2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00

oss-fuzz: Improve interaction with fuzzing tools and add new tests in fuzz/ directory

This commit is contained in:
Bhargava Shastry
2018-07-03 15:45:11 +02:00
committed by Ondřej Surý
parent d30b90dba6
commit 1c57b73e34
15 changed files with 410 additions and 156 deletions

View File

@@ -36,10 +36,6 @@
#include <unistd.h>
#include <pthread.h>
#ifndef __AFL_LOOP
#error To use American Fuzzy Lop you have to set CC to afl-clang-fast!!!
#endif
/*
* We are using pthreads directly because we might be using it with
* unthreaded version of BIND, where all thread functions are
@@ -61,7 +57,6 @@ fuzz_thread_client(void *arg) {
char *port;
struct sockaddr_in servaddr;
int sockfd;
int loop;
void *buf;
UNUSED(arg);
@@ -103,14 +98,18 @@ fuzz_thread_client(void *arg) {
* Processing fuzzed packets 100,000 times before shutting down
* the app.
*/
for (loop = 0; loop < 100000; loop++) {
#ifdef __AFL_LOOP
for (int loop = 0; loop < 100000; loop++) {
#else
{
#endif
ssize_t length;
ssize_t sent;
length = read(0, buf, 65536);
if (length <= 0) {
usleep(1000000);
continue;
goto next;
}
/*
@@ -130,7 +129,7 @@ fuzz_thread_client(void *arg) {
return (NULL);
}
raise(SIGSTOP);
continue;
goto next;
}
RUNTIME_CHECK(pthread_mutex_lock(&mutex) == 0);
@@ -151,6 +150,7 @@ fuzz_thread_client(void *arg) {
pthread_cond_wait(&cond, &mutex);
RUNTIME_CHECK(pthread_mutex_unlock(&mutex) == 0);
next: ;
}
free(buf);
@@ -586,6 +586,7 @@ fuzz_thread_resolver(void *arg) {
named_server_flushonshutdown(named_g_server, false);
isc_app_shutdown();
#ifdef __AFL_LOOP
/*
* This is here just for the signature, that's how AFL detects
* if it's a 'persistent mode' binary. It has to occur somewhere
@@ -594,6 +595,7 @@ fuzz_thread_resolver(void *arg) {
* in persistent mode if it's present.
*/
__AFL_LOOP(0);
#endif
return (NULL);
}