Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/pkg
 Path: blob/main/external/libder/tests/fuzz_parallel.c
2066 views
1
/*-

2
 * Copyright (c) 2024 Kyle Evans <[email protected]>

3
 *

4
 * SPDX-License-Identifier: BSD-2-Clause

5
 */

6


7
#include <sys/param.h>

8
#include <sys/socket.h>

9


10
#include <assert.h>

11
#include <pthread.h>

12
#include <signal.h>

13
#include <stdbool.h>

14
#include <stdint.h>

15
#include <stdio.h>

16
#include <stdlib.h>

17
#include <unistd.h>

18


19
#include <libder.h>

20


21
#include "fuzzers.h"

22


23
struct fuzz_frame {

24
	uint8_t		frame_threads;

25
};

26


27
struct thread_input {

28
	const uint8_t	*data;

29
	size_t		 datasz;

30
};

31


32
static void *

33
thread_main(void *cookie)

34
{

35
	const struct thread_input *input = cookie;

36
	struct libder_ctx *ctx;

37
	struct libder_object *obj;

38
	const uint8_t *data = input->data;

39
	size_t readsz, sz = input->datasz;

40


41
	ctx = libder_open();

42
	readsz = sz;

43
	obj = libder_read(ctx, data, &readsz);

44
	if (obj == NULL || readsz != sz)

45
		goto out;

46


47
	if (obj != NULL) {

48
		uint8_t *buf = NULL;

49
		size_t bufsz = 0;

50


51
		/*

52
		 * If we successfully read it, then it shouldn't

53
		 * overflow.  We're letting libder allocate the buffer,

54
		 * so we shouldn't be able to hit the 'too small' bit.

55
		 *

56
		 * I can't imagine what other errors might happen, so

57
		 * we'll just assert on it.

58
		 */

59
		buf = libder_write(ctx, obj, buf, &bufsz);

60
		if (buf == NULL)

61
			goto out;

62


63
		assert(bufsz != 0);

64


65
		free(buf);

66
	}

67


68
out:

69
	libder_obj_free(obj);

70
	libder_close(ctx);

71
	return (NULL);

72
}

73


74
int

75
LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz)

76
{

77
	const struct fuzz_frame *frame;

78
	pthread_t *threads;

79
	struct thread_input inp;

80
	size_t nthreads;

81


82
	if (sz <= sizeof(*frame))

83
		return (-1);

84


85
	frame = (const void *)data;

86
	data += sizeof(*frame);

87
	sz -= sizeof(*frame);

88


89
	if (frame->frame_threads < 2)

90
		return (-1);

91


92
	threads = malloc(sizeof(*threads) * frame->frame_threads);

93
	if (threads == NULL)

94
		return (-1);

95


96
	inp.data = data;

97
	inp.datasz = sz;

98


99
	for (nthreads = 0; nthreads < frame->frame_threads; nthreads++) {

100
		if (pthread_create(&threads[nthreads], NULL, thread_main,

101
		    &inp) != 0)

102
			break;

103
	}

104


105
	for (uint8_t i = 0; i < nthreads; i++)

106
		pthread_join(threads[i], NULL);

107


108
	free(threads);

109


110
	return (0);

111
}

112


113