1 /*
2 * Copyright (c) 2017-2021 Free Software Foundation, Inc.
3 *
4 * This file is part of libwget.
5 *
6 * Libwget is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Lesser General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * Libwget is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with libwget. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20 #include <config.h>
21
22 #include <assert.h>
23 #include <stdio.h>
24 #include <stdint.h>
25 #include <stdlib.h>
26 #include <string.h>
27
28 #include "wget.h"
29 #include "fuzzer.h"
30
cookie_free(void * cookie)31 static void cookie_free(void *cookie)
32 {
33 if (cookie)
34 wget_cookie_free((wget_cookie **) &cookie);
35 }
36
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)37 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
38 {
39 wget_cookie_db *db, *db2;
40 wget_cookie *cookie, *cookie2;
41 wget_iri *iri;
42 wget_vector *cookies;
43 char *in;
44
45 if (size > 1000) // same as max_len = 10000 in .options file
46 return 0;
47
48 in = (char *) malloc(size + 1);
49 assert(in != NULL);
50
51 // 0 terminate
52 memcpy(in, data, size);
53 in[size] = 0;
54
55 wget_free(wget_cookie_to_setcookie(NULL));
56 wget_cookie_store_cookie(NULL, NULL);
57 wget_cookie_db_save(NULL, NULL);
58 wget_cookie_db_load(NULL, NULL);
59 wget_cookie_create_request_header(NULL, NULL);
60
61 db = wget_cookie_db_init(NULL);
62 wget_cookie_set_keep_session_cookies(db, 1);
63
64 wget_cookie_parse_setcookie(in, &cookie);
65 wget_free(wget_cookie_to_setcookie(cookie));
66
67 if (cookie) {
68 char fname[64];
69
70 wget_cookie_check_psl(db, cookie);
71 iri = wget_iri_parse("x.y", "iso-8859-1");
72 wget_cookie_normalize(iri, cookie);
73
74 wget_cookie_store_cookie(db, cookie);
75
76 wget_cookie_parse_setcookie(in, &cookie2);
77 cookies = wget_vector_create(4, NULL);
78 wget_vector_set_destructor(cookies, cookie_free);
79 wget_vector_add(cookies, cookie2);
80 wget_cookie_normalize_cookies(iri, cookies);
81 wget_cookie_store_cookies(db, cookies);
82 wget_http_free_cookies(&cookies);
83
84 wget_free(wget_cookie_create_request_header(db, iri));
85 wget_iri_free(&iri);
86
87 // test load & save functions
88 wget_snprintf(fname, sizeof(fname), "%d.tmp", getpid());
89 wget_cookie_db_save(db, fname);
90
91 db2 = wget_cookie_db_init(NULL);
92 wget_cookie_db_load(db2, fname);
93 wget_cookie_db_free(&db2);
94
95 unlink(fname);
96 }
97
98 wget_cookie_db_load_psl(NULL, NULL);
99 wget_cookie_db_load_psl(db, "/dev/null");
100 wget_cookie_db_load_psl(db, NULL);
101
102 // wget_cookie_free(&cookie);
103 wget_cookie_db_free(&db);
104
105 free(in);
106
107 return 0;
108 }
109