diff options
author | Arjun <pkillarjun@protonmail.com> | 2024-06-12 10:34:09 +0530 |
---|---|---|
committer | Andrew Clayton <a.clayton@nginx.com> | 2024-06-14 15:11:38 +0100 |
commit | a93d878e5c3a6c3476e77d021ae59dc937e3066c (patch) | |
tree | f836d6883dea1b9ef766da925c0b76f8b8fc015d /fuzzing/nxt_basic_fuzz.c | |
parent | 965fc94e4910da14d13a2f10d997cc720b3f6127 (diff) | |
download | unit-a93d878e5c3a6c3476e77d021ae59dc937e3066c.tar.gz unit-a93d878e5c3a6c3476e77d021ae59dc937e3066c.tar.bz2 |
fuzzing: add fuzzing targets
Signed-off-by: Arjun <pkillarjun@protonmail.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Diffstat (limited to '')
-rw-r--r-- | fuzzing/nxt_basic_fuzz.c | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/fuzzing/nxt_basic_fuzz.c b/fuzzing/nxt_basic_fuzz.c new file mode 100644 index 00000000..df3a1b6a --- /dev/null +++ b/fuzzing/nxt_basic_fuzz.c @@ -0,0 +1,91 @@ +/* + * Copyright (C) NGINX, Inc. + */ + +#include <nxt_main.h> + + +#define KMININPUTLENGTH 2 +#define KMAXINPUTLENGTH 128 + + +extern int LLVMFuzzerInitialize(int *argc, char ***argv); +extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +void nxt_base64_fuzz(const u_char *data, size_t size); +void nxt_term_fuzz(const u_char *data, size_t size); +void nxt_time_fuzz(const u_char *data, size_t size); +void nxt_utf8_fuzz(const u_char *data, size_t size); + + +extern char **environ; + + +int +LLVMFuzzerInitialize(int *argc, char ***argv) +{ + if (nxt_lib_start("fuzzing", NULL, &environ) != NXT_OK) { + return NXT_ERROR; + } + + return 0; +} + + +int +LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + if (size < KMININPUTLENGTH || size > KMAXINPUTLENGTH) { + return 0; + } + + nxt_base64_fuzz(data, size); + nxt_term_fuzz(data, size); + nxt_time_fuzz(data, size); + nxt_utf8_fuzz(data, size); + + return 0; +} + + +void +nxt_base64_fuzz(const u_char *data, size_t size) +{ + u_char buf[256]; + ssize_t ret; + + /* + * Validate base64 data before decoding. + */ + ret = nxt_base64_decode(NULL, (u_char *)data, size); + if (ret == NXT_ERROR) { + return; + } + + nxt_base64_decode(buf, (u_char *)data, size); +} + + +void +nxt_term_fuzz(const u_char *data, size_t size) +{ + nxt_term_parse(data, size, 0); + nxt_term_parse(data, size, 1); +} + + +void +nxt_time_fuzz(const u_char *data, size_t size) +{ + nxt_time_parse(data, size); +} + + +void +nxt_utf8_fuzz(const u_char *data, size_t size) +{ + const u_char *in; + + in = data; + nxt_utf8_decode(&in, data + size); +} |