Add fuzzshark to cmake/autotools.

Add fuzzshark target to make sure that oss-fuzzshark always build.

Change-Id: I802b679c18023daa1475a54bae722b5e90c72a59
Reviewed-on: https://code.wireshark.org/review/24716
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This commit is contained in:
Jakub Zawadzki 2017-12-06 21:10:29 +01:00 committed by Gerald Combs
parent 8687fca8a8
commit 038aa2a616
7 changed files with 228 additions and 21 deletions

1
.gitignore vendored
View File

@ -79,6 +79,7 @@ dftest
dumpcap
editcap
exntest
fuzzshark
install-sh
libtool
libtool.m4

View File

@ -2563,6 +2563,22 @@ if(BUILD_randpkt)
install(TARGETS randpkt RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
endif()
if(BUILD_fuzzshark)
set(fuzzshark_LIBS
${LIBEPAN_LIBS}
)
set(fuzzshark_FILES
tools/oss-fuzzshark/fuzzshark.c
tools/oss-fuzzshark/StandaloneFuzzTargetMain.c
version_info.c
)
add_executable(fuzzshark ${fuzzshark_FILES})
add_dependencies(fuzzshark version)
set_extra_executable_properties(fuzzshark "Executables")
target_link_libraries(fuzzshark ${fuzzshark_LIBS})
install(TARGETS fuzzshark RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
endif()
if(BUILD_text2pcap)
set(text2pcap_LIBS
writecap

View File

@ -23,6 +23,7 @@ option(BUILD_ciscodump "Build ciscodump" ON)
option(BUILD_randpktdump "Build randpktdump" ON)
option(BUILD_udpdump "Build udpdump" ON)
option(BUILD_sharkd "Build sharkd" ON)
option(BUILD_fuzzshark "Build fuzzshark" ON)
option(DISABLE_WERROR "Do not treat warnings as errors" OFF)
option(DISABLE_FRAME_LARGER_THAN_WARNING "Disable warning if the size of a function frame is large" OFF)

View File

@ -45,11 +45,12 @@ bin_PROGRAMS = \
@dumpcap_bin@ \
@reordercap_bin@ \
@rawshark_bin@ \
@sharkd_bin@
@sharkd_bin@ \
@fuzzshark_bin@
EXTRA_PROGRAMS = wireshark-gtk wireshark tshark tfshark capinfos captype \
editcap mergecap dftest randpkt text2pcap dumpcap reordercap \
rawshark sharkd
rawshark sharkd fuzzshark
#
# Wireshark configuration files are put in $(pkgdatadir).
@ -453,6 +454,22 @@ wireshark_gtk_LDADD = \
@PORTAUDIO_LIBS@
endif
fuzzshark_SOURCES = \
tools/oss-fuzzshark/fuzzshark.c \
tools/oss-fuzzshark/StandaloneFuzzTargetMain.c \
version_info.c
fuzzshark_CPPFLAGS = $(AM_CPPFLAGS) $(GLIB_CFLAGS)
fuzzshark_LDFLAGS = $(AM_LDFLAGS)
fuzzshark_LDADD = \
wiretap/libwiretap.la \
epan/libwireshark.la \
wsutil/libwsutil.la \
@GLIB_LIBS@ \
${EPAN_EXTRA_LIBS}
tshark_SOURCES = \
$(SHARK_COMMON_SRC) \
capture_opts.c \

View File

@ -1781,6 +1781,19 @@ fi
AC_SUBST(tfshark_bin)
AC_SUBST(tfshark_man)
# Enable/disable fuzzshark
AC_ARG_ENABLE(fuzzshark,
AC_HELP_STRING( [--enable-fuzzshark],
[build fuzzshark @<:@default=yes@:>@]),
fuzzshark=$enableval,enable_fuzzshark=yes)
if test "x$enable_fuzzshark" = "xyes" ; then
fuzzshark_bin="fuzzshark\$(EXEEXT)"
else
fuzzshark_bin=""
fi
AC_SUBST(fuzzshark_bin)
dnl Use pcap-ng by default
AC_ARG_ENABLE(pcap-ng-default,
@ -2991,6 +3004,7 @@ echo " Build randpkt : $enable_randpkt"
echo " Build dftest : $enable_dftest"
echo " Build rawshark : $enable_rawshark"
echo " Build sharkd : $enable_sharkd"
echo " Build fuzzshark : $enable_fuzzshark"
echo " Build androiddump : $enable_androiddump"
echo " Build sshdump : $enable_sshdump"
echo " Build ciscodump : $enable_ciscodump"

