[#3605] Rotate ports on HTTP fuzzers as well

2025-08-31 14:05:33 +00:00 · 2024-10-23 10:59:31 +03:00
parent f340ef1b05
commit a740d0bfe5
12 changed files with 72 additions and 58 deletions
--- a/fuzz/fuzz_http_endpoint_kea_dhcp4.cc
+++ b/fuzz/fuzz_http_endpoint_kea_dhcp4.cc
@@ -42,13 +42,14 @@ using namespace std;
 namespace {

 static pid_t const PID(getpid());
-static int const PORT(getpid() % 1000 + 2000);
 static string const PID_STR(to_string(PID));
-static string const PORT_STR(to_string(PORT));
-static string const ADDRESS("0.0.0.0");
+static string const ADDRESS("127.0.0.1");
 static string const KEA_DHCP4_CONF(KEA_FUZZ_DIR + "/kea-dhcp4-" + PID_STR + ".conf");
 static string const KEA_DHCP4_CSV(KEA_FUZZ_DIR + "/kea-dhcp4-" + PID_STR + ".csv");

+static int PORT;
+static string PORT_STR;
+
 /// @brief Represents HTTP POST request with JSON body.
 ///
 /// In addition to the requirements specified by the @ref PostHttpRequest
@@ -102,24 +103,7 @@ LLVMFuzzerInitialize() {
    static bool initialized(DoInitialization());
    assert(initialized);

-    writeToFile(KEA_DHCP4_CONF, R"(
-      {
-        "Dhcp4": {
-          "control-sockets": [
-            {
-              "socket-address": ")" + ADDRESS + R"(",
-              "socket-port": )" + PORT_STR + R"(,
-              "socket-type": "http"
-            }
-          ],
-          "lease-database": {
-            "name": ")" + KEA_DHCP4_CSV + R"(",
-            "persist": false,
-            "type": "memfile"
-          }
-        }
-      }
-    )");
+    setenv("KEA_DHCP4_FUZZING_ROTATE_PORT", "true", 0);

    return 0;
 }
@@ -141,6 +125,29 @@ int
 LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) {
    CfgMgr::instance().clear();
    ControlledDhcpv4Srv server;
+
+    PORT = ControlledDhcpv4Srv::getInstance()->getServerPort();
+    PORT_STR = to_string(PORT);
+
+    writeToFile(KEA_DHCP4_CONF, R"(
+      {
+        "Dhcp4": {
+          "control-sockets": [
+            {
+              "socket-address": ")" + ADDRESS + R"(",
+              "socket-port": )" + PORT_STR + R"(,
+              "socket-type": "http"
+            }
+          ],
+          "lease-database": {
+            "name": ")" + KEA_DHCP4_CSV + R"(",
+            "persist": false,
+            "type": "memfile"
+          }
+        }
+      }
+    )");
+
    server.init(KEA_DHCP4_CONF);

    HttpClient client(ControlledDhcpv4Srv::getInstance()->getIOService(), false);
--- a/fuzz/fuzz_http_endpoint_kea_dhcp6.cc
+++ b/fuzz/fuzz_http_endpoint_kea_dhcp6.cc
@@ -42,13 +42,14 @@ using namespace std;
 namespace {

 static pid_t const PID(getpid());
-static int const PORT(getpid() % 1000 + 2000);
 static string const PID_STR(to_string(PID));
-static string const PORT_STR(to_string(PORT));
-static string const ADDRESS("::");
+static string const ADDRESS("::1");
 static string const KEA_DHCP6_CONF(KEA_FUZZ_DIR + "/kea-dhcp6-" + PID_STR + ".conf");
 static string const KEA_DHCP6_CSV(KEA_FUZZ_DIR + "/kea-dhcp6-" + PID_STR + ".csv");

+static int PORT;
+static string PORT_STR;
+
 /// @brief Represents HTTP POST request with JSON body.
 ///
 /// In addition to the requirements specified by the @ref PostHttpRequest
@@ -102,6 +103,32 @@ LLVMFuzzerInitialize() {
    static bool initialized(DoInitialization());
    assert(initialized);

