diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-09-17 11:46:55 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-17 11:46:55 +0200 |
| commit | 9d07cf28114eaa6232e93248b2346710ae635bf3 (patch) | |
| tree | 4a888ffc9f5c3275d738f94b99c2aed182c15181 | |
| parent | a1602dd0a5f243da2aa550669c0c01c1c89cae52 (diff) | |
fuzz: try to be a little bit faster (#2559)
Some fuzzers don't really need a real and complete local context.
Try to avoid setting it up, creating a simpler fake version with only the
features really needed.
That is a kind of experiment: if it works, we can extend the same logic
to other fuzzers
| -rw-r--r-- | example/reader_util.c | 3 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_malicious_sha1.c | 29 |
2 files changed, 25 insertions, 7 deletions
diff --git a/example/reader_util.c b/example/reader_util.c index 71f5ed39d..d38850fc4 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -372,6 +372,9 @@ int parse_proto_name_list(char *str, NDPI_PROTOCOL_BITMASK *bitmask, int inverte return 1; NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(module, &all); + /* Try to be fast: we need only the protocol name -> protocol id mapping! */ + ndpi_set_config(module, "any", "ip_list.load", "0"); + ndpi_set_config(module, NULL, "flow_risk_lists.load", "0"); ndpi_finalize_initialization(module); for(n = strtok(str,_proto_delim); n && *n; n = strtok(NULL,_proto_delim)) { diff --git a/fuzz/fuzz_filecfg_malicious_sha1.c b/fuzz/fuzz_filecfg_malicious_sha1.c index 6685b5d6e..5940dd7af 100644 --- a/fuzz/fuzz_filecfg_malicious_sha1.c +++ b/fuzz/fuzz_filecfg_malicious_sha1.c @@ -2,26 +2,41 @@ #include "ndpi_private.h" #include "fuzz_common_code.h" +#ifdef NDPI_ENABLE_DEBUG_MESSAGES +void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct *ndpi_str, ndpi_log_level_t log_level, + const char *file_name, const char *func_name, unsigned int line_number, const char *format, ...); +#endif + int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct ndpi_detection_module_struct *ndpi_struct; FILE *fd; - NDPI_PROTOCOL_BITMASK all; /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); - ndpi_struct = ndpi_init_detection_module(NULL); - NDPI_BITMASK_SET_ALL(all); - ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); + /* We don't need a complete (and costly to set up) context! + Setting up manually only what is really needed is complex (and error prone!) + but allow us to be significant faster and to have better coverage */ + + /* TODO: if it works, we can extend the same logic to other fuzzers */ - ndpi_set_config(ndpi_struct, NULL, "log.level", "3"); - ndpi_set_config(ndpi_struct, "all", "log", "1"); + ndpi_struct = ndpi_calloc(1, sizeof(struct ndpi_detection_module_struct)); + +#ifdef NDPI_ENABLE_DEBUG_MESSAGES + set_ndpi_debug_function(ndpi_struct, (ndpi_debug_function_ptr)ndpi_debug_printf); +#endif + if(ndpi_struct) + ndpi_struct->cfg.log_level = NDPI_LOG_DEBUG_EXTRA; fd = buffer_to_file(data, size); load_malicious_sha1_file_fd(ndpi_struct, fd); if(fd) fclose(fd); - ndpi_exit_detection_module(ndpi_struct); + /* We also need to manually free anything! */ + if(ndpi_struct && ndpi_struct->malicious_sha1_hashmap) + ndpi_hash_free(&ndpi_struct->malicious_sha1_hashmap); + ndpi_free(ndpi_struct); + return 0; } |