[glib/wip/pwithnall/resolver-fuzzing] fuzzing: Add a fuzz test for parsing DNS records




commit 0abfa8ac094e5325e3f22dc8f63dc94bf83303a2
Author: Philip Withnall <pwithnall endlessos org>
Date:   Wed Dec 15 16:56:51 2021 +0000

    fuzzing: Add a fuzz test for parsing DNS records
    
    Based on Patrick’s work to expose the parser for unit testing.
    
    See !2134.
    
    Signed-off-by: Philip Withnall <pwithnall endlessos org>

 fuzzing/fuzz_resolver.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
 fuzzing/meson.build     |  1 +
 2 files changed, 50 insertions(+)
---
diff --git a/fuzzing/fuzz_resolver.c b/fuzzing/fuzz_resolver.c
new file mode 100644
index 000000000..2ea635535
--- /dev/null
+++ b/fuzzing/fuzz_resolver.c
@@ -0,0 +1,49 @@
+#include "fuzz.h"
+#include "gio/gnetworking.h"
+
+#include "../gio/gthreadedresolver.h"
+
+static void
+test_for_rrtype (const guint8 *data,
+                 gsize         data_len,
+                 gint          rrtype)
+{
+  GList *record_list = NULL;
+
+  /* Data too long? */
+  if (data_len > G_MAXSSIZE)
+    return;
+
+  /* rrname is only used in error messages, so doesn’t need to vary.
+   * herr is used similarly, so is just set to zero. */
+  record_list = g_resolver_records_from_res_query ("rrname",
+                                                   rrtype,
+                                                   data,
+                                                   data_len,
+                                                   0,
+                                                   NULL);
+
+  g_list_free_full (record_list, (GDestroyNotify) g_variant_unref);
+}
+
+int
+LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
+{
+  const gint rrtypes_to_test[] =
+    {
+      T_SRV,
+      T_MX,
+      T_SOA,
+      T_NS,
+      T_TXT,
+      999,  /* not currently a valid rrtype, to test the ‘unknown’ code path */
+    };
+  gsize i;
+
+  fuzz_set_logging_func ();
+
+  for (i = 0; i < G_N_ELEMENTS (rrtypes_to_test); i++)
+    test_for_rrtype (data, size, rrtypes_to_test[i]);
+
+  return 0;
+}
diff --git a/fuzzing/meson.build b/fuzzing/meson.build
index c60dcf446..259c6d91d 100644
--- a/fuzzing/meson.build
+++ b/fuzzing/meson.build
@@ -11,6 +11,7 @@ fuzz_targets = [
   'fuzz_network_address_parse',
   'fuzz_network_address_parse_uri',
   'fuzz_paths',
+  'fuzz_resolver',
   'fuzz_uri_escape',
   'fuzz_uri_parse',
   'fuzz_uri_parse_params',


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]