  if (!fp) return 0;

  CLOSE_STDERR

  do_jump = 1;

  if (setjmp(jmpbuf))
    goto done;

  opt.netrc = 1;

  user = NULL; // get first entry
  search_netrc("x", &user, &pw, 1, fp);
  netrc_cleanup();

  user = "u"; // get entry for user 'u'
  search_netrc("x", &user, &pw, 1, fp);

done:
  netrc_cleanup();

  fclose(fp);

  do_jump = 0;

  RESTORE_STDERR

#endif
  return 0;
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright (c) 2017-2024 Free Software Foundation, Inc.
3		*
4		* This file is part of GNU Wget.
5		*
6		* GNU Wget is free software; you can redistribute it and/or modify
7		* it under the terms of the GNU General Public License as published by
8		* the Free Software Foundation; either version 3 of the License, or
9		* (at your option) any later version.
10		*
11		* GNU Wget is distributed in the hope that it will be useful,
12		* but WITHOUT ANY WARRANTY; without even the implied warranty of
13		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14		* GNU General Public License for more details.
15		*
16		* You should have received a copy of the GNU General Public License
17		* along with Wget. If not, see <https://www.gnu.org/licenses/>.
18		*/
19
20		#include <config.h>
21
22		#include <sys/types.h>
23		#include <stdint.h> // uint8_t
24		#include <stdio.h> // fmemopen
25		#include <string.h> // strncmp
26		#include <stdlib.h> // free
27		#include <setjmp.h> // longjmp, setjmp
28		#include <fcntl.h> // open flags
29		#include <unistd.h> // close
30
31		#include "wget.h"
32		#undef fopen_wgetrc
33
34		#ifdef __cplusplus
35		extern "C" {
36		#endif
37		#include "netrc.h"
38
39		// declarations for wget internal functions
40		int main_wget(int argc, const char **argv);
41		void cleanup(void);
42		FILE fopen_wget(const char pathname, const char *mode);
43		FILE fopen_wgetrc(const char pathname, const char *mode);
44		void exit_wget(int status);
45		#ifdef __cplusplus
46		}
47		#endif
48
49		#include "fuzzer.h"
50
51		FILE fopen_wget(const char pathname, const char *mode)
52	0	{
53	0	return fopen("/dev/null", mode);
54	0	}
55
56		FILE fopen_wgetrc(const char pathname, const char *mode)
57	0	{
58	0	return NULL;
59	0	}
60
61		static int do_jump;
62		static jmp_buf jmpbuf;
63		#ifdef FUZZING
64		void exit_wget(int status)
65	0	{
66	0	longjmp(jmpbuf, 1);
67	0	}
68		#elif defined HAVE_DLFCN_H
69		#include <dlfcn.h> // dlsym
70		#ifndef RTLD_NEXT
71		#define RTLD_NEXT RTLD_GLOBAL
72		#endif
73		void exit(int status)
74		{
75		if (do_jump) {
76		longjmp(jmpbuf, 1);
77		} else {
78		void (libc_exit)(int) = (void()(int)) dlsym (RTLD_NEXT, "exit");
79		libc_exit(status);
80		}
81		}
82		#endif
83
84		int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
85	3.25k	{
86	3.25k	#ifdef HAVE_FMEMOPEN
87	3.25k	FILE *fp;
88	3.25k	struct fileinfo *fi;
89	3.25k	const char user = NULL, pw = NULL;
90
91	3.25k	if (size > 4096) // same as max_len = ... in .options file
92	20	return 0;
93
94	3.23k	fp = fmemopen((void *) data, size, "r");
95	3.23k	if (!fp) return 0;
96
97	3.23k	CLOSE_STDERR
98
99	3.23k	do_jump = 1;
100
101	3.23k	if (setjmp(jmpbuf))
102	0	goto done;
103
104	3.23k	opt.netrc = 1;
105
106	3.23k	user = NULL; // get first entry
107	3.23k	search_netrc("x", &user, &pw, 1, fp);
108	3.23k	netrc_cleanup();
109
110	3.23k	user = "u"; // get entry for user 'u'
111	3.23k	search_netrc("x", &user, &pw, 1, fp);
112
113	3.23k	done:
114	3.23k	netrc_cleanup();
115
116	3.23k	fclose(fp);
117
118	3.23k	do_jump = 0;
119
120	3.23k	RESTORE_STDERR
121
122	3.23k	#endif
123	3.23k	return 0;
124	3.23k	}

Coverage Report

Created: 2025-07-23 07:16