fuzz: add a new fuzzer testing memory allocation failures (#1818)

Try to fuzz error paths triggered by allocation errors. Fix some errors already found by this new fuzzer. Basic idea taken from: https://github.com/harfbuzz/harfbuzz/pull/2566/files `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION` is a standard define used to (not)compile specific code in fuzzing builds. See: https://llvm.org/docs/LibFuzzer.html
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2022-12-06 17:41:58 +0100
committer: GitHub <noreply@github.com> 2022-12-06 17:41:58 +0100
commit: ada4fe4aa8f88300cfc0dbe6ee965975274b1c40 (patch)
tree: 08010d2055d0159330ded8e5c15113deb0c41c3b /fuzz/Makefile.am
parent: 946c3dba0f6c393c2e41b98103cec3e7308fbf2c (diff)
1 files changed, 20 insertions, 2 deletions
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
index d739fb00a..7f4f2de99 100644
--- a/fuzz/Makefile.am
+++ b/fuzz/Makefile.am
@@ -1,4 +1,4 @@
-bin_PROGRAMS = fuzz_process_packet fuzz_ndpi_reader fuzz_quic_get_crypto_data
+bin_PROGRAMS = fuzz_process_packet fuzz_ndpi_reader fuzz_ndpi_reader_alloc_fail fuzz_quic_get_crypto_data
 
 fuzz_process_packet_SOURCES = fuzz_process_packet.c
 fuzz_process_packet_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS)
@@ -26,6 +26,19 @@ fuzz_ndpi_reader_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
     $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \
     $(fuzz_ndpi_reader_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@
 
+fuzz_ndpi_reader_alloc_fail_SOURCES = fuzz_ndpi_reader.c ../example/reader_util.c
+fuzz_ndpi_reader_alloc_fail_CFLAGS = -I../example/ @NDPI_CFLAGS@ $(CXXFLAGS) -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DENABLE_MEM_ALLOC_FAILURES
+fuzz_ndpi_reader_alloc_fail_LDADD = ../src/lib/libndpi.a
+fuzz_ndpi_reader_alloc_fail_LDFLAGS = $(PCAP_LIB) $(ADDITIONAL_LIBS) $(LIBS)
+if HAS_FUZZLDFLAGS
+fuzz_ndpi_reader_alloc_fail_CFLAGS += $(LIB_FUZZING_ENGINE)
+fuzz_ndpi_reader_alloc_fail_LDFLAGS += $(LIB_FUZZING_ENGINE)
+endif
+# force usage of CXX for linker
+fuzz_ndpi_reader_alloc_fail_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+    $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \
+    $(fuzz_ndpi_reader_alloc_fail_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@
+
 fuzz_quic_get_crypto_data_SOURCES = fuzz_quic_get_crypto_data.c
 fuzz_quic_get_crypto_data_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS)
 fuzz_quic_get_crypto_data_LDADD = ../src/lib/libndpi.a
@@ -46,15 +59,20 @@ testpcaps := $(wildcard ../tests/pcap/*.pcap*)
 fuzz_ndpi_reader_seed_corpus.zip: $(testpcaps)
 	zip -r fuzz_ndpi_reader_seed_corpus.zip $(testpcaps)
 
+fuzz_ndpi_reader_alloc_fail_seed_corpus.zip: $(testpcaps)
+	zip -r fuzz_ndpi_reader_alloc_fail_seed_corpus.zip $(testpcaps)
+
 files_corpus_fuzz_quic_get_crypto_data :=  $(wildcard corpus/fuzz_quic_get_crypto_data/*)
 
 fuzz_quic_get_crypto_data_seed_corpus.zip: $(files_corpus_fuzz_quic_get_crypto_data)
 	zip -r fuzz_quic_get_crypto_data_seed_corpus.zip $(files_corpus_fuzz_quic_get_crypto_data)
 
-corpus: fuzz_quic_get_crypto_data_seed_corpus.zip
+corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip
 
 distdir:
 	find . -type d | xargs -I'{}' mkdir -p '$(distdir)/{}'
 	find . -type f -name '*.c' \
 		-o -name '*.am' \
 		-o -name '*.bin' | xargs -I'{}' cp '{}' '$(distdir)/{}'
+
+all: corpus
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2022-12-06 17:41:58 +0100
committer	GitHub <noreply@github.com>	2022-12-06 17:41:58 +0100
commit	ada4fe4aa8f88300cfc0dbe6ee965975274b1c40 (patch)
tree	08010d2055d0159330ded8e5c15113deb0c41c3b /fuzz/Makefile.am
parent	946c3dba0f6c393c2e41b98103cec3e7308fbf2c (diff)