/src/wget2/fuzz/libwget_utils_fuzzer.c

Source
/*
 * Copyright (c) 2017-2024 Free Software Foundation, Inc.
 *
 * This file is part of libwget.
 *
 * Libwget is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Libwget is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with libwget.  If not, see <https://www.gnu.org/licenses/>.
 */

#include <config.h>

#include <assert.h> // assert
#include <stdlib.h> // malloc, free
#include <string.h> // memcpy
// #include <unistd.h> // chroot

#include "wget.h"
#include "fuzzer.h"

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
  char dst1[1];
  char dst2[2];
  char dst3[3];
  char dst4[4];
  char dst5[8];
  char *dst = (char *) malloc(size * 2 + 1);
  char *data0 = (char *) malloc(size + 1);
  int x = 0; // avoid pure functions to be optimized away

  assert(dst != NULL);
  assert(data0 != NULL);

  // 0-terminate data
  memcpy(data0, data, size);
  data0[size] = 0;

  // some test for code coverage
  x += wget_strcmp(NULL, "");
  x += wget_strcmp("", NULL);
  x += wget_strcmp(NULL, NULL);
  x += wget_strcmp(data0, data0);

  x +=  wget_strncmp(NULL, "", 0);
  x += wget_strncmp("", NULL, 0);
  x += wget_strncmp(NULL, NULL, 0);
  x += wget_strncmp((char *) data, (char *) data, size);

  x += wget_strcasecmp(NULL, "");
  x += wget_strcasecmp("", NULL);
  x += wget_strcasecmp(NULL, NULL);
  x += wget_strcasecmp(data0, data0);

  x += wget_strncasecmp(NULL, "", 0);
  x += wget_strncasecmp("", NULL, 0);
  x += wget_strncasecmp(NULL, NULL, 0);
  x += wget_strncasecmp((char *) data, (char *) data, size);

  x += wget_strcasecmp_ascii(NULL, "");
  x += wget_strcasecmp_ascii("", NULL);
  x += wget_strcasecmp_ascii(NULL, NULL);
  x += wget_strcasecmp_ascii(data0, data0);

  x += wget_strncasecmp_ascii(NULL, "", 0);
  x += wget_strncasecmp_ascii("", NULL, 0);
  x += wget_strncasecmp_ascii(NULL, NULL, 0);
  x += wget_strncasecmp_ascii((char *) data, (char *) data, size);

  wget_strtolower(NULL);
  wget_strtolower(data0);
  memcpy(data0, (char *) data, size); // restore

  wget_millisleep(-1);
  wget_get_timemillis();

  wget_percent_unescape(data0);
  memcpy(data0, data, size); // restore

  x += wget_match_tail(data0, data0);
  x += wget_match_tail("", data0);
  x += wget_match_tail(data0, "");

  x += wget_match_tail_nocase(data0, data0);
  x += wget_match_tail_nocase("", data0);
  x += wget_match_tail_nocase(data0, "");

//  if (chroot(".") == 0) {
    char *p;
    if ((p = wget_strnglob("*", 1,  0)))
      wget_free(p);
//  } else
//    printf("Failed to chroot\n");

  if (size < 31) {
    char buf[16];
    x += !!wget_human_readable(dst1, sizeof(dst1), (1 << size) - 1);
    x += !!wget_human_readable(buf, sizeof(buf), (1 << size) - 1);
  }

  (void) x; // needed to get rid of bug reported by scan-build

  int w, h;
  wget_get_screen_size(&w, &h);

  wget_memtohex(NULL, 0, NULL, 0);
  wget_memtohex(data, size, dst1, sizeof(dst1));
  wget_memtohex(data, size, dst2, sizeof(dst2));
  wget_memtohex(data, size, dst3, sizeof(dst3));
  wget_memtohex(data, size, dst4, sizeof(dst4));
  wget_memtohex(data, size, dst5, sizeof(dst5));
  wget_memtohex(data, size, dst, size * 2 + 1);

  free(data0);
  free(dst);

