mirror of
https://github.com/davea42/libdwarf-code.git
synced 2025-10-18 09:32:24 +08:00

of the temp file to start with junk to better match what is routine in the regressiontests. And to something that works just fine with Win msys2. (in msys2 "/tmp/anything" will not work for open( "wb") whereas "anything" will work.) modified: fuzz/fuzz_aranges.c modified: fuzz/fuzz_crc.c modified: fuzz/fuzz_crc_32.c modified: fuzz/fuzz_debug_addr_access.c modified: fuzz/fuzz_debug_str.c modified: fuzz/fuzz_debuglink.c modified: fuzz/fuzz_die_cu.c modified: fuzz/fuzz_die_cu_attrs.c modified: fuzz/fuzz_die_cu_attrs_loclist.c modified: fuzz/fuzz_die_cu_e.c modified: fuzz/fuzz_die_cu_e_print.c modified: fuzz/fuzz_die_cu_info1.c modified: fuzz/fuzz_die_cu_offset.c modified: fuzz/fuzz_die_cu_print.c modified: fuzz/fuzz_dnames.c modified: fuzz/fuzz_findfuncbypc.c modified: fuzz/fuzz_gdbindex.c modified: fuzz/fuzz_globals.c modified: fuzz/fuzz_gnu_index.c modified: fuzz/fuzz_init_b.c modified: fuzz/fuzz_init_binary.c modified: fuzz/fuzz_init_path.c modified: fuzz/fuzz_macro_dwarf4.c modified: fuzz/fuzz_macro_dwarf5.c modified: fuzz/fuzz_rng.c modified: fuzz/fuzz_set_frame_all.c modified: fuzz/fuzz_showsectgrp.c modified: fuzz/fuzz_simplereader_tu.c modified: fuzz/fuzz_srcfiles.c modified: fuzz/fuzz_stack_frame_access.c modified: fuzz/fuzz_str_offsets.c modified: fuzz/fuzz_tie.c modified: fuzz/fuzz_xuindex.c modified: src/lib/libdwarf/libdwarf.h
144 lines
4.2 KiB
C
144 lines
4.2 KiB
C
/* Copyright 2021 Google LLC
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
#include <fcntl.h> /* open() O_RDONLY O_BINARY */
|
|
#include <stdint.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/types.h>
|
|
#include <unistd.h>
|
|
#include "dwarf.h"
|
|
#include "libdwarf.h"
|
|
|
|
#ifndef O_BINARY
|
|
#define O_BINARY 0
|
|
#endif
|
|
|
|
|
|
/* Every return from this after dwarf_init_b()
|
|
has to call
|
|
dwarf_finish(dbg);
|
|
close(fuzz_fd);
|
|
unlink(filename);
|
|
to avoid memory leaks (and close the fd, of course). */
|
|
|
|
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
|
char filename[256];
|
|
|
|
#ifdef DWREGRESSIONTEMP
|
|
/* Under msys2, the /tmp/ results in an open fail,
|
|
so we discard the /tmp/ here */
|
|
sprintf(filename, "junklibfuzzer.%d", getpid());
|
|
#else
|
|
sprintf(filename, "/tmp/libfuzzer.%d", getpid());
|
|
#endif
|
|
FILE *fp = fopen(filename, "wb");
|
|
if (!fp) {
|
|
printf("FAIL libfuzzer cannot open temp as writeable %s\n",
|
|
filename);
|
|
return 0;
|
|
}
|
|
fwrite(data, size, 1, fp);
|
|
fclose(fp);
|
|
|
|
int fuzz_fd = 0;
|
|
Dwarf_Ptr errarg = 0;
|
|
Dwarf_Handler errhand = 0;
|
|
Dwarf_Error *errp = NULL;
|
|
Dwarf_Debug dbg = 0;
|
|
|
|
fuzz_fd = open(filename, O_RDONLY|O_BINARY);
|
|
if (fuzz_fd != -1) {
|
|
dwarf_init_b(fuzz_fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, errp);
|
|
Dwarf_Unsigned count = 0;
|
|
int res = 0;
|
|
Dwarf_Unsigned i = 0;
|
|
|
|
res = dwarf_load_rnglists(dbg, &count, errp);
|
|
if (res == DW_DLV_OK) {
|
|
for (i = 0; i < count; ++i) {
|
|
Dwarf_Unsigned header_offset = 0;
|
|
Dwarf_Small offset_size = 0;
|
|
Dwarf_Small extension_size = 0;
|
|
unsigned version = 0;
|
|
Dwarf_Small address_size = 0;
|
|
Dwarf_Small segment_selector_size = 0;
|
|
Dwarf_Unsigned offset_entry_count = 0;
|
|
Dwarf_Unsigned offset_of_offset_array = 0;
|
|
Dwarf_Unsigned offset_of_first_rangeentry = 0;
|
|
Dwarf_Unsigned offset_past_last_rangeentry = 0;
|
|
|
|
res = dwarf_get_rnglist_context_basics(
|
|
dbg, i, &header_offset, &offset_size, &extension_size, &version,
|
|
&address_size, &segment_selector_size, &offset_entry_count,
|
|
&offset_of_offset_array, &offset_of_first_rangeentry,
|
|
&offset_past_last_rangeentry, errp);
|
|
|
|
Dwarf_Unsigned e = 0;
|
|
unsigned colmax = 4;
|
|
unsigned col = 0;
|
|
Dwarf_Unsigned global_offset_of_value = 0;
|
|
|
|
for (; e < offset_entry_count; ++e) {
|
|
Dwarf_Unsigned value = 0;
|
|
int resc = 0;
|
|
|
|
resc = dwarf_get_rnglist_offset_index_value(
|
|
dbg, i, e, &value, &global_offset_of_value, errp);
|
|
if (resc != DW_DLV_OK) {
|
|
dwarf_finish(dbg);
|
|
close(fuzz_fd);
|
|
unlink(filename);
|
|
return resc;
|
|
}
|
|
col++;
|
|
if (col == colmax) {
|
|
col = 0;
|
|
}
|
|
}
|
|
|
|
Dwarf_Unsigned curoffset = offset_of_first_rangeentry;
|
|
Dwarf_Unsigned endoffset = offset_past_last_rangeentry;
|
|
int rese = 0;
|
|
Dwarf_Unsigned ct = 0;
|
|
|
|
for (; curoffset < endoffset; ++ct) {
|
|
unsigned entrylen = 0;
|
|
unsigned code = 0;
|
|
Dwarf_Unsigned v1 = 0;
|
|
Dwarf_Unsigned v2 = 0;
|
|
rese = dwarf_get_rnglist_rle(dbg, i, curoffset, endoffset, &entrylen,
|
|
&code, &v1, &v2, errp);
|
|
if (rese != DW_DLV_OK) {
|
|
dwarf_finish(dbg);
|
|
close(fuzz_fd);
|
|
unlink(filename);
|
|
return rese;
|
|
}
|
|
curoffset += entrylen;
|
|
if (curoffset > endoffset) {
|
|
dwarf_finish(dbg);
|
|
close(fuzz_fd);
|
|
unlink(filename);
|
|
return DW_DLV_ERROR;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
dwarf_finish(dbg);
|
|
close(fuzz_fd);
|
|
}
|
|
unlink(filename);
|
|
return 0;
|
|
}
|