Mercurial > dropbear
annotate fuzz/fuzz-wrapfd.c @ 1810:1b160ed94749
fuzz: don't push wrapfd descriptors larger than needed
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Mon, 08 Mar 2021 21:59:10 +0800 |
| parents | 19b28d2fbe30 |
| children |
| rev | line source |
|---|---|
| 1357 | 1 #define FUZZ_SKIP_WRAP 1 |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 #include "includes.h" |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 #include "fuzz-wrapfd.h" |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 |
|
1596
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1587
diff
changeset
|
5 #include "dbutil.h" |
|
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1587
diff
changeset
|
6 |
| 1357 | 7 #include "fuzz.h" |
| 8 | |
|
1810
1b160ed94749
fuzz: don't push wrapfd descriptors larger than needed
Matt Johnston <matt@ucc.asn.au>
parents:
1802
diff
changeset
|
9 #define IOWRAP_MAXFD (FD_SETSIZE-1) |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 static const int MAX_RANDOM_IN = 50000; |
|
1587
b579ec254988
try and improve the odds of useful fuzzer activity
Matt Johnston <matt@ucc.asn.au>
parents:
1575
diff
changeset
|
11 static const double CHANCE_CLOSE = 1.0 / 600; |
|
b579ec254988
try and improve the odds of useful fuzzer activity
Matt Johnston <matt@ucc.asn.au>
parents:
1575
diff
changeset
|
12 static const double CHANCE_INTR = 1.0 / 900; |
|
b579ec254988
try and improve the odds of useful fuzzer activity
Matt Johnston <matt@ucc.asn.au>
parents:
1575
diff
changeset
|
13 static const double CHANCE_READ1 = 0.96; |
|
b579ec254988
try and improve the odds of useful fuzzer activity
Matt Johnston <matt@ucc.asn.au>
parents:
1575
diff
changeset
|
14 static const double CHANCE_READ2 = 0.5; |
|
b579ec254988
try and improve the odds of useful fuzzer activity
Matt Johnston <matt@ucc.asn.au>
parents:
1575
diff
changeset
|
15 static const double CHANCE_WRITE1 = 0.96; |
|
b579ec254988
try and improve the odds of useful fuzzer activity
Matt Johnston <matt@ucc.asn.au>
parents:
1575
diff
changeset
|
16 static const double CHANCE_WRITE2 = 0.5; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 struct fdwrap { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 enum wrapfd_mode mode; |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
20 int closein; |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
21 int closeout; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 }; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 |
| 1746 | 24 static struct fdwrap wrap_fds[IOWRAP_MAXFD+1] = {{UNUSED, 0, 0}}; |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
25 static int wrapfd_maxfd = -1; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 static unsigned short rand_state[3]; |
|
1740
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
27 static buffer *input_buf; |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
28 static int devnull_fd = -1; |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
29 |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
30 static void wrapfd_remove(int fd); |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 |
|
1740
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
32 void wrapfd_setup(buffer *buf) { |
|
1382
4b864fd12b22
fix building with DEBUG_TRACE
Matt Johnston <matt@ucc.asn.au>
parents:
1377
diff
changeset
|
33 TRACE(("wrapfd_setup")) |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
34 |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
35 // clean old ones |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
36 int i; |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
37 for (i = 0; i <= wrapfd_maxfd; i++) { |
|
1777
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
38 if (wrap_fds[i].mode != UNUSED) { |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
39 wrapfd_remove(i); |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
40 } |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
41 } |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
42 wrapfd_maxfd = -1; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
44 memset(rand_state, 0x0, sizeof(rand_state)); |
|
1377
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1360
diff
changeset
|
45 wrapfd_setseed(50); |
|
1740
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
46 input_buf = buf; |
|
1377
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1360
diff
changeset
|
47 } |
|
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1360
diff
changeset
|
48 |
|
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1360
diff
changeset
|
49 void wrapfd_setseed(uint32_t seed) { |
| 1528 | 50 memcpy(rand_state, &seed, sizeof(seed)); |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 nrand48(rand_state); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 |
|
1777
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
54 int wrapfd_new_fuzzinput() { |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
55 if (devnull_fd == -1) { |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
56 devnull_fd = open("/dev/null", O_RDONLY); |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
57 assert(devnull_fd != -1); |
|
1740
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
58 } |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
59 |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
60 int fd = dup(devnull_fd); |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
61 assert(fd != -1); |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
62 assert(wrap_fds[fd].mode == UNUSED); |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
63 wrap_fds[fd].mode = COMMONBUF; |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
64 wrap_fds[fd].closein = 0; |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
65 wrap_fds[fd].closeout = 0; |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
66 wrapfd_maxfd = MAX(fd, wrapfd_maxfd); |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
67 |
|
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
68 return fd; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 |
|
1777
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
71 int wrapfd_new_dummy() { |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
72 if (devnull_fd == -1) { |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
73 devnull_fd = open("/dev/null", O_RDONLY); |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
74 assert(devnull_fd != -1); |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
75 } |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
76 |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
77 int fd = dup(devnull_fd); |
|
1802
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
