diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-12-11 19:24:17 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-11 19:24:17 +0100 |
| commit | 7b5354588bdd91b46f65136d1adae662d1acb516 (patch) | |
| tree | 7fe074f16eff9431c7736ae93fb430362d1f65f4 /fuzz | |
| parent | b3f2b1bb7f90c18a7542ab06acdf26318cdfa6fe (diff) | |
fuzz: extend fuzzing coverage (#2208)
Diffstat (limited to 'fuzz')
| -rw-r--r-- | fuzz/Makefile.am | 62 | ||||
| -rw-r--r-- | fuzz/corpus/fuzz_filecfg_malicious_ja3/1 | 2 | ||||
| -rw-r--r-- | fuzz/corpus/fuzz_filecfg_malicious_ja3/2 | 1 | ||||
| -rw-r--r-- | fuzz/corpus/fuzz_filecfg_malicious_sha1/1 | 2 | ||||
| -rw-r--r-- | fuzz/corpus/fuzz_filecfg_malicious_sha1/2 | 1 | ||||
| -rw-r--r-- | fuzz/corpus/fuzz_filecfg_risk_domains/1 | 2 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_categories.c | 3 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_malicious_ja3.c | 47 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_malicious_sha1.c | 47 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_protocols.c | 3 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_risk_domains.c | 47 |
11 files changed, 211 insertions, 6 deletions
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index 6caa57fa9..978102813 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -8,7 +8,7 @@ bin_PROGRAMS += fuzz_libinjection fuzz_binaryfusefilter #Internal crypto bin_PROGRAMS += fuzz_gcrypt_light fuzz_gcrypt_aes fuzz_gcrypt_gcm fuzz_gcrypt_cipher #Configuration files -bin_PROGRAMS += fuzz_filecfg_protocols fuzz_filecfg_categories +bin_PROGRAMS += fuzz_filecfg_protocols fuzz_filecfg_categories fuzz_filecfg_malicious_sha1 fuzz_filecfg_malicious_ja3 fuzz_filecfg_risk_domains #Reader utils bin_PROGRAMS += fuzz_readerutils_workflow fuzz_readerutils_parseprotolist @@ -499,7 +499,7 @@ fuzz_gcrypt_cipher_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(fuzz_gcrypt_cipher_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ fuzz_filecfg_protocols_SOURCES = fuzz_filecfg_protocols.c fuzz_common_code.c -fuzz_filecfg_protocols_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) +fuzz_filecfg_protocols_CFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION fuzz_filecfg_protocols_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) fuzz_filecfg_protocols_LDFLAGS = $(LIBS) if HAS_FUZZLDFLAGS @@ -512,7 +512,7 @@ fuzz_filecfg_protocols_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(fuzz_filecfg_protocols_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ fuzz_filecfg_categories_SOURCES = fuzz_filecfg_categories.c fuzz_common_code.c -fuzz_filecfg_categories_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) +fuzz_filecfg_categories_CFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION fuzz_filecfg_categories_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) fuzz_filecfg_categories_LDFLAGS = $(LIBS) if HAS_FUZZLDFLAGS @@ -524,6 +524,45 @@ fuzz_filecfg_categories_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_filecfg_categories_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ +fuzz_filecfg_malicious_sha1_SOURCES = fuzz_filecfg_malicious_sha1.c fuzz_common_code.c +fuzz_filecfg_malicious_sha1_CFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION +fuzz_filecfg_malicious_sha1_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) +fuzz_filecfg_malicious_sha1_LDFLAGS = $(LIBS) +if HAS_FUZZLDFLAGS +fuzz_filecfg_malicious_sha1_CFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_filecfg_malicious_sha1_LDFLAGS += $(LIB_FUZZING_ENGINE) +endif +# force usage of CXX for linker +fuzz_filecfg_malicious_sha1_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ + $(fuzz_filecfg_malicious_sha1_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ + +fuzz_filecfg_malicious_ja3_SOURCES = fuzz_filecfg_malicious_ja3.c fuzz_common_code.c +fuzz_filecfg_malicious_ja3_CFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION +fuzz_filecfg_malicious_ja3_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) +fuzz_filecfg_malicious_ja3_LDFLAGS = $(LIBS) +if HAS_FUZZLDFLAGS +fuzz_filecfg_malicious_ja3_CFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_filecfg_malicious_ja3_LDFLAGS += $(LIB_FUZZING_ENGINE) +endif +# force usage of CXX for linker +fuzz_filecfg_malicious_ja3_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ + $(fuzz_filecfg_malicious_ja3_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ + +fuzz_filecfg_risk_domains_SOURCES = fuzz_filecfg_risk_domains.c fuzz_common_code.c +fuzz_filecfg_risk_domains_CFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION +fuzz_filecfg_risk_domains_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) +fuzz_filecfg_risk_domains_LDFLAGS = $(LIBS) +if HAS_FUZZLDFLAGS +fuzz_filecfg_risk_domains_CFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_filecfg_risk_domains_LDFLAGS += $(LIB_FUZZING_ENGINE) +endif +# force usage of CXX for linker +fuzz_filecfg_risk_domains_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ + $(fuzz_filecfg_risk_domains_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ + fuzz_readerutils_workflow_SOURCES = fuzz_readerutils_workflow.cpp fuzz_common_code.c ../example/reader_util.c fuzz_readerutils_workflow_CXXFLAGS = -I../example/ @NDPI_CFLAGS@ $(CXXFLAGS) -DDISABLE_CUSTOM_ALLOCATOR_ON_READERUTILS fuzz_readerutils_workflow_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -DDISABLE_CUSTOM_ALLOCATOR_ON_READERUTILS @@ -656,6 +695,18 @@ files_corpus_fuzz_filecfg_categories := $(wildcard corpus/fuzz_filecfg_categori fuzz_filecfg_categories_seed_corpus.zip: $(files_corpus_fuzz_filecfg_categories) zip -j fuzz_filecfg_categories_seed_corpus.zip $(files_corpus_fuzz_filecfg_categories) +files_corpus_fuzz_filecfg_malicious_sha1 := $(wildcard corpus/fuzz_filecfg_malicious_sha1/*) +fuzz_filecfg_malicious_sha1_seed_corpus.zip: $(files_corpus_fuzz_filecfg_malicious_sha1) + zip -j fuzz_filecfg_malicious_sha1_seed_corpus.zip $(files_corpus_fuzz_filecfg_malicious_sha1) + +files_corpus_fuzz_filecfg_malicious_ja3 := $(wildcard corpus/fuzz_filecfg_malicious_ja3/*) +fuzz_filecfg_malicious_ja3_seed_corpus.zip: $(files_corpus_fuzz_filecfg_malicious_ja3) + zip -j fuzz_filecfg_malicious_ja3_seed_corpus.zip $(files_corpus_fuzz_filecfg_malicious_ja3) + +files_corpus_fuzz_filecfg_risk_domains := $(wildcard corpus/fuzz_filecfg_risk_domains/*) +fuzz_filecfg_risk_domains_seed_corpus.zip: $(files_corpus_fuzz_filecfg_risk_domains) + zip -j fuzz_filecfg_risk_domains_seed_corpus.zip $(files_corpus_fuzz_filecfg_risk_domains) + files_corpus_fuzz_readerutils_workflow := $(wildcard corpus/fuzz_readerutils_workflow/*) fuzz_readerutils_workflow_seed_corpus.zip: $(files_corpus_fuzz_readerutils_workflow) zip -j fuzz_readerutils_workflow_seed_corpus.zip $(files_corpus_fuzz_readerutils_workflow) @@ -672,7 +723,7 @@ files_corpus_fuzz_ds_domain_classify := $(wildcard corpus/fuzz_ds_domain_classi fuzz_ds_domain_classify_seed_corpus.zip: $(files_corpus_fuzz_ds_domain_classify) zip -j fuzz_ds_domain_classify_seed_corpus.zip $(files_corpus_fuzz_ds_domain_classify) -corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip fuzz_config_seed_corpus.zip fuzz_ds_patricia_seed_corpus.zip fuzz_ds_ahocorasick_seed_corpus.zip fuzz_alg_ses_des_seed_corpus.zip fuzz_alg_hw_rsi_outliers_da_seed_corpus.zip fuzz_alg_bins_seed_corpus.zip fuzz_alg_hll_seed_corpus.zip fuzz_alg_jitter_seed_corpus.zip fuzz_ds_libcache_seed_corpus.zip fuzz_community_id_seed_corpus.zip fuzz_ds_tree_seed_corpus.zip fuzz_serialization_seed_corpus.zip fuzz_ds_ptree_seed_corpus.zip fuzz_alg_crc32_md5_seed_corpus.zip fuzz_alg_bytestream_seed_corpus.zip fuzz_libinjection_seed_corpus.zip fuzz_tls_certificate_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_readerutils_workflow_seed_corpus.zip fuzz_readerutils_parseprotolist_seed_corpus.zip fuzz_ds_bitmap64_seed_corpus.zip fuzz_ds_domain_classify_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_is_stun_udp_seed_corpus.zip fuzz_is_stun_tcp_seed_corpus.zip +corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip fuzz_config_seed_corpus.zip fuzz_ds_patricia_seed_corpus.zip fuzz_ds_ahocorasick_seed_corpus.zip fuzz_alg_ses_des_seed_corpus.zip fuzz_alg_hw_rsi_outliers_da_seed_corpus.zip fuzz_alg_bins_seed_corpus.zip fuzz_alg_hll_seed_corpus.zip fuzz_alg_jitter_seed_corpus.zip fuzz_ds_libcache_seed_corpus.zip fuzz_community_id_seed_corpus.zip fuzz_ds_tree_seed_corpus.zip fuzz_serialization_seed_corpus.zip fuzz_ds_ptree_seed_corpus.zip fuzz_alg_crc32_md5_seed_corpus.zip fuzz_alg_bytestream_seed_corpus.zip fuzz_libinjection_seed_corpus.zip fuzz_tls_certificate_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_readerutils_workflow_seed_corpus.zip fuzz_readerutils_parseprotolist_seed_corpus.zip fuzz_ds_bitmap64_seed_corpus.zip fuzz_ds_domain_classify_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_is_stun_udp_seed_corpus.zip fuzz_is_stun_tcp_seed_corpus.zip fuzz_filecfg_malicious_sha1_seed_corpus.zip fuzz_filecfg_malicious_ja3_seed_corpus.zip fuzz_filecfg_risk_domains_seed_corpus.zip cp corpus/fuzz_*seed_corpus.zip . #Create dictionaries exactly as expected by oss-fuzz. @@ -702,6 +753,9 @@ distdir: -o -path './corpus/fuzz_quic_get_crypto_data/*' \ -o -path './corpus/fuzz_filecfg_protocols/*' \ -o -path './corpus/fuzz_filecfg_categories/*' \ + -o -path './corpus/fuzz_filecfg_malicious_sha1/*' \ + -o -path './corpus/fuzz_filecfg_malicious_ja3/*' \ + -o -path './corpus/fuzz_filecfg_risk_domains/*' \ -o -path './corpus/fuzz_readerutils_workflow/*' \ -o -path './corpus/fuzz_readerutils_parseprotolist/*' \ -o -path './corpus/fuzz_config/*' \ diff --git a/fuzz/corpus/fuzz_filecfg_malicious_ja3/1 b/fuzz/corpus/fuzz_filecfg_malicious_ja3/1 new file mode 100644 index 000000000..6cebd9e6e --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_malicious_ja3/1 @@ -0,0 +1,2 @@ +# ja3_md5,Firstseen,Lastseen,Listingreason +b386946a5a44d1ddcc843bc75336dfce,2017-07-14 18:08:15,2019-07-27 20:42:54,Dridex diff --git a/fuzz/corpus/fuzz_filecfg_malicious_ja3/2 b/fuzz/corpus/fuzz_filecfg_malicious_ja3/2 new file mode 100644 index 000000000..b169853f2 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_malicious_ja3/2 @@ -0,0 +1 @@ +8991a387e4cc841740f25d6f5139f92d8991a387e4cc841740f25d6f5139f92d,2017-07-14 19:02:03,2019-07-28 