View File

@ -0,0 +1,141 @@
/* based on http://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/fuzzer/standalone/StandaloneFuzzTargetMain.c r311407 (22 Aug 2017) */
/* http://llvm.org/svn/llvm-project/compiler-rt/trunk/LICENSE.TXT follows */
/*
==============================================================================
compiler_rt License
==============================================================================
The compiler_rt library is dual licensed under both the University of Illinois
"BSD-Like" license and the MIT license. As a user of this code you may choose
to use it under either license. As a contributor, you agree to allow your code
to be used under both.
Full text of the relevant licenses is included below.
==============================================================================
University of Illinois/NCSA
Open Source License
Copyright (c) 2009-2016 by the contributors listed in CREDITS.TXT
All rights reserved.
Developed by:
LLVM Team
University of Illinois at Urbana-Champaign
http://llvm.org
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal with
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
of the Software, and to permit persons to whom the Software is furnished to do
so, subject to the following conditions:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimers.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimers in the
documentation and/or other materials provided with the distribution.
* Neither the names of the LLVM Team, University of Illinois at
Urbana-Champaign, nor the names of its contributors may be used to
endorse or promote products derived from this Software without specific
prior written permission.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE
SOFTWARE.
==============================================================================
Copyright (c) 2009-2015 by the contributors listed in CREDITS.TXT
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
==============================================================================
Copyrights and Licenses for Third Party Software Distributed with LLVM:
==============================================================================
The LLVM software contains code written by third parties. Such software will
have its own individual LICENSE.TXT file in the directory in which it appears.
This file will describe the copyrights, license, and restrictions which apply
to that code.
The disclaimer of warranty in the University of Illinois Open Source License
applies to all code in the LLVM Distribution, and nothing in any of the
other licenses gives permission to use the names of the LLVM Team or the
University of Illinois to endorse or promote products derived from this
Software.
*/
/*===- StandaloneFuzzTargetMain.c - standalone main() for fuzz targets. ---===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
// This main() function can be linked to a fuzz target (i.e. a library
// that exports LLVMFuzzerTestOneInput() and possibly LLVMFuzzerInitialize())
// instead of libFuzzer. This main() function will not perform any fuzzing
// but will simply feed all input files one by one to the fuzz target.
//
// Use this file to provide reproducers for bugs when linking against libFuzzer
// or other fuzzing engine is undesirable.
//===----------------------------------------------------------------------===*/
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <glib.h>
#include <wsutil/file_util.h>
extern int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size);
extern int LLVMFuzzerInitialize(int *argc, char ***argv);
int main(int argc, char **argv) {
fprintf(stderr, "StandaloneFuzzTargetMain: running %d inputs\n", argc - 1);
LLVMFuzzerInitialize(&argc, &argv);
for (int i = 1; i < argc; i++) {
fprintf(stderr, "Running: %s\n", argv[i]);
FILE *f = ws_fopen(argv[i], "r");
assert(f);
fseek(f, 0, SEEK_END);
size_t len = ftell(f);
fseek(f, 0, SEEK_SET);
unsigned char *buf = (unsigned char*)g_malloc(len);
size_t n_read = fread(buf, 1, len, f);
assert(n_read == len);
fclose(f);
LLVMFuzzerTestOneInput(buf, len);
g_free(buf);
fprintf(stderr, "Done: %s: (%zd bytes)\n", argv[i], n_read);
}
}

View File

@ -131,6 +131,33 @@ fuzzshark_epan_new(void)
return epan;
}
static dissector_handle_t
get_dissector_handle(const char *table, const char *target)
{
dissector_handle_t fuzz_handle = NULL;
if (table != NULL && target != NULL)
{
/* search for handle, cannot use dissector_table_get_dissector_handle() cause it's using short-name, and I already used filter name in samples ;/ */
GSList *handle_list = dissector_table_get_dissector_handles(find_dissector_table(table));
while (handle_list)
{
dissector_handle_t handle = (dissector_handle_t) handle_list->data;
const char *handle_filter_name = proto_get_protocol_filter_name(dissector_handle_get_protocol_index(handle));
if (!strcmp(handle_filter_name, target))
fuzz_handle = handle;
handle_list = handle_list->next;
}
}
else if (target != NULL)
{
fuzz_handle = find_dissector(target);
}
return fuzz_handle;
}
static int
fuzz_init(int argc _U_, char **argv)
{
@ -142,12 +169,10 @@ fuzz_init(int argc _U_, char **argv)
e_prefs *prefs_p;
int ret = EXIT_SUCCESS;
#if defined(FUZZ_DISSECTOR_TARGET)
dissector_handle_t fuzz_handle = NULL;
#endif
setenv("WIRESHARK_DEBUG_WMEM_OVERRIDE", "simple", 0);
setenv("G_SLICE", "always-malloc", 0);
g_setenv("WIRESHARK_DEBUG_WMEM_OVERRIDE", "simple", 0);
g_setenv("G_SLICE", "always-malloc", 0);
cmdarg_err_init(failure_warning_message, failure_message_cont);
@ -236,25 +261,17 @@ fuzz_init(int argc _U_, char **argv)
#if defined(FUZZ_DISSECTOR_TABLE) && defined(FUZZ_DISSECTOR_TARGET)
# define FUZZ_EPAN 1
fprintf(stderr, "oss-fuzzshark: configured for dissector: %s in table: %s\n", FUZZ_DISSECTOR_TARGET, FUZZ_DISSECTOR_TABLE);
/* search for handle, cannot use dissector_table_get_dissector_handle() cause it's using short-name, and I already used filter name in samples ;/ */
{
GSList *handle_list = dissector_table_get_dissector_handles(find_dissector_table(FUZZ_DISSECTOR_TABLE));
while (handle_list)
{
dissector_handle_t handle = (dissector_handle_t) handle_list->data;
const char *handle_filter_name = proto_get_protocol_filter_name(dissector_handle_get_protocol_index(handle));
if (!strcmp(handle_filter_name, FUZZ_DISSECTOR_TARGET))
fuzz_handle = handle;
handle_list = handle_list->next;
}
}
fuzz_handle = get_dissector_handle(FUZZ_DISSECTOR_TABLE, FUZZ_DISSECTOR_TARGET);
#elif defined(FUZZ_DISSECTOR_TARGET)
# define FUZZ_EPAN 2
fprintf(stderr, "oss-fuzzshark: configured for dissector: %s\n", FUZZ_DISSECTOR_TARGET);
fuzz_handle = find_dissector(FUZZ_DISSECTOR_TARGET);
fuzz_handle = get_dissector_handle(FUZZ_DISSECTOR_TARGET);
#else
# define FUZZ_EPAN 3
fprintf(stderr, "oss-fuzzshark: target not configured. Using env\n");
fuzz_handle = get_dissector_handle(getenv("FUZZSHARK_TABLE"), getenv("FUZZSHARK_TARGET"));
#endif
#ifdef FUZZ_EPAN