1 /*
2  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3  *
4  * This Source Code Form is subject to the terms of the Mozilla Public
5  * License, v. 2.0. If a copy of the MPL was not distributed with this
6  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7  *
8  * See the COPYRIGHT file distributed with this work for additional
9  * information regarding copyright ownership.
10  */
11 
12 #include <errno.h>
13 #include <fcntl.h>
14 #include <stdint.h>
15 #include <stdio.h>
16 #include <stdlib.h>
17 #include <string.h>
18 #include <sys/stat.h>
19 #include <unistd.h>
20 
21 #include "fuzz.h"
22 
23 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
24 
25 #include <dirent.h>
26 
27 static void
test_all_from(const char * dirname)28 test_all_from(const char *dirname) {
29 	DIR *dirp;
30 	struct dirent *dp;
31 
32 	dirp = opendir(dirname);
33 	if (dirp == NULL) {
34 		return;
35 	}
36 
37 	while ((dp = readdir(dirp)) != NULL) {
38 		char filename[strlen(dirname) + strlen(dp->d_name) + 2];
39 		int fd;
40 		struct stat st;
41 		char *data;
42 		ssize_t n;
43 
44 		if (dp->d_name[0] == '.') {
45 			continue;
46 		}
47 		snprintf(filename, sizeof(filename), "%s/%s", dirname,
48 			 dp->d_name);
49 
50 		if ((fd = open(filename, O_RDONLY)) == -1) {
51 			fprintf(stderr, "Failed to open %s: %s\n", filename,
52 				strerror(errno));
53 			continue;
54 		}
55 
56 		if (fstat(fd, &st) != 0) {
57 			fprintf(stderr, "Failed to stat %s: %s\n", filename,
58 				strerror(errno));
59 			goto closefd;
60 		}
61 
62 		data = malloc(st.st_size);
63 		n = read(fd, data, st.st_size);
64 		if (n == st.st_size) {
65 			printf("testing %zd bytes from %s\n", n, filename);
66 			fflush(stdout);
67 			LLVMFuzzerTestOneInput((const uint8_t *)data, n);
68 			fflush(stderr);
69 		} else {
70 			if (n < 0) {
71 				fprintf(stderr,
72 					"Failed to read %zd bytes from %s: "
73 					"%s\n",
74 					(ssize_t)st.st_size, filename,
75 					strerror(errno));
76 			} else {
77 				fprintf(stderr,
78 					"Failed to read %zd bytes from %s"
79 					", got %zd\n",
80 					(ssize_t)st.st_size, filename, n);
81 			}
82 		}
83 		free(data);
84 	closefd:
85 		close(fd);
86 	}
87 
88 	closedir(dirp);
89 }
90 
91 int
main(int argc,char ** argv)92 main(int argc, char **argv) {
93 	char corpusdir[PATH_MAX];
94 	const char *target = strrchr(argv[0], '/');
95 
96 	UNUSED(argc);
97 	UNUSED(argv);
98 
99 	target = (target != NULL) ? target + 1 : argv[0];
100 	if (strncmp(target, "lt-", 3) == 0) {
101 		target += 3;
102 	}
103 
104 	snprintf(corpusdir, sizeof(corpusdir), FUZZDIR "/%s.in", target);
105 
106 	test_all_from(corpusdir);
107 
108 	return (0);
109 }
110 
111 #elif __AFL_COMPILER
112 
113 int
main(int argc,char ** argv)114 main(int argc, char **argv) {
115 	int ret;
116 	unsigned char buf[64 * 1024];
117 
118 	UNUSED(argc);
119 	UNUSED(argv);
120 
121 #ifdef __AFL_LOOP
122 	while (__AFL_LOOP(10000)) { /* only works with afl-clang-fast */
123 #else  /* ifdef __AFL_LOOP */
124 	{
125 #endif /* ifdef __AFL_LOOP */
126 		ret = fread(buf, 1, sizeof(buf), stdin);
127 		if (ret < 0) {
128 			return (0);
129 		}
130 
131 		LLVMFuzzerTestOneInput(buf, ret);
132 	}
133 
134 	return (0);
135 }
136 
137 #endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
138