forked from osmocom/wireshark
Add fuzzshark to cmake/autotools.
Add fuzzshark target to make sure that oss-fuzzshark always build. Change-Id: I802b679c18023daa1475a54bae722b5e90c72a59 Reviewed-on: https://code.wireshark.org/review/24716 Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl> Tested-by: Petri Dish Buildbot Reviewed-by: Gerald Combs <gerald@wireshark.org>
This commit is contained in:
parent
8687fca8a8
commit
038aa2a616
|
@ -79,6 +79,7 @@ dftest
|
||||||
dumpcap
|
dumpcap
|
||||||
editcap
|
editcap
|
||||||
exntest
|
exntest
|
||||||
|
fuzzshark
|
||||||
install-sh
|
install-sh
|
||||||
libtool
|
libtool
|
||||||
libtool.m4
|
libtool.m4
|
||||||
|
|
|
@ -2563,6 +2563,22 @@ if(BUILD_randpkt)
|
||||||
install(TARGETS randpkt RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
|
install(TARGETS randpkt RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
|
if(BUILD_fuzzshark)
|
||||||
|
set(fuzzshark_LIBS
|
||||||
|
${LIBEPAN_LIBS}
|
||||||
|
)
|
||||||
|
set(fuzzshark_FILES
|
||||||
|
tools/oss-fuzzshark/fuzzshark.c
|
||||||
|
tools/oss-fuzzshark/StandaloneFuzzTargetMain.c
|
||||||
|
version_info.c
|
||||||
|
)
|
||||||
|
add_executable(fuzzshark ${fuzzshark_FILES})
|
||||||
|
add_dependencies(fuzzshark version)
|
||||||
|
set_extra_executable_properties(fuzzshark "Executables")
|
||||||
|
target_link_libraries(fuzzshark ${fuzzshark_LIBS})
|
||||||
|
install(TARGETS fuzzshark RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
|
||||||
|
endif()
|
||||||
|
|
||||||
if(BUILD_text2pcap)
|
if(BUILD_text2pcap)
|
||||||
set(text2pcap_LIBS
|
set(text2pcap_LIBS
|
||||||
writecap
|
writecap
|
||||||
|
|
|
@ -23,6 +23,7 @@ option(BUILD_ciscodump "Build ciscodump" ON)
|
||||||
option(BUILD_randpktdump "Build randpktdump" ON)
|
option(BUILD_randpktdump "Build randpktdump" ON)
|
||||||
option(BUILD_udpdump "Build udpdump" ON)
|
option(BUILD_udpdump "Build udpdump" ON)
|
||||||
option(BUILD_sharkd "Build sharkd" ON)
|
option(BUILD_sharkd "Build sharkd" ON)
|
||||||
|
option(BUILD_fuzzshark "Build fuzzshark" ON)
|
||||||
|
|
||||||
option(DISABLE_WERROR "Do not treat warnings as errors" OFF)
|
option(DISABLE_WERROR "Do not treat warnings as errors" OFF)
|
||||||
option(DISABLE_FRAME_LARGER_THAN_WARNING "Disable warning if the size of a function frame is large" OFF)
|
option(DISABLE_FRAME_LARGER_THAN_WARNING "Disable warning if the size of a function frame is large" OFF)