00:34:38,Adware diff --git a/fuzz/corpus/fuzz_filecfg_malicious_sha1/1 b/fuzz/corpus/fuzz_filecfg_malicious_sha1/1 new file mode 100644 index 000000000..8428dbab7 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_malicious_sha1/1 @@ -0,0 +1,2 @@ +#The first entry (and only the first one) is fake. It is used to trigger the risk in the tests +1970-01-01 00:00:00,0DDB34F875632C7E1EC09D75827F82D2336DFEB6, Fake diff --git a/fuzz/corpus/fuzz_filecfg_malicious_sha1/2 b/fuzz/corpus/fuzz_filecfg_malicious_sha1/2 new file mode 100644 index 000000000..f13b5ae50 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_malicious_sha1/2 @@ -0,0 +1 @@ +2022-07-02 07:02:11,3784422d67a6ae0c82d60eeaf3850960a9896cb22,AsyncRAT C&C diff --git a/fuzz/corpus/fuzz_filecfg_risk_domains/1 b/fuzz/corpus/fuzz_filecfg_risk_domains/1 new file mode 100644 index 000000000..8c0066e74 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_risk_domains/1 @@ -0,0 +1,2 @@ +# https://www.spamhaus.org/statistics/tlds/ +.fail diff --git a/fuzz/fuzz_filecfg_categories.c b/fuzz/fuzz_filecfg_categories.c index 8b39d714f..4a45021d8 100644 --- a/fuzz/fuzz_filecfg_categories.c +++ b/fuzz/fuzz_filecfg_categories.c @@ -1,4 +1,5 @@ #include "ndpi_api.h" +#include "ndpi_private.h" #include "fuzz_common_code.h" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { @@ -35,7 +36,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); fd = buffer_to_file(data, size); - ndpi_load_categories_file_fd(ndpi_struct, fd, NULL); + load_categories_file_fd(ndpi_struct, fd, NULL); if(fd) fclose(fd); diff --git a/fuzz/fuzz_filecfg_malicious_ja3.c b/fuzz/fuzz_filecfg_malicious_ja3.c new file mode 100644 index 000000000..69adeb0f0 --- /dev/null +++ b/fuzz/fuzz_filecfg_malicious_ja3.c @@ -0,0 +1,47 @@ +#include "ndpi_api.h" +#include "ndpi_private.h" +#include "fuzz_common_code.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct ndpi_detection_module_struct *ndpi_struct; + FILE *fd; + /* Try to be fast */ + ndpi_init_prefs prefs = ndpi_dont_load_tor_list | + ndpi_dont_load_azure_list | + ndpi_dont_load_whatsapp_list | + ndpi_dont_load_amazon_aws_list | + ndpi_dont_load_ethereum_list | + ndpi_dont_load_zoom_list | + ndpi_dont_load_cloudflare_list | + ndpi_dont_load_microsoft_list | + ndpi_dont_load_google_list | + ndpi_dont_load_google_cloud_list | + ndpi_dont_load_asn_lists | + ndpi_dont_init_risk_ptree | + ndpi_dont_load_cachefly_list | + ndpi_dont_load_protonvpn_list | + ndpi_dont_load_mullvad_list; + NDPI_PROTOCOL_BITMASK all; + NDPI_PROTOCOL_BITMASK debug_bitmask; + + /* To allow memory allocation failures */ + fuzz_set_alloc_callbacks_and_seed(size); + + ndpi_struct = ndpi_init_detection_module(prefs); + NDPI_BITMASK_SET_ALL(all); + ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); + + NDPI_BITMASK_SET_ALL(debug_bitmask); + ndpi_set_log_level(ndpi_struct, 4); + ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + + fd = buffer_to_file(data, size); + load_malicious_ja3_file_fd(ndpi_struct, fd); + if(fd) + fclose(fd); + + /* We don't really need to call ndpi_finalize_initialization */ + + ndpi_exit_detection_module(ndpi_struct); + return 0; +} diff --git a/fuzz/fuzz_filecfg_malicious_sha1.c b/fuzz/fuzz_filecfg_malicious_sha1.c new file mode 100644 index 000000000..0d5ca3ae4 --- /dev/null +++ b/fuzz/fuzz_filecfg_malicious_sha1.c @@ -0,0 +1,47 @@ +#include "ndpi_api.h" +#include "ndpi_private.h" +#include "fuzz_common_code.