1 /*
2  * Copyright (c) 2017-2019, 2021 Free Software Foundation, Inc.
3  *
4  * This file is part of GNU Wget.
5  *
6  * GNU Wget is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * GNU Wget is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with Wget.  If not, see <https://www.gnu.org/licenses/>.
18  */
19 
20 #include <config.h>
21 
22 #include <sys/types.h>
23 #include <dirent.h> // opendir, readdir
24 #include <stdint.h> // uint8_t
25 #include <stdio.h>  // fmemopen
26 #include <string.h>  // strncmp
27 #include <stdlib.h>  // free
28 #include <fcntl.h>  // open flags
29 #include <unistd.h>  // close
30 #include <setjmp.h> // longjmp, setjmp
31 #include <assert.h> // assert
32 
33 #include "wget.h"
34 
35 #undef fopen_wgetrc
36 
37 #ifdef __cplusplus
38   extern "C" {
39 #endif
40   #include "http-ntlm.h"
41 
42   // declarations for wget internal functions
43   int main_wget(int argc, const char **argv);
44   void cleanup(void);
45   FILE *fopen_wget(const char *pathname, const char *mode);
46   FILE *fopen_wgetrc(const char *pathname, const char *mode);
47   void exit_wget(int status);
48 #ifdef __cplusplus
49   }
50 #endif
51 
52 #include "fuzzer.h"
53 
fopen_wget(const char * pathname,const char * mode)54 FILE *fopen_wget(const char *pathname, const char *mode)
55 {
56 	(void) pathname;
57 	return fopen("/dev/null", mode);
58 }
59 
fopen_wgetrc(const char * pathname,const char * mode)60 FILE *fopen_wgetrc(const char *pathname, const char *mode)
61 {
62 	(void) pathname;
63 	(void) mode;
64 	return NULL;
65 }
66 
67 #ifdef FUZZING
exit_wget(int status)68 void exit_wget(int status)
69 {
70 	(void) status;
71 }
72 #endif
73 
74 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)75 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
76 {
77 	if (size > 128) // same as max_len = ... in .options file
78 		return 0;
79 
80 	//	CLOSE_STDERR
81 
82 	struct ntlmdata *ntlm = (struct ntlmdata *) calloc(1, sizeof(struct ntlmdata));
83 	char *data0 = (char *) malloc(size + 4 + 1);
84 	bool ready;
85 
86 	assert(ntlm && data0);
87 
88 	memcpy(data0, "NTLM", 4);
89 	memcpy(data0 + 4, data, size);
90 	data0[size + 4] = 0;
91 
92 	if (ntlm_input(ntlm, data0))
93 		free(ntlm_output(ntlm, data0 + 4, data0 + 4, &ready));
94 
95 	free(data0);
96 	free(ntlm);
97 
98 //	RESTORE_STDERR
99 
100 	return 0;
101 }
102