|
||||||
|
|
21
Makefile.am
21
Makefile.am
|
@ -45,11 +45,12 @@ bin_PROGRAMS = \
|
||||||
@dumpcap_bin@ \
|
@dumpcap_bin@ \
|
||||||
@reordercap_bin@ \
|
@reordercap_bin@ \
|
||||||
@rawshark_bin@ \
|
@rawshark_bin@ \
|
||||||
@sharkd_bin@
|
@sharkd_bin@ \
|
||||||
|
@fuzzshark_bin@
|
||||||
|
|
||||||
EXTRA_PROGRAMS = wireshark-gtk wireshark tshark tfshark capinfos captype \
|
EXTRA_PROGRAMS = wireshark-gtk wireshark tshark tfshark capinfos captype \
|
||||||
editcap mergecap dftest randpkt text2pcap dumpcap reordercap \
|
editcap mergecap dftest randpkt text2pcap dumpcap reordercap \
|
||||||
rawshark sharkd
|
rawshark sharkd fuzzshark
|
||||||
|
|
||||||
#
|
#
|
||||||
# Wireshark configuration files are put in $(pkgdatadir).
|
# Wireshark configuration files are put in $(pkgdatadir).
|
||||||
|
@ -453,6 +454,22 @@ wireshark_gtk_LDADD = \
|
||||||
@PORTAUDIO_LIBS@
|
@PORTAUDIO_LIBS@
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
fuzzshark_SOURCES = \
|
||||||
|
tools/oss-fuzzshark/fuzzshark.c \
|
||||||
|
tools/oss-fuzzshark/StandaloneFuzzTargetMain.c \
|
||||||
|
version_info.c
|
||||||
|
|
||||||
|
fuzzshark_CPPFLAGS = $(AM_CPPFLAGS) $(GLIB_CFLAGS)
|
||||||
|
|
||||||
|
fuzzshark_LDFLAGS = $(AM_LDFLAGS)
|
||||||
|
|
||||||
|
fuzzshark_LDADD = \
|
||||||
|
wiretap/libwiretap.la \
|
||||||
|
epan/libwireshark.la \
|
||||||
|
wsutil/libwsutil.la \
|
||||||
|
@GLIB_LIBS@ \
|
||||||
|
${EPAN_EXTRA_LIBS}
|
||||||
|
|
||||||
tshark_SOURCES = \
|
tshark_SOURCES = \
|
||||||
$(SHARK_COMMON_SRC) \
|
$(SHARK_COMMON_SRC) \
|
||||||
capture_opts.c \
|
capture_opts.c \
|
||||||
|
|
14
configure.ac
14
configure.ac
|
@ -1781,6 +1781,19 @@ fi
|
||||||
AC_SUBST(tfshark_bin)
|
AC_SUBST(tfshark_bin)
|
||||||
AC_SUBST(tfshark_man)
|
AC_SUBST(tfshark_man)
|
||||||
|
|
||||||
|
# Enable/disable fuzzshark
|
||||||
|
AC_ARG_ENABLE(fuzzshark,
|
||||||
|
AC_HELP_STRING( [--enable-fuzzshark],
|
||||||
|
[build fuzzshark @<:@default=yes@:>@]),
|
||||||
|
fuzzshark=$enableval,enable_fuzzshark=yes)
|
||||||
|
|
||||||
|
if test "x$enable_fuzzshark" = "xyes" ; then
|
||||||
|
fuzzshark_bin="fuzzshark\$(EXEEXT)"
|
||||||
|
else
|
||||||
|
fuzzshark_bin=""
|
||||||
|
fi
|
||||||
|
AC_SUBST(fuzzshark_bin)
|
||||||
|
|
||||||
|
|
||||||
dnl Use pcap-ng by default
|
dnl Use pcap-ng by default
|
||||||
AC_ARG_ENABLE(pcap-ng-default,
|
AC_ARG_ENABLE(pcap-ng-default,
|
||||||
|
@ -2991,6 +3004,7 @@ echo " Build randpkt : $enable_randpkt"
|
||||||
echo " Build dftest : $enable_dftest"
|
echo " Build dftest : $enable_dftest"
|
||||||
echo " Build rawshark : $enable_rawshark"
|
echo " Build rawshark : $enable_rawshark"
|
||||||
echo " Build sharkd : $enable_sharkd"
|
echo " Build sharkd : $enable_sharkd"
|
||||||
|
echo " Build fuzzshark : $enable_fuzzshark"
|
||||||
echo " Build androiddump : $enable_androiddump"
|
echo " Build androiddump : $enable_androiddump"
|
||||||
echo " Build sshdump : $enable_sshdump"
|
echo " Build sshdump : $enable_sshdump"
|
||||||
echo " Build ciscodump : $enable_ciscodump"
|
echo " Build ciscodump : $enable_ciscodump"
|
||||||
|
|
|
@ -0,0 +1,141 @@
|
||||||
|
/* based on http://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/fuzzer/standalone/StandaloneFuzzTargetMain.c r311407 (22 Aug 2017) */
|
||||||
|
|
||||||
|
/* http://llvm.org/svn/llvm-project/compiler-rt/trunk/LICENSE.TXT follows */
|
||||||
|
|
||||||
|
/*
|
||||||
|
==============================================================================
|
||||||
|
compiler_rt License
|
||||||
|
==============================================================================
|
||||||
|
|
||||||
|
The compiler_rt library is dual licensed under both the University of Illinois
|
||||||
|
"BSD-Like" license and the MIT license. As a user of this code you may choose
|
||||||
|
to use it under either license. As a contributor, you agree to allow your code
|
||||||
|
to be used under both.