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct ndpi_detection_module_struct *ndpi_struct; + FILE *fd; + /* Try to be fast */ + ndpi_init_prefs prefs = ndpi_dont_load_tor_list | + ndpi_dont_load_azure_list | + ndpi_dont_load_whatsapp_list | + ndpi_dont_load_amazon_aws_list | + ndpi_dont_load_ethereum_list | + ndpi_dont_load_zoom_list | + ndpi_dont_load_cloudflare_list | + ndpi_dont_load_microsoft_list | + ndpi_dont_load_google_list | + ndpi_dont_load_google_cloud_list | + ndpi_dont_load_asn_lists | + ndpi_dont_init_risk_ptree | + ndpi_dont_load_cachefly_list | + ndpi_dont_load_protonvpn_list | + ndpi_dont_load_mullvad_list; + NDPI_PROTOCOL_BITMASK all; + NDPI_PROTOCOL_BITMASK debug_bitmask; + + /* To allow memory allocation failures */ + fuzz_set_alloc_callbacks_and_seed(size); + + ndpi_struct = ndpi_init_detection_module(prefs); + NDPI_BITMASK_SET_ALL(all); + ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); + + NDPI_BITMASK_SET_ALL(debug_bitmask); + ndpi_set_log_level(ndpi_struct, 4); + ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + + fd = buffer_to_file(data, size); + load_malicious_sha1_file_fd(ndpi_struct, fd); + if(fd) + fclose(fd); + + /* We don't really need to call ndpi_finalize_initialization */ + + ndpi_exit_detection_module(ndpi_struct); + return 0; +} diff --git a/fuzz/fuzz_filecfg_protocols.c b/fuzz/fuzz_filecfg_protocols.c index efc9cf0ec..e6f296f68 100644 --- a/fuzz/fuzz_filecfg_protocols.c +++ b/fuzz/fuzz_filecfg_protocols.c @@ -1,4 +1,5 @@ #include "ndpi_api.h" +#include "ndpi_private.h" #include "fuzz_common_code.h" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { @@ -35,7 +36,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); fd = buffer_to_file(data, size); - ndpi_load_protocols_file_fd(ndpi_struct, fd); + load_protocols_file_fd(ndpi_struct, fd); if(fd) fclose(fd); diff --git a/fuzz/fuzz_filecfg_risk_domains.c b/fuzz/fuzz_filecfg_risk_domains.c new file mode 100644 index 000000000..94b772bd1 --- /dev/null +++ b/fuzz/fuzz_filecfg_risk_domains.c @@ -0,0 +1,47 @@ +#include "ndpi_api.h" +#include "ndpi_private.h" +#include "fuzz_common_code.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct ndpi_detection_module_struct *ndpi_struct; + FILE *fd; + /* Try to be fast */ + ndpi_init_prefs prefs = ndpi_dont_load_tor_list | + ndpi_dont_load_azure_list | + ndpi_dont_load_whatsapp_list | + ndpi_dont_load_amazon_aws_list | + ndpi_dont_load_ethereum_list | + ndpi_dont_load_zoom_list | + ndpi_dont_load_cloudflare_list | + ndpi_dont_load_microsoft_list | + ndpi_dont_load_google_list | + ndpi_dont_load_google_cloud_list | + ndpi_dont_load_asn_lists | + ndpi_dont_init_risk_ptree | + ndpi_dont_load_cachefly_list | + ndpi_dont_load_protonvpn_list | + ndpi_dont_load_mullvad_list; + NDPI_PROTOCOL_BITMASK all; + NDPI_PROTOCOL_BITMASK debug_bitmask; + + /* To allow memory allocation failures */ + fuzz_set_alloc_callbacks_and_seed(size); + + ndpi_struct = ndpi_init_detection_module(prefs); + NDPI_BITMASK_SET_ALL(all); + ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); + + NDPI_BITMASK_SET_ALL(debug_bitmask); + ndpi_set_log_level(ndpi_struct, 4); + ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + + fd = buffer_to_file(data, size); + load_risk_domain_file_fd(ndpi_struct, fd); + if(fd) + fclose(fd); + + /* We don't really need to call ndpi_finalize_initialization */ + + ndpi_exit_detection_module(ndpi_struct); + return 0; +} |