+    setenv("KEA_DHCP6_FUZZING_ROTATE_PORT", "true", 0);
+
+    return 0;
+}
+
+int
+LLVMFuzzerTearDown() {
+    try {
+        remove(KEA_DHCP6_CONF.c_str());
+    } catch (...) {
+    }
+    try {
+        remove(KEA_DHCP6_CSV.c_str());
+    } catch (...) {
+    }
+    return 0;
+}
+
+int
+LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) {
+    CfgMgr::instance().clear();
+    ControlledDhcpv6Srv server;
+
+    PORT = ControlledDhcpv6Srv::getInstance()->getServerPort();
+    PORT_STR = to_string(PORT);
+
    writeToFile(KEA_DHCP6_CONF, R"(
      {
        "Dhcp6": {
@@ -127,26 +154,6 @@ LLVMFuzzerInitialize() {
      }
    )");

-    return 0;
-}
-
-int
-LLVMFuzzerTearDown() {
-    try {
-        remove(KEA_DHCP6_CONF.c_str());
-    } catch (...) {
-    }
-    try {
-        remove(KEA_DHCP6_CSV.c_str());
-    } catch (...) {
-    }
-    return 0;
-}
-
-int
-LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) {
-    CfgMgr::instance().clear();
-    ControlledDhcpv6Srv server;
    server.init(KEA_DHCP6_CONF);

    HttpClient client(ControlledDhcpv6Srv::getInstance()->getIOService(), false);
--- a/fuzz/tests/test_fuzz_config_kea_dhcp4.sh
+++ b/fuzz/tests/test_fuzz_config_kea_dhcp4.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_config_kea_dhcp6.sh
+++ b/fuzz/tests/test_fuzz_config_kea_dhcp6.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_http_endpoint_kea_dhcp4.sh
+++ b/fuzz/tests/test_fuzz_http_endpoint_kea_dhcp4.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_http_endpoint_kea_dhcp6.sh
+++ b/fuzz/tests/test_fuzz_http_endpoint_kea_dhcp6.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_packets_kea_dhcp4.sh
+++ b/fuzz/tests/test_fuzz_packets_kea_dhcp4.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_packets_kea_dhcp6.sh
+++ b/fuzz/tests/test_fuzz_packets_kea_dhcp6.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_unix_socket_kea_dhcp4.sh
+++ b/fuzz/tests/test_fuzz_unix_socket_kea_dhcp4.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/fuzz/tests/test_fuzz_unix_socket_kea_dhcp6.sh
+++ b/fuzz/tests/test_fuzz_unix_socket_kea_dhcp6.sh
@@ -1,6 +1,6 @@
 #!/bin/sh

-if ! sudo -n true; then exec sudo -E -- "${0}" "${@}"; fi
+if test "$(id -u)" != 0; then exec sudo -E -- "${0}" "${@}"; fi

 script_path=$(cd "$(dirname "${0}")" && pwd)

--- a/src/bin/dhcp4/dhcp4_srv.cc
+++ b/src/bin/dhcp4/dhcp4_srv.cc
@@ -5181,9 +5181,9 @@ void Dhcpv4Srv::discardPackets() {

 uint16_t Dhcpv4Srv::getServerPort() const {
 #ifdef FUZZING
-    char const* const randomize(getenv("KEA_DHCP4_FUZZING_ROTATE_PORT"));
-    if (randomize) {
-        InterprocessSyncFile file("kea-dhcp4-fuzzing-randomize-port");
+    char const* const rotate(getenv("KEA_DHCP4_FUZZING_ROTATE_PORT"));
+    if (rotate) {
+        InterprocessSyncFile file("kea-dhcp4-fuzzing-rotate-port");
        InterprocessSyncLocker locker(file);
        while (!locker.lock()) {
            this_thread::sleep_for(1s);
--- a/src/bin/dhcp6/dhcp6_srv.cc
+++ b/src/bin/dhcp6/dhcp6_srv.cc
@@ -4921,9 +4921,9 @@ void Dhcpv6Srv::discardPackets() {

 uint16_t Dhcpv6Srv::getServerPort() const {
 #ifdef FUZZING
-    char const* const randomize(getenv("KEA_DHCP6_FUZZING_ROTATE_PORT"));
-    if (randomize) {
-        InterprocessSyncFile file("kea-dhcp6-fuzzing-randomize-port");
+    char const* const rotate(getenv("KEA_DHCP6_FUZZING_ROTATE_PORT"));
+    if (rotate) {
+        InterprocessSyncFile file("kea-dhcp6-fuzzing-rotate-port");
        InterprocessSyncLocker locker(file);
        while (!locker.lock()) {
            this_thread::sleep_for(1s);