|
||||||
|
|
||||||
|
Full text of the relevant licenses is included below.
|
||||||
|
|
||||||
|
==============================================================================
|
||||||
|
|
||||||
|
University of Illinois/NCSA
|
||||||
|
Open Source License
|
||||||
|
|
||||||
|
Copyright (c) 2009-2016 by the contributors listed in CREDITS.TXT
|
||||||
|
|
||||||
|
All rights reserved.
|
||||||
|
|
||||||
|
Developed by:
|
||||||
|
|
||||||
|
LLVM Team
|
||||||
|
|
||||||
|
University of Illinois at Urbana-Champaign
|
||||||
|
|
||||||
|
http://llvm.org
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||||
|
this software and associated documentation files (the "Software"), to deal with
|
||||||
|
the Software without restriction, including without limitation the rights to
|
||||||
|
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
|
||||||
|
of the Software, and to permit persons to whom the Software is furnished to do
|
||||||
|
so, subject to the following conditions:
|
||||||
|
|
||||||
|
* Redistributions of source code must retain the above copyright notice,
|
||||||
|
this list of conditions and the following disclaimers.
|
||||||
|
|
||||||
|
* Redistributions in binary form must reproduce the above copyright notice,
|
||||||
|
this list of conditions and the following disclaimers in the
|
||||||
|
documentation and/or other materials provided with the distribution.
|
||||||
|
|
||||||
|
* Neither the names of the LLVM Team, University of Illinois at
|
||||||
|
Urbana-Champaign, nor the names of its contributors may be used to
|
||||||
|
endorse or promote products derived from this Software without specific
|
||||||
|
prior written permission.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||||
|
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE
|
||||||
|
SOFTWARE.
|
||||||
|
|
||||||
|
==============================================================================
|
||||||
|
|
||||||
|
Copyright (c) 2009-2015 by the contributors listed in CREDITS.TXT
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
in the Software without restriction, including without limitation the rights
|
||||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
copies of the Software, and to permit persons to whom the Software is
|
||||||
|
furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in
|
||||||
|
all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
THE SOFTWARE.
|
||||||
|
|
||||||
|
==============================================================================
|
||||||
|
Copyrights and Licenses for Third Party Software Distributed with LLVM:
|
||||||
|
==============================================================================
|
||||||
|
The LLVM software contains code written by third parties. Such software will
|
||||||
|
have its own individual LICENSE.TXT file in the directory in which it appears.
|
||||||
|
This file will describe the copyrights, license, and restrictions which apply
|
||||||
|
to that code.
|
||||||
|
|
||||||
|
The disclaimer of warranty in the University of Illinois Open Source License
|
||||||
|
applies to all code in the LLVM Distribution, and nothing in any of the
|
||||||
|
other licenses gives permission to use the names of the LLVM Team or the
|
||||||
|
University of Illinois to endorse or promote products derived from this
|
||||||
|
Software.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*===- StandaloneFuzzTargetMain.c - standalone main() for fuzz targets. ---===//
|
||||||
|
//
|
||||||
|
// The LLVM Compiler Infrastructure
|
||||||
|
//
|
||||||
|
// This file is distributed under the University of Illinois Open Source
|
||||||
|
// License. See LICENSE.TXT for details.
