diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-12-01 14:39:44 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-01 14:39:44 +0100 |
| commit | b2a1bf413b67da674d8199efde6b97b8e7fd5c42 (patch) | |
| tree | 71a0ca2bc80af4b6ebd0e6dfac4ed37e54aa4b1d | |
| parent | 02e7e3c23b29002267a89ae74e51c2285bb27da1 (diff) | |
Remove some useless fuzzing target (#1813)
We don't need specific targets to reproduce fuzzing issues.
After all, calling `./fuzz/fuzz_process_packet_with_main $ARTIFACT_FILE`
is equivalento to `./fuzz/fuzz_process_packet $ARTIFACT_FILE`
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | README.fuzzer.md | 6 | ||||
| -rw-r--r-- | fuzz/Makefile.am | 30 | ||||
| -rw-r--r-- | fuzz/fuzz_ndpi_reader.c | 61 | ||||
| -rw-r--r-- | fuzz/fuzz_process_packet.c | 61 | ||||
| -rw-r--r-- | fuzz/fuzz_quic_get_crypto_data.c | 61 |
6 files changed, 4 insertions, 218 deletions
diff --git a/.gitignore b/.gitignore index 4565885d2..d58335884 100644 --- a/.gitignore +++ b/.gitignore @@ -51,11 +51,8 @@ /fuzz/.deps/ /fuzz/Makefile /fuzz/fuzz_ndpi_reader -/fuzz/fuzz_ndpi_reader_with_main /fuzz/fuzz_process_packet -/fuzz/fuzz_process_packet_with_main /fuzz/fuzz_quic_get_crypto_data -/fuzz/fuzz_quic_get_crypto_data_with_main /influxdb/Makefile /install-sh /libndpi.pc diff --git a/README.fuzzer.md b/README.fuzzer.md index ae10357ac..d589ee25f 100644 --- a/README.fuzzer.md +++ b/README.fuzzer.md @@ -13,11 +13,11 @@ ## Testing nDPI with ClusterFuzz Artifacts - Download the artifact (example clusterfuzz-testcase-fuzz_process_packet-4992218834796544) - Run nDPI against the artifact - - Example: ./fuzz/fuzz_process_packet_with_main clusterfuzz-testcase-fuzz_process_packet-4992218834796544 + - Example: ./fuzz/fuzz_process_packet clusterfuzz-testcase-fuzz_process_packet-4992218834796544 The output is the error report ``` - ./fuzz/fuzz_process_packet_with_main /tmp/clusterfuzz-testcase-fuzz_process_packet-4992218834796544 + ./fuzz/fuzz_process_packet /tmp/clusterfuzz-testcase-fuzz_process_packet-4992218834796544 AddressSanitizer:DEADLYSIGNAL ================================================================= ==11590==ERROR: AddressSanitizer: SEGV on unknown address 0x61a100000087 (pc 0x00000056e6a4 bp 0x7ffd624fa170 sp 0x7ffd624fa090 T0) @@ -33,7 +33,7 @@ The output is the error report #8 0x4c709b in LLVMFuzzerTestOneInput /home/deri/nDPI/fuzz/fuzz_process_packet.c:30:3 #9 0x4c7640 in main /home/deri/nDPI/fuzz/fuzz_process_packet.c:90:17 #10 0x7f888e5dabf6 in __libc_start_main /build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:310 - #11 0x41c399 in _start (/home/deri/nDPI/fuzz/fuzz_process_packet_with_main+0x41c399) + #11 0x41c399 in _start (/home/deri/nDPI/fuzz/fuzz_process_packet+0x41c399) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/deri/nDPI/src/lib/protocols/quic.c:203:12 in quic_len diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index 2e80ec205..6b9a090a6 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -1,4 +1,4 @@ -bin_PROGRAMS = fuzz_process_packet fuzz_process_packet_with_main fuzz_ndpi_reader fuzz_ndpi_reader_with_main fuzz_quic_get_crypto_data fuzz_quic_get_crypto_data_with_main +bin_PROGRAMS = fuzz_process_packet fuzz_ndpi_reader fuzz_quic_get_crypto_data fuzz_process_packet_SOURCES = fuzz_process_packet.c fuzz_process_packet_CFLAGS = @@ -13,15 +13,6 @@ fuzz_process_packet_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_process_packet_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ -fuzz_process_packet_with_main_SOURCES = fuzz_process_packet.c -fuzz_process_packet_with_main_CFLAGS = -DBUILD_MAIN -fuzz_process_packet_with_main_LDADD = ../src/lib/libndpi.a -fuzz_process_packet_with_main_LDFLAGS = $(ADDITIONAL_LIBS) $(LIBS) -# force usage of CXX for linker -fuzz_process_packet_with_main_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ - $(fuzz_process_packet_with_main_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ - fuzz_ndpi_reader_SOURCES = fuzz_ndpi_reader.c fuzz_ndpi_reader_CFLAGS = -I../example/ fuzz_ndpi_reader_LDADD = ../example/libndpiReader.a ../src/lib/libndpi.a @@ -35,15 +26,6 @@ fuzz_ndpi_reader_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_ndpi_reader_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ -fuzz_ndpi_reader_with_main_SOURCES = fuzz_ndpi_reader.c -fuzz_ndpi_reader_with_main_CFLAGS = -I../example/ -DBUILD_MAIN -fuzz_ndpi_reader_with_main_LDADD = ../src/lib/libndpi.a -fuzz_ndpi_reader_with_main_LDFLAGS = ../example/libndpiReader.a $(PCAP_LIB) $(ADDITIONAL_LIBS) $(LIBS) -# force usage of CXX for linker -fuzz_ndpi_reader_with_main_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ - $(fuzz_ndpi_reader_with_main_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ - fuzz_quic_get_crypto_data_SOURCES = fuzz_quic_get_crypto_data.c fuzz_quic_get_crypto_data_CFLAGS = -I../example/ fuzz_quic_get_crypto_data_LDADD = ../example/libndpiReader.a ../src/lib/libndpi.a @@ -57,16 +39,6 @@ fuzz_quic_get_crypto_data_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_quic_get_crypto_data_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ -fuzz_quic_get_crypto_data_with_main_SOURCES = fuzz_quic_get_crypto_data.c -fuzz_quic_get_crypto_data_with_main_CFLAGS = -I../example/ -DBUILD_MAIN -fuzz_quic_get_crypto_data_with_main_LDADD = ../src/lib/libndpi.a -fuzz_quic_get_crypto_data_with_main_LDFLAGS = ../example/libndpiReader.a $(PCAP_LIB) $(ADDITIONAL_LIBS) $(LIBS) -# force usage of CXX for linker -fuzz_quic_get_crypto_data_with_main_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ - $(fuzz_quic_get_crypto_data_with_main_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ - - # required for Google oss-fuzz # see https://github.com/google/oss-fuzz/tree/master/projects/ndpi testpcaps := $(wildcard ../tests/pcap/*.pcap*) diff --git a/fuzz/fuzz_ndpi_reader.c b/fuzz/fuzz_ndpi_reader.c index 1cdb212c1..9f75a69f7 100644 --- a/fuzz/fuzz_ndpi_reader.c +++ b/fuzz/fuzz_ndpi_reader.c @@ -127,64 +127,3 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } - -#ifdef BUILD_MAIN -int main(int argc, char ** argv) -{ - FILE * pcap_file; - long pcap_file_size; - uint8_t * pcap_buffer; - int test_retval; - - if (argc != 2) { - fprintf(stderr, "usage: %s: [pcap-file]\n", - (argc > 0 ? argv[0] : "fuzz_ndpi_reader_with_main")); - return 1; - } - - pcap_file = fopen(argv[1], "r"); - if (pcap_file == NULL) { - perror("fopen failed"); - return 1; - } - - if (fseek(pcap_file, 0, SEEK_END) != 0) { - perror("fseek(SEEK_END) failed"); - fclose(pcap_file); - return 1; - } - - pcap_file_size = ftell(pcap_file); - if (pcap_file_size < 0) { - perror("ftell failed"); - fclose(pcap_file); - return 1; - } - - if (fseek(pcap_file, 0, SEEK_SET) != 0) { - perror("fseek(0, SEEK_SET) failed"); - fclose(pcap_file); - return 1; - } - - pcap_buffer = malloc(pcap_file_size); - if (pcap_buffer == NULL) { - perror("malloc failed"); - fclose(pcap_file); - return 1; - } - - if (fread(pcap_buffer, sizeof(*pcap_buffer), pcap_file_size, pcap_file) != (size_t)pcap_file_size) { - perror("fread failed"); - fclose(pcap_file); - free(pcap_buffer); - return 1; - } - - test_retval = LLVMFuzzerTestOneInput(pcap_buffer, pcap_file_size); - fclose(pcap_file); - free(pcap_buffer); - - return test_retval; -} -#endif diff --git a/fuzz/fuzz_process_packet.c b/fuzz/fuzz_process_packet.c index eb5a0a281..f41a49701 100644 --- a/fuzz/fuzz_process_packet.c +++ b/fuzz/fuzz_process_packet.c @@ -44,64 +44,3 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } - -#ifdef BUILD_MAIN -int main(int argc, char ** argv) -{ - FILE * data_file; - long data_file_size; - uint8_t * data_buffer; - int test_retval; - - if (argc != 2) { - fprintf(stderr, "usage: %s: [data-file]\n", - (argc > 0 ? argv[0] : "fuzz_process_packet_with_main")); - return 1; - } - - data_file = fopen(argv[1], "r"); - if (data_file == NULL) { - perror("fopen failed"); - return 1; - } - - if (fseek(data_file, 0, SEEK_END) != 0) { - perror("fseek(SEEK_END) failed"); - fclose(data_file); - return 1; - } - - data_file_size = ftell(data_file); - if (data_file_size < 0) { - perror("ftell failed"); - fclose(data_file); - return 1; - } - - if (fseek(data_file, 0, SEEK_SET) != 0) { - perror("fseek(0, SEEK_SET) failed"); - fclose(data_file); - return 1; - } - - data_buffer = malloc(data_file_size); - if (data_buffer == NULL) { - perror("malloc failed"); - fclose(data_file); - return 1; - } - - if (fread(data_buffer, sizeof(*data_buffer), data_file_size, data_file) != (size_t)data_file_size) { - perror("fread failed"); - fclose(data_file); - free(data_buffer); - return 1; - } - - test_retval = LLVMFuzzerTestOneInput(data_buffer, data_file_size); - fclose(data_file); - free(data_buffer); - - return test_retval; -} -#endif diff --git a/fuzz/fuzz_quic_get_crypto_data.c b/fuzz/fuzz_quic_get_crypto_data.c index 3e16446cd..d74eb73f2 100644 --- a/fuzz/fuzz_quic_get_crypto_data.c +++ b/fuzz/fuzz_quic_get_crypto_data.c @@ -73,64 +73,3 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } - -#ifdef BUILD_MAIN -int main(int argc, char ** argv) -{ - FILE * data_file; - long data_file_size; - uint8_t * data_buffer; - int test_retval; - - if (argc != 2) { - fprintf(stderr, "usage: %s: [data-file]\n", - (argc > 0 ? argv[0] : "fuzz_quic_get_crypto_data")); - return 1; - } - - data_file = fopen(argv[1], "r"); - if (data_file == NULL) { - perror("fopen failed"); - return 1; - } - - if (fseek(data_file, 0, SEEK_END) != 0) { - perror("fseek(SEEK_END) failed"); - fclose(data_file); - return 1; - } - - data_file_size = ftell(data_file); - if (data_file_size < 0) { - perror("ftell failed"); - fclose(data_file); - return 1; - } - - if (fseek(data_file, 0, SEEK_SET) != 0) { - perror("fseek(0, SEEK_SET) failed"); - fclose(data_file); - return 1; - } - - data_buffer = malloc(data_file_size); - if (data_buffer == NULL) { - perror("malloc failed"); - fclose(data_file); - return 1; - } - - if (fread(data_buffer, sizeof(*data_buffer), data_file_size, data_file) != (size_t)data_file_size) { - perror("fread failed"); - fclose(data_file); - free(data_buffer); - return 1; - } - - test_retval = LLVMFuzzerTestOneInput(data_buffer, data_file_size); - fclose(data_file); - free(data_buffer); - - return test_retval; -} -#endif |