1 /*
2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 *
8 * See the COPYRIGHT file distributed with this work for additional
9 * information regarding copyright ownership.
10 */
11
12 #include <errno.h>
13 #include <fcntl.h>
14 #include <stdint.h>
15 #include <stdio.h>
16 #include <stdlib.h>
17 #include <string.h>
18 #include <sys/stat.h>
19 #include <unistd.h>
20
21 #include "fuzz.h"
22
23 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
24
25 #include <dirent.h>
26
27 static void
test_all_from(const char * dirname)28 test_all_from(const char *dirname) {
29 DIR *dirp;
30 struct dirent *dp;
31
32 dirp = opendir(dirname);
33 if (dirp == NULL) {
34 return;
35 }
36
37 while ((dp = readdir(dirp)) != NULL) {
38 char filename[strlen(dirname) + strlen(dp->d_name) + 2];
39 int fd;
40 struct stat st;
41 char *data;
42 ssize_t n;
43
44 if (dp->d_name[0] == '.') {
45 continue;
46 }
47 snprintf(filename, sizeof(filename), "%s/%s", dirname,
48 dp->d_name);
49
50 if ((fd = open(filename, O_RDONLY)) == -1) {
51 fprintf(stderr, "Failed to open %s: %s\n", filename,
52 strerror(errno));
53 continue;
54 }
55
56 if (fstat(fd, &st) != 0) {
57 fprintf(stderr, "Failed to stat %s: %s\n", filename,
58 strerror(errno));
59 goto closefd;
60 }
61
62 data = malloc(st.st_size);
63 n = read(fd, data, st.st_size);
64 if (n == st.st_size) {
65 printf("testing %zd bytes from %s\n", n, filename);
66 fflush(stdout);
67 LLVMFuzzerTestOneInput((const uint8_t *)data, n);
68 fflush(stderr);
69 } else {
70 if (n < 0) {
71 fprintf(stderr,
72 "Failed to read %zd bytes from %s: "
73 "%s\n",
74 (ssize_t)st.st_size, filename,
75 strerror(errno));
76 } else {
77 fprintf(stderr,
78 "Failed to read %zd bytes from %s"
79 ", got %zd\n",
80 (ssize_t)st.st_size, filename, n);
81 }
82 }
83 free(data);
84 closefd:
85 close(fd);
86 }
87
88 closedir(dirp);
89 }
90
91 int
main(int argc,char ** argv)92 main(int argc, char **argv) {
93 char corpusdir[PATH_MAX];
94 const char *target = strrchr(argv[0], '/');
95
96 UNUSED(argc);
97 UNUSED(argv);
98
99 target = (target != NULL) ? target + 1 : argv[0];
100 if (strncmp(target, "lt-", 3) == 0) {
101 target += 3;
102 }
103
104 snprintf(corpusdir, sizeof(corpusdir), FUZZDIR "/%s.in", target);
105
106 test_all_from(corpusdir);
107
108 return (0);
109 }
110
111 #elif __AFL_COMPILER
112
113 int
main(int argc,char ** argv)114 main(int argc, char **argv) {
115 int ret;
116 unsigned char buf[64 * 1024];
117
118 UNUSED(argc);
119 UNUSED(argv);
120
121 #ifdef __AFL_LOOP
122 while (__AFL_LOOP(10000)) { /* only works with afl-clang-fast */
123 #else /* ifdef __AFL_LOOP */
124 {
125 #endif /* ifdef __AFL_LOOP */
126 ret = fread(buf, 1, sizeof(buf), stdin);
127 if (ret < 0) {
128 return (0);
129 }
130
131 LLVMFuzzerTestOneInput(buf, ret);
132 }
133
134 return (0);
135 }
136
137 #endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
138