[glib/wip/pwithnall/resolver-fuzzing] fuzzing: Add a fuzz test for parsing DNS records




commit 06e282e50fb6db7192b815639a62efcaa8759786
Author: Philip Withnall <pwithnall endlessos org>
Date:   Wed Dec 15 16:56:51 2021 +0000

    fuzzing: Add a fuzz test for parsing DNS records
    
    Based on Patrick’s work to expose the parser for unit testing.
    
    See !2134.
    
    Signed-off-by: Philip Withnall <pwithnall endlessos org>

 fuzzing/fuzz_resolver.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++++
 fuzzing/meson.build     |  1 +
 2 files changed, 54 insertions(+)
---
diff --git a/fuzzing/fuzz_resolver.c b/fuzzing/fuzz_resolver.c
new file mode 100644
index 000000000..d4ba4b8ba
--- /dev/null
+++ b/fuzzing/fuzz_resolver.c
@@ -0,0 +1,53 @@
+#include "fuzz.h"
+#include "gio/gnetworking.h"
+
+#include "../gio/gthreadedresolver.h"
+
+static void
+test_for_rrtype (const guint8 *data,
+                 gsize         data_len,
+                 gint          rrtype)
+{
+  /* g_resolver_records_from_res_query() is only available on Unix */
+#ifdef G_OS_UNIX
+  GList *record_list = NULL;
+
+  /* Data too long? */
+  if (data_len > G_MAXSSIZE)
+    return;
+
+  /* rrname is only used in error messages, so doesn’t need to vary.
+   * herr is used similarly, so is just set to zero. */
+  record_list = g_resolver_records_from_res_query ("rrname",
+                                                   rrtype,
+                                                   data,
+                                                   data_len,
+                                                   0,
+                                                   NULL);
+
+  g_list_free_full (record_list, (GDestroyNotify) g_variant_unref);
+#endif  /* G_OS_UNIX */
+}
+
+int
+LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
+{
+  const gint rrtypes_to_test[] =
+    {
+      /* See https://en.wikipedia.org/wiki/List_of_DNS_record_types */
+      33  /* SRV */,
+      15  /* MX */,
+      6  /* SOA */,
+      2  /* NS */,
+      16  /* TXT */,
+      999,  /* not currently a valid rrtype, to test the ‘unknown’ code path */
+    };
+  gsize i;
+
+  fuzz_set_logging_func ();
+
+  for (i = 0; i < G_N_ELEMENTS (rrtypes_to_test); i++)
+    test_for_rrtype (data, size, rrtypes_to_test[i]);
+
+  return 0;
+}
diff --git a/fuzzing/meson.build b/fuzzing/meson.build
index c60dcf446..259c6d91d 100644
--- a/fuzzing/meson.build
+++ b/fuzzing/meson.build
@@ -11,6 +11,7 @@ fuzz_targets = [
   'fuzz_network_address_parse',
   'fuzz_network_address_parse_uri',
   'fuzz_paths',
+  'fuzz_resolver',
   'fuzz_uri_escape',
   'fuzz_uri_parse',
   'fuzz_uri_parse_params',


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]