78 if (fd == -1) { |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
79 return -1; |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
80 } |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
81 if (fd > IOWRAP_MAXFD) { |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
82 close(fd); |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
83 errno = EMFILE; |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
84 return -1; |
|
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
85 } |
|
1777
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
86 assert(wrap_fds[fd].mode == UNUSED); |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
87 wrap_fds[fd].mode = DUMMY; |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
88 wrap_fds[fd].closein = 0; |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
89 wrap_fds[fd].closeout = 0; |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
90 wrapfd_maxfd = MAX(fd, wrapfd_maxfd); |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
91 |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
92 return fd; |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
93 } |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
94 |
|
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
95 |
|
1744
6cf465af5d9f
Allocate real file descriptors for fuzz input with dup()
Matt Johnston <matt@ucc.asn.au>
parents:
1740
diff
changeset
|
96 static void wrapfd_remove(int fd) { |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
97 TRACE(("wrapfd_remove %d", fd)) |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 assert(fd >= 0); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 assert(fd <= IOWRAP_MAXFD); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
100 assert(wrap_fds[fd].mode != UNUSED); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 wrap_fds[fd].mode = UNUSED; |
|
1802
19b28d2fbe30
fuzz: handle errors from wrapfd_new_dummy()
Matt Johnston <matt@ucc.asn.au>
parents:
1791
diff
changeset
|
102 close(fd); |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 |
|
1360
16f45f2df38f
ignore wrapfd_close for unknown
Matt Johnston <matt@ucc.asn.au>
parents:
1358
diff
changeset
|
105 int wrapfd_close(int fd) { |
| 1528 | 106 if (fd >= 0 && fd <= IOWRAP_MAXFD && wrap_fds[fd].mode != UNUSED) { |
|
1360
16f45f2df38f
ignore wrapfd_close for unknown
Matt Johnston <matt@ucc.asn.au>
parents:
1358
diff
changeset
|
107 wrapfd_remove(fd); |
|
16f45f2df38f
ignore wrapfd_close for unknown
Matt Johnston <matt@ucc.asn.au>
parents:
1358
diff
changeset
|
108 return 0; |
| 1528 | 109 } else { |
|
1360
16f45f2df38f
ignore wrapfd_close for unknown
Matt Johnston <matt@ucc.asn.au>
parents:
1358
diff
changeset
|
110 return close(fd); |
|
16f45f2df38f
ignore wrapfd_close for unknown
Matt Johnston <matt@ucc.asn.au>
parents:
1358
diff
changeset
|
111 } |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
112 } |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
113 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
114 int wrapfd_read(int fd, void *out, size_t count) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
115 size_t maxread; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 |
| 1357 | 117 if (!fuzz.wrapfds) { |
| 118 return read(fd, out, count); | |
| 119 } | |
| 120 | |
| 121 if (fd < 0 || fd > IOWRAP_MAXFD || wrap_fds[fd].mode == UNUSED) { | |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
122 /* XXX - assertion failure? */ |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 TRACE(("Bad read descriptor %d\n", fd)) |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 errno = EBADF; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 return -1; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
126 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
127 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
128 assert(count != 0); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
129 |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
130 if (wrap_fds[fd].closein || erand48(rand_state) < CHANCE_CLOSE) { |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
131 wrap_fds[fd].closein = 1; |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
132 errno = ECONNRESET; |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
133 return -1; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
135 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
136 if (erand48(rand_state) < CHANCE_INTR) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
137 errno = EINTR; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
138 return -1; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
139 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
140 |
|
1777
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
141 if (input_buf && wrap_fds[fd].mode == COMMONBUF) { |
|
1740
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
142 maxread = MIN(input_buf->len - input_buf->pos, count); |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
143 /* returns 0 if buf is EOF, as intended */ |
| 1357 | 144 if (maxread > 0) { |
| 145 maxread = nrand48(rand_state) % maxread + 1; | |
| 146 } | |
|
1740
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
147 memcpy(out, buf_getptr(input_buf, maxread), maxread); |
|
dfbe947bdf0d
Make wrapfd share a common buffer for all FDs
Matt Johnston <matt@ucc.asn.au>
parents:
1596
diff
changeset
|
148 buf_incrpos(input_buf, maxread); |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
149 return maxread; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
150 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
151 |
|
1777
97ad26e397a5
Add server postauth fuzzer, wrap connect_remote()
Matt Johnston <matt@ucc.asn.au>
parents:
1756
diff
changeset
|
152 // return fixed output, of random length |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
153 maxread = MIN(MAX_RANDOM_IN, count); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
154 maxread = nrand48(rand_state) % maxread + 1; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
155 memset(out, 0xef, maxread); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
156 return maxread; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
157 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
158 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
159 int wrapfd_write(int fd, const void* in, size_t count) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
160 unsigned const volatile char* volin = in; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
161 unsigned int i; |
| 1357 | 162 |
| 163 if (!fuzz.wrapfds) { | |
| 164 return write(fd, in, count); | |
| 165 } | |
| 166 | |
| 167 if (fd < 0 || fd > IOWRAP_MAXFD || wrap_fds[fd].mode == UNUSED) { | |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
