Mercurial > dropbear

changeset 1758:1365661f6be6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Disable stderr output for fuzzer by default
author Matt Johnston <matt@ucc.asn.au>
date Sat, 24 Oct 2020 22:40:08 +0800
parents 517fb7b62438
children 4c5599435084
files fuzz.h fuzz/fuzz-common.c
diffstat 2 files changed, 36 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/fuzz.h	Fri Oct 23 23:32:44 2020 +0800
+++ b/fuzz.h	Sat Oct 24 22:40:08 2020 +0800
@@ -15,6 +15,10 @@
 void fuzz_svr_setup(void);
 void fuzz_cli_setup(void);
 
+// constructor attribute so it runs before main(), including
+// in non-fuzzing mode.
+void fuzz_early_setup(void) __attribute__((constructor));
+
 // must be called once per fuzz iteration. 
 // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE
 int fuzz_set_input(const uint8_t *Data, size_t Size);
@@ -68,10 +72,21 @@
     int dumping;
     // the file descriptor
     int recv_dumpfd;
+
+    // avoid filling fuzzing logs, this points to /dev/null
+    FILE *stderr;
 };
 
 extern struct dropbear_fuzz_options fuzz;
 
+/* This is a bodge but seems to work.
+ glibc stdio.h has the comment 
+ "C89/C99 say they're macros.  Make them happy." */
+#ifdef stderr
+#undef stderr
+#endif
+#define stderr (fuzz.stderr)
+
 #endif // DROPBEAR_FUZZ
 
 #endif /* DROPBEAR_FUZZ_H */
--- a/fuzz/fuzz-common.c	Fri Oct 23 23:32:44 2020 +0800
+++ b/fuzz/fuzz-common.c	Sat Oct 24 22:40:08 2020 +0800
@@ -11,12 +11,21 @@
 #include "atomicio.h"
 #include "fuzz-wrapfd.h"
 
+/* fuzz.h redefines stderr, we don't want that here */
+#undef stderr
+
 struct dropbear_fuzz_options fuzz;
 
 static void fuzz_dropbear_log(int UNUSED(priority), const char* format, va_list param);
 static void load_fixed_hostkeys(void);
 static void load_fixed_client_key(void);
 
+// This runs automatically before main, due to contructor attribute in fuzz.h
+void fuzz_early_setup(void) {
+    /* Set stderr to point to normal stderr by default */
+    fuzz.stderr = stderr;
+}
+
 void fuzz_common_setup(void) {
 	disallow_core();
     fuzz.fuzzing = 1;
@@ -28,6 +37,18 @@
     fuzz_seed("start", 5);
     /* let any messages get flushed */
     setlinebuf(stdout);
+#if DEBUG_TRACE
+    if (debug_trace)
+    {
+        fprintf(stderr, "Dropbear fuzzer: -v specified, not disabling stderr output\n");
+    }
+    else
+#endif
+    {
+        fprintf(stderr, "Dropbear fuzzer: Disabling stderr output\n");
+        fuzz.stderr = fopen("/dev/null", "w");
+        assert(fuzz.stderr);
+    }
 }
 
 int fuzz_set_input(const uint8_t *Data, size_t Size) {