diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-12-23 19:07:13 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-23 19:07:13 +0100 |
| commit | 560280e6f082d22e6a9de8e537b7876bacf8d072 (patch) | |
| tree | a8ed2ea6c43614606cc977fc27050dd41e0c3133 /fuzz/fuzz_common_code.c | |
| parent | 3de76812d978060c433864c2f72de113746d70e8 (diff) | |
fuzz: add fuzzer testing nDPI (initial) configurations (#1830)
The goal of this fuzzer is to test init and deinit of the library, with
different configurations. In details:
* random memory allocation failures, even during init phase
* random `ndpi_init_prefs` parameter of `ndpi_init_detection_module()`
* random LRU caches sizes
* random bitmask of enabled protocols
* random parameters of `ndpi_set_detection_preferences()`
* random initialization of opportunistic TLS
* random load/don't load of configuration files
This new fuzzer is a C++ file, because it uses `FuzzedDataProvider`
class (see
https://github.com/google/fuzzing/blob/master/docs/split-inputs.md).
Note that the (existing) fuzzers need to be linked with C++ compiler
anyway, so this new fuzzer doesn't add any new requirements.
Diffstat (limited to 'fuzz/fuzz_common_code.c')
| -rw-r--r-- | fuzz/fuzz_common_code.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/fuzz/fuzz_common_code.c b/fuzz/fuzz_common_code.c index 5ad2a5899..bd5ef20a4 100644 --- a/fuzz/fuzz_common_code.c +++ b/fuzz/fuzz_common_code.c @@ -1,6 +1,32 @@ #include "fuzz_common_code.h" + +#ifdef ENABLE_MEM_ALLOC_FAILURES + +static int mem_alloc_state = 0; + +__attribute__((no_sanitize("integer"))) +static int fastrand () +{ + if(!mem_alloc_state) return 1; /* No failures */ + mem_alloc_state = (214013 * mem_alloc_state + 2531011); + return (mem_alloc_state >> 16) & 0x7FFF; +} + +void *malloc_wrapper(size_t size) { + return (fastrand () % 16) ? malloc (size) : NULL; +} +void free_wrapper(void *freeable) { + free(freeable); +} + +void set_mem_alloc_state(int value) { + mem_alloc_state = value; +} + +#endif + void fuzz_init_detection_module(struct ndpi_detection_module_struct **ndpi_info_mod, int enable_log) { @@ -8,6 +34,10 @@ void fuzz_init_detection_module(struct ndpi_detection_module_struct **ndpi_info_ NDPI_PROTOCOL_BITMASK all, debug_bitmask; if(*ndpi_info_mod == NULL) { +#ifdef ENABLE_MEM_ALLOC_FAILURES + set_ndpi_malloc(malloc_wrapper); + set_ndpi_free(free_wrapper); +#endif *ndpi_info_mod = ndpi_init_detection_module(prefs); NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(*ndpi_info_mod, &all); |