diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-05-08 11:46:02 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-08 11:46:02 +0200 |
| commit | 7c6910d9e5d5b08a164a22db5db9969e20cbc232 (patch) | |
| tree | 10d14965407a8f8bc0cf4d53d6a01357b596b88c | |
| parent | e9dc035c5ca8e8e9012c76d5e2bdb9c085d6664a (diff) | |
Fix/improve fuzzing (#2426)
| -rw-r--r-- | fuzz/Makefile.am | 1 | ||||
| -rw-r--r-- | fuzz/fuzz_ds_ptree.cpp | 6 | ||||
| -rw-r--r-- | fuzz/ipv6_addresses.txt | 5 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 8 | ||||
| -rw-r--r-- | tests/ossfuzz.sh | 2 |
5 files changed, 20 insertions, 2 deletions
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index f59e8f76d..6b2883fd6 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -774,6 +774,7 @@ distdir: -o -name '*.cpp' \ -o -name '*.options' \ -o -name 'ipv4_addresses.txt' \ + -o -name 'ipv6_addresses.txt' \ -o -name 'bd_param.txt' \ -o -name 'splt_param.txt' \ -o -name 'random_list.list' \ diff --git a/fuzz/fuzz_ds_ptree.cpp b/fuzz/fuzz_ds_ptree.cpp index d8a055c3b..6659fccc8 100644 --- a/fuzz/fuzz_ds_ptree.cpp +++ b/fuzz/fuzz_ds_ptree.cpp @@ -49,6 +49,12 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } } + /* Some higher level functions */ + ndpi_load_ipv4_ptree_file(t, "ipv4_addresses.txt", NDPI_PROTOCOL_TLS); + ndpi_load_ipv4_ptree_file(t, "invalid_filename", NDPI_PROTOCOL_TLS); + ndpi_load_ipv6_ptree_file(t, "ipv6_addresses.txt", NDPI_PROTOCOL_TLS); + ndpi_load_ipv6_ptree_file(t, "invalid_filename", NDPI_PROTOCOL_TLS); + /* Random search */ num_iteration = fuzzed_data.ConsumeIntegral<u_int8_t>(); for (i = 0; i < num_iteration; i++) { diff --git a/fuzz/ipv6_addresses.txt b/fuzz/ipv6_addresses.txt new file mode 100644 index 000000000..a6db510d7 --- /dev/null +++ b/fuzz/ipv6_addresses.txt @@ -0,0 +1,5 @@ +#Random list of ipv6 addresses + +2001:db8:3333:4444:5555:6666:7777:8888 +2001:a:b:c::/64 +ff06::c3 diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index ca7c5bfc9..2fc1dc455 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -2735,7 +2735,7 @@ static ndpi_patricia_node_t* add_to_ptree(ndpi_patricia_tree_t *tree, int family /* ******************************************* */ /* - Load a file containing IPv4 addresses in CIDR format as 'protocol_id' + Load a file containing IPv4 OR IPv6 addresses in CIDR format as 'protocol_id' Return: the number of entries loaded or -1 in case of error */ @@ -2808,6 +2808,8 @@ int ndpi_load_ptree_file(ndpi_patricia_tree_t *ptree, int ndpi_load_ipv4_ptree_file(ndpi_ptree_t *ptree, const char *path, u_int16_t protocol_id) { + if(!ptree) + return -1; return(ndpi_load_ptree_file(ptree->v4, path, true /* IPv4 */, protocol_id)); } @@ -2815,6 +2817,8 @@ int ndpi_load_ipv4_ptree_file(ndpi_ptree_t *ptree, const char *path, int ndpi_load_ipv6_ptree_file(ndpi_ptree_t *ptree, const char *path, u_int16_t protocol_id) { + if(!ptree) + return -1; return(ndpi_load_ptree_file(ptree->v6, path, false /* IPv6 */, protocol_id)); } @@ -2827,6 +2831,8 @@ int ndpi_load_ipv6_ptree_file(ndpi_ptree_t *ptree, const char *path, */ int ndpi_load_ipv4_ptree(struct ndpi_detection_module_struct *ndpi_str, const char *path, u_int16_t protocol_id) { + if(!ndpi_str) + return -1; return(ndpi_load_ptree_file(ndpi_str->protocols_ptree, path, true /* is_ipv4 */, protocol_id)); diff --git a/tests/ossfuzz.sh b/tests/ossfuzz.sh index 37e933c0f..45187e98b 100644 --- a/tests/ossfuzz.sh +++ b/tests/ossfuzz.sh @@ -61,7 +61,7 @@ cp example/ja3_fingerprints.csv $OUT/ cp example/sha1_fingerprints.csv $OUT/ cp example/config.txt $OUT/ cp lists/public_suffix_list.dat $OUT/ -cp fuzz/ipv4_addresses.txt $OUT/ +cp fuzz/ipv*_addresses.txt $OUT/ cp fuzz/bd_param.txt $OUT/ cp fuzz/splt_param.txt $OUT/ cp fuzz/random_list.list $OUT/ |