From c3ba65311e2cf4aba8b51cdb6800a5654ef1d060 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Fri, 12 Jul 2024 14:22:25 +0200
Subject: fuzzing: improve coverage (#2495)

Fix detection of WebDAV and Gnutella (over HTTP)
Fix detection of z3950

Add two fuzzers to test `ndpi_memmem()` and `ndpi_strnstr()`

Remove some dead code:
* RTP: the same exact check is performed at the very beginning of the
function
* MQTT: use a better helper to exclude the protocol
* Colletd: `ndpi_hostname_sni_set()` never fails

Update pl7m code (fix a Use-of-uninitialized-value error)
---
 fuzz/fuzz_alg_strnstr.cpp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 fuzz/fuzz_alg_strnstr.cpp

(limited to 'fuzz/fuzz_alg_strnstr.cpp')

diff --git a/fuzz/fuzz_alg_strnstr.cpp b/fuzz/fuzz_alg_strnstr.cpp
new file mode 100644
index 000000000..1a2bd3d2f
--- /dev/null
+++ b/fuzz/fuzz_alg_strnstr.cpp
@@ -0,0 +1,18 @@
+#include "ndpi_api.h"
+
+#include "fuzzer/FuzzedDataProvider.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  FuzzedDataProvider fuzzed_data(data, size);
+  u_int16_t len;
+
+  /* No real memory allocations involved */
+
+  len = fuzzed_data.ConsumeIntegral<u_int16_t>();
+  std::string haystack = fuzzed_data.ConsumeRandomLengthString();
+  std::string needle = fuzzed_data.ConsumeRandomLengthString();
+
+  ndpi_strnstr(haystack.c_str(), needle.c_str(), len);
+
+  return 0;
+}
-- 
cgit v1.2.3