168 /* XXX - assertion failure? */ |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
169 TRACE(("Bad read descriptor %d\n", fd)) |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
170 errno = EBADF; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
171 return -1; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
172 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
173 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
174 assert(count != 0); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
175 |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
176 /* force read to exercise sanitisers */ |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
177 for (i = 0; i < count; i++) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
178 (void)volin[i]; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
179 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
180 |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
181 if (wrap_fds[fd].closeout || erand48(rand_state) < CHANCE_CLOSE) { |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
182 wrap_fds[fd].closeout = 1; |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
183 errno = ECONNRESET; |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
184 return -1; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
185 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
186 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 if (erand48(rand_state) < CHANCE_INTR) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
188 errno = EINTR; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
189 return -1; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
190 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
191 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
192 return nrand48(rand_state) % (count+1); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
193 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
194 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
195 int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, |
| 1357 | 196 fd_set *exceptfds, struct timeval *timeout) { |
| 197 int i, nset, sel; | |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 int ret = 0; |
| 1528 | 199 int fdlist[IOWRAP_MAXFD+1]; |
| 200 | |
| 1357 | 201 if (!fuzz.wrapfds) { |
| 202 return select(nfds, readfds, writefds, exceptfds, timeout); | |
| 203 } | |
| 204 | |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 assert(nfds <= IOWRAP_MAXFD+1); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
207 if (erand48(rand_state) < CHANCE_INTR) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
208 errno = EINTR; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
209 return -1; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
210 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
211 |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
212 /* read */ |
| 1357 | 213 if (readfds != NULL && erand48(rand_state) < CHANCE_READ1) { |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
214 for (i = 0, nset = 0; i < nfds; i++) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
215 if (FD_ISSET(i, readfds)) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
216 assert(wrap_fds[i].mode != UNUSED); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
217 fdlist[nset] = i; |
| 1357 | 218 nset++; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
219 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
220 } |
|
1596
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1587
diff
changeset
|
221 DROPBEAR_FD_ZERO(readfds); |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
222 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
223 if (nset > 0) { |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
224 /* set one */ |
| 1357 | 225 sel = fdlist[nrand48(rand_state) % nset]; |
| 226 FD_SET(sel, readfds); | |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
227 ret++; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
228 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
229 if (erand48(rand_state) < CHANCE_READ2) { |
| 1357 | 230 sel = fdlist[nrand48(rand_state) % nset]; |
| 231 if (!FD_ISSET(sel, readfds)) { | |
| 232 FD_SET(sel, readfds); | |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
233 ret++; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
234 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
235 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
238 |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
239 /* write */ |
| 1357 | 240 if (writefds != NULL && erand48(rand_state) < CHANCE_WRITE1) { |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 for (i = 0, nset = 0; i < nfds; i++) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
242 if (FD_ISSET(i, writefds)) { |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
243 assert(wrap_fds[i].mode != UNUSED); |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
244 fdlist[nset] = i; |
| 1357 | 245 nset++; |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
246 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 } |
|
1596
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1587
diff
changeset
|
248 DROPBEAR_FD_ZERO(writefds); |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1528
diff
changeset
|
250 /* set one */ |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
251 if (nset > 0) { |
| 1357 | 252 sel = fdlist[nrand48(rand_state) % nset]; |
| 253 FD_SET(sel, writefds); | |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
254 ret++; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
255 |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
256 if (erand48(rand_state) < CHANCE_WRITE2) { |
| 1357 | 257 sel = fdlist[nrand48(rand_state) % nset]; |
| 258 if (!FD_ISSET(sel, writefds)) { | |
| 259 FD_SET(sel, writefds); | |
|
1356
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
260 ret++; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
261 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
262 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
263 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
264 } |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
265 return ret; |
|
3677a510f545
add wrapfd. improve fuzzer in makefile
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
266 } |
| 1357 | 267 |
| 1791 | 268 int fuzz_kill(pid_t pid, int sig) { |
| 269 if (fuzz.fuzzing) { | |
| 270 TRACE(("fuzz_kill ignoring pid %d signal %d", (pid), sig)) | |
| 271 if (sig >= 0) { | |
| 272 return 0; | |
| 273 } else { | |
| 274 errno = EINVAL; | |
| 275 return -1; | |
| 276 } | |
| 277 } | |
| 278 return kill(pid, sig); | |
| 279 } |