  return 0;
}

Line	Count	Source
1		/*
2		* Copyright (c) 2017-2024 Free Software Foundation, Inc.
3		*
4		* This file is part of libwget.
5		*
6		* Libwget is free software: you can redistribute it and/or modify
7		* it under the terms of the GNU Lesser General Public License as published by
8		* the Free Software Foundation, either version 3 of the License, or
9		* (at your option) any later version.
10		*
11		* Libwget is distributed in the hope that it will be useful,
12		* but WITHOUT ANY WARRANTY; without even the implied warranty of
13		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14		* GNU Lesser General Public License for more details.
15		*
16		* You should have received a copy of the GNU Lesser General Public License
17		* along with libwget. If not, see <https://www.gnu.org/licenses/>.
18		*/
19
20		#include <config.h>
21
22		#include <assert.h> // assert
23		#include <stdlib.h> // malloc, free
24		#include <string.h> // memcpy
25		// #include <unistd.h> // chroot
26
27		#include "wget.h"
28		#include "fuzzer.h"
29
30		int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
31	239	{
32	239	char dst1[1];
33	239	char dst2[2];
34	239	char dst3[3];
35	239	char dst4[4];
36	239	char dst5[8];
37	239	char dst = (char ) malloc(size * 2 + 1);
38	239	char data0 = (char ) malloc(size + 1);
39	239	int x = 0; // avoid pure functions to be optimized away
40
41	239	assert(dst != NULL);
42	239	assert(data0 != NULL);
43
44		// 0-terminate data
45	239	memcpy(data0, data, size);
46	239	data0[size] = 0;
47
48		// some test for code coverage
49	239	x += wget_strcmp(NULL, "");
50	239	x += wget_strcmp("", NULL);
51	239	x += wget_strcmp(NULL, NULL);
52	239	x += wget_strcmp(data0, data0);
53
54	239	x += wget_strncmp(NULL, "", 0);
55	239	x += wget_strncmp("", NULL, 0);
56	239	x += wget_strncmp(NULL, NULL, 0);
57	239	x += wget_strncmp((char ) data, (char ) data, size);
58
59	239	x += wget_strcasecmp(NULL, "");
60	239	x += wget_strcasecmp("", NULL);
61	239	x += wget_strcasecmp(NULL, NULL);
62	239	x += wget_strcasecmp(data0, data0);
63
64	239	x += wget_strncasecmp(NULL, "", 0);
65	239	x += wget_strncasecmp("", NULL, 0);
66	239	x += wget_strncasecmp(NULL, NULL, 0);
67	239	x += wget_strncasecmp((char ) data, (char ) data, size);
68
69	239	x += wget_strcasecmp_ascii(NULL, "");
70	239	x += wget_strcasecmp_ascii("", NULL);
71	239	x += wget_strcasecmp_ascii(NULL, NULL);
72	239	x += wget_strcasecmp_ascii(data0, data0);
73
74	239	x += wget_strncasecmp_ascii(NULL, "", 0);
75	239	x += wget_strncasecmp_ascii("", NULL, 0);
76	239	x += wget_strncasecmp_ascii(NULL, NULL, 0);
77	239	x += wget_strncasecmp_ascii((char ) data, (char ) data, size);
78
79	239	wget_strtolower(NULL);
80	239	wget_strtolower(data0);
81	239	memcpy(data0, (char *) data, size); // restore
82
83	239	wget_millisleep(-1);
84	239	wget_get_timemillis();
85
86	239	wget_percent_unescape(data0);
87	239	memcpy(data0, data, size); // restore
88
89	239	x += wget_match_tail(data0, data0);
90	239	x += wget_match_tail("", data0);
91	239	x += wget_match_tail(data0, "");
92
93	239	x += wget_match_tail_nocase(data0, data0);
94	239	x += wget_match_tail_nocase("", data0);
95	239	x += wget_match_tail_nocase(data0, "");
96
97		// if (chroot(".") == 0) {
98	239	char *p;
99	239	if ((p = wget_strnglob("*", 1, 0)))
100	239	wget_free(p);
101		// } else
102		// printf("Failed to chroot\n");
103
104	239	if (size < 31) {
105	145	char buf[16];
106	145	x += !!wget_human_readable(dst1, sizeof(dst1), (1 << size) - 1);
107	145	x += !!wget_human_readable(buf, sizeof(buf), (1 << size) - 1);
108	145	}
109
110	239	(void) x; // needed to get rid of bug reported by scan-build
111
112	239	int w, h;
113	239	wget_get_screen_size(&w, &h);
114
115	239	wget_memtohex(NULL, 0, NULL, 0);
116	239	wget_memtohex(data, size, dst1, sizeof(dst1));
117	239	wget_memtohex(data, size, dst2, sizeof(dst2));
118	239	wget_memtohex(data, size, dst3, sizeof(dst3));
119	239	wget_memtohex(data, size, dst4, sizeof(dst4));
120	239	wget_memtohex(data, size, dst5, sizeof(dst5));
121	239	wget_memtohex(data, size, dst, size * 2 + 1);
122
123	239	free(data0);
124	239	free(dst);
125
126	239	return 0;
127	239	}

Coverage Report

Created: 2025-01-28 06:58