|
||||||
|
//
|
||||||
|
//===----------------------------------------------------------------------===//
|
||||||
|
// This main() function can be linked to a fuzz target (i.e. a library
|
||||||
|
// that exports LLVMFuzzerTestOneInput() and possibly LLVMFuzzerInitialize())
|
||||||
|
// instead of libFuzzer. This main() function will not perform any fuzzing
|
||||||
|
// but will simply feed all input files one by one to the fuzz target.
|
||||||
|
//
|
||||||
|
// Use this file to provide reproducers for bugs when linking against libFuzzer
|
||||||
|
// or other fuzzing engine is undesirable.
|
||||||
|
//===----------------------------------------------------------------------===*/
|
||||||
|
#include <assert.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
#include <glib.h>
|
||||||
|
#include <wsutil/file_util.h>
|
||||||
|
|
||||||
|
extern int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size);
|
||||||
|
extern int LLVMFuzzerInitialize(int *argc, char ***argv);
|
||||||
|
int main(int argc, char **argv) {
|
||||||
|
fprintf(stderr, "StandaloneFuzzTargetMain: running %d inputs\n", argc - 1);
|
||||||
|
LLVMFuzzerInitialize(&argc, &argv);
|
||||||
|
for (int i = 1; i < argc; i++) {
|
||||||
|
fprintf(stderr, "Running: %s\n", argv[i]);
|
||||||
|
FILE *f = ws_fopen(argv[i], "r");
|
||||||
|
assert(f);
|
||||||
|
fseek(f, 0, SEEK_END);
|
||||||
|
size_t len = ftell(f);
|
||||||
|
fseek(f, 0, SEEK_SET);
|
||||||
|
unsigned char *buf = (unsigned char*)g_malloc(len);
|
||||||
|
size_t n_read = fread(buf, 1, len, f);
|
||||||
|
assert(n_read == len);
|
||||||
|
fclose(f);
|
||||||
|
LLVMFuzzerTestOneInput(buf, len);
|
||||||
|
g_free(buf);
|
||||||
|
fprintf(stderr, "Done: %s: (%zd bytes)\n", argv[i], n_read);
|
||||||
|
}
|
||||||
|
}
|
|
@ -131,6 +131,33 @@ fuzzshark_epan_new(void)
|
||||||
return epan;
|
return epan;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static dissector_handle_t
|
||||||
|
get_dissector_handle(const char *table, const char *target)
|
||||||
|
{
|
||||||
|
dissector_handle_t fuzz_handle = NULL;
|
||||||
|
|
||||||
|
if (table != NULL && target != NULL)
|
||||||
|
{
|
||||||
|
/* search for handle, cannot use dissector_table_get_dissector_handle() cause it's using short-name, and I already used filter name in samples ;/ */
|
||||||
|
GSList *handle_list = dissector_table_get_dissector_handles(find_dissector_table(table));
|
||||||
|
while (handle_list)
|
||||||
|
{
|
||||||
|
dissector_handle_t handle = (dissector_handle_t) handle_list->data;
|
||||||
|
const char *handle_filter_name = proto_get_protocol_filter_name(dissector_handle_get_protocol_index(handle));
|
||||||
|
|
||||||
|
if (!strcmp(handle_filter_name, target))
|
||||||
|
fuzz_handle = handle;
|
||||||
|
handle_list = handle_list->next;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (target != NULL)
|
||||||
|
{
|
||||||
|
fuzz_handle = find_dissector(target);
|
||||||
|
}
|
||||||
|
|
||||||
|
return fuzz_handle;
|
||||||
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
fuzz_init(int argc _U_, char **argv)
|
fuzz_init(int argc _U_, char **argv)
|
||||||
{
|
{
|
||||||
|
@ -142,12 +169,10 @@ fuzz_init(int argc _U_, char **argv)
|
||||||
e_prefs *prefs_p;
|
e_prefs *prefs_p;
|
||||||
int ret = EXIT_SUCCESS;
|
int ret = EXIT_SUCCESS;
|
||||||
|
|
||||||
#if defined(FUZZ_DISSECTOR_TARGET)
|
|
||||||
dissector_handle_t fuzz_handle = NULL;
|
dissector_handle_t fuzz_handle = NULL;
|
||||||
#endif
|
|
||||||
|
|
||||||
setenv("WIRESHARK_DEBUG_WMEM_OVERRIDE", "simple", 0);
|
g_setenv("WIRESHARK_DEBUG_WMEM_OVERRIDE", "simple", 0);
|
||||||
setenv("G_SLICE", "always-malloc", 0);
|
g_setenv("G_SLICE", "always-malloc", 0);
|
||||||
|
|
||||||
cmdarg_err_init(failure_warning_message, failure_message_cont);
|
cmdarg_err_init(failure_warning_message, failure_message_cont);
|
||||||
|
|
||||||
|
@ -236,25 +261,17 @@ fuzz_init(int argc _U_, char **argv)
|
||||||
#if defined(FUZZ_DISSECTOR_TABLE) && defined(FUZZ_DISSECTOR_TARGET)
|
#if defined(FUZZ_DISSECTOR_TABLE) && defined(FUZZ_DISSECTOR_TARGET)
|
||||||
# define FUZZ_EPAN 1
|
# define FUZZ_EPAN 1
|
||||||
fprintf(stderr, "oss-fuzzshark: configured for dissector: %s in table: %s\n", FUZZ_DISSECTOR_TARGET, FUZZ_DISSECTOR_TABLE);
|
fprintf(stderr, "oss-fuzzshark: configured for dissector: %s in table: %s\n", FUZZ_DISSECTOR_TARGET, FUZZ_DISSECTOR_TABLE);
|
||||||
|
fuzz_handle = get_dissector_handle(FUZZ_DISSECTOR_TABLE, FUZZ_DISSECTOR_TARGET);
|
||||||
/* search for handle, cannot use dissector_table_get_dissector_handle() cause it's using short-name, and I already used filter name in samples ;/ */
|
|
||||||
{
|
|
||||||
GSList *handle_list = dissector_table_get_dissector_handles(find_dissector_table(FUZZ_DISSECTOR_TABLE));
|
|
||||||
while (handle_list)
|
|
||||||
{
|
|
||||||
dissector_handle_t handle = (dissector_handle_t) handle_list->data;
|
|
||||||
const char *handle_filter_name = proto_get_protocol_filter_name(dissector_handle_get_protocol_index(handle));
|
|
||||||
|
|
||||||
if (!strcmp(handle_filter_name, FUZZ_DISSECTOR_TARGET))
|
|
||||||
fuzz_handle = handle;
|
|
||||||
handle_list = handle_list->next;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#elif defined(FUZZ_DISSECTOR_TARGET)
|
#elif defined(FUZZ_DISSECTOR_TARGET)
|
||||||
# define FUZZ_EPAN 2
|
# define FUZZ_EPAN 2
|
||||||
fprintf(stderr, "oss-fuzzshark: configured for dissector: %s\n", FUZZ_DISSECTOR_TARGET);
|
fprintf(stderr, "oss-fuzzshark: configured for dissector: %s\n", FUZZ_DISSECTOR_TARGET);
|
||||||
fuzz_handle = find_dissector(FUZZ_DISSECTOR_TARGET);
|
fuzz_handle = get_dissector_handle(FUZZ_DISSECTOR_TARGET);
|
||||||
|
|
||||||
|
#else
|
||||||
|
# define FUZZ_EPAN 3
|
||||||
|
fprintf(stderr, "oss-fuzzshark: target not configured. Using env\n");
|
||||||
|
fuzz_handle = get_dissector_handle(getenv("FUZZSHARK_TABLE"), getenv("FUZZSHARK_TARGET"));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef FUZZ_EPAN
|
#ifdef FUZZ_EPAN
|
||||||
|
|
Loading…
Reference in New Issue