diff options
author | Robert Swiecki <robert@swiecki.net> | 2018-01-13 14:03:39 +0100 |
---|---|---|
committer | Robert Swiecki <robert@swiecki.net> | 2018-01-13 14:03:39 +0100 |
commit | 0f2c30afccb75ec6a5c29131184c2b672cd5b95d (patch) | |
tree | 0cafbfdfaf1cb18663c3446db23377ac81e6fb17 /input.c | |
parent | 43775f95d9e6b8c46c52e0454b8721d023b9236b (diff) | |
download | honggfuzz-0f2c30afccb75ec6a5c29131184c2b672cd5b95d.tar.gz |
move input preparation from mangle to input
Diffstat (limited to 'input.c')
-rw-r--r-- | input.c | 122 |
1 files changed, 122 insertions, 0 deletions
@@ -39,6 +39,8 @@ #include "libhfcommon/common.h" #include "libhfcommon/files.h" +#include "mangle.h" +#include "subproc.h" #if defined(_HF_ARCH_LINUX) #include <sys/syscall.h> @@ -50,6 +52,19 @@ #include "libhfcommon/log.h" #include "libhfcommon/util.h" +void input_setSize(run_t* run, size_t sz) { + if (sz > run->global->maxFileSz) { + PLOG_F("Too large size requested: %zu > maxSize: %zu", sz, run->global->maxFileSz); + } + if (ftruncate(run->dynamicFileFd, sz) == -1) { + PLOG_F("ftruncate(fd=%d, size=%zu)", run->dynamicFileFd, sz); + } + if (lseek(run->dynamicFileFd, (off_t)0, SEEK_SET) == (off_t)-1) { + PLOG_F("lseek(fd=%d, 0, SEEK_SET)", run->dynamicFileFd); + } + run->dynamicFileSz = sz; +} + static bool input_getDirStatsAndRewind(honggfuzz_t* hfuzz) { rewinddir(hfuzz->io.inputDirPtr); @@ -291,3 +306,110 @@ bool input_parseBlacklist(honggfuzz_t* hfuzz) { } return true; } + +static bool input_checkSizeNRewind(run_t* run) { + struct stat st; + if (fstat(run->dynamicFileFd, &st) == -1) { + PLOG_E("fstat(fd=%d)", run->dynamicFileFd); + return false; + } + if ((size_t)st.st_size > run->global->maxFileSz) { + LOG_W("External tool created too large of a file, '%zu', truncating it to '%zu'", + (size_t)st.st_size, run->global->maxFileSz); + input_setSize(run, run->global->maxFileSz); + } else { + input_setSize(run, (size_t)st.st_size); + } + return true; +} + +bool input_prepareDynamicInput(run_t* run) { + run->origFileName = "[DYNAMIC]"; + + { + MX_SCOPED_RWLOCK_READ(&run->global->dynfileq_mutex); + + if (run->global->dynfileqCnt == 0) { + LOG_F( + "The dynamic file corpus is empty. Apparently, the initial fuzzing of the " + "provided file corpus (-f) has not produced any follow-up files with positive " + "coverage and/or CPU counters"); + } + + if (run->dynfileqCurrent == NULL) { + run->dynfileqCurrent = TAILQ_FIRST(&run->global->dynfileq); + } else { + if (run->dynfileqCurrent == TAILQ_LAST(&run->global->dynfileq, dyns_t)) { + run->dynfileqCurrent = TAILQ_FIRST(&run->global->dynfileq); + } else { + run->dynfileqCurrent = TAILQ_NEXT(run->dynfileqCurrent, pointers); + } + } + } + + input_setSize(run, run->dynfileqCurrent->size); + memcpy(run->dynamicFile, run->dynfileqCurrent->data, run->dynfileqCurrent->size); + mangle_mangleContent(run); + + return true; +} + +bool input_prepareStaticFile(run_t* run, bool rewind) { + input_setSize(run, run->global->maxFileSz); + + static __thread char fname[PATH_MAX]; + if (input_getNext(run, fname, /* rewind= */ rewind) == false) { + return false; + } + run->origFileName = files_basename(fname); + + ssize_t fileSz = files_readFileToBufMax(fname, run->dynamicFile, run->global->maxFileSz); + if (fileSz < 0) { + LOG_E("Couldn't read contents of '%s'", fname); + return false; + } + + input_setSize(run, fileSz); + mangle_mangleContent(run); + + return true; +} + +bool input_prepareExternalFile(run_t* run) { + input_setSize(run, (size_t)0); + run->origFileName = "[EXTERNAL]"; + + char fname[PATH_MAX]; + snprintf(fname, sizeof(fname), "/dev/fd/%d", run->dynamicFileFd); + + const char* const argv[] = {run->global->exe.externalCommand, fname, NULL}; + if (subproc_System(run, argv) != 0) { + LOG_E("Subprocess '%s' returned abnormally", run->global->exe.externalCommand); + return false; + } + LOG_D("Subporcess '%s' finished with success", run->global->exe.externalCommand); + + if (!input_checkSizeNRewind(run)) { + return false; + } + + return true; +} + +bool input_postProcessFile(run_t* run) { + char fname[PATH_MAX]; + snprintf(fname, sizeof(fname), "/dev/fd/%d", run->dynamicFileFd); + + const char* const argv[] = {run->global->exe.postExternalCommand, fname, NULL}; + if (subproc_System(run, argv) != 0) { + LOG_E("Subprocess '%s' returned abnormally", run->global->exe.postExternalCommand); + return false; + } + LOG_D("Subporcess '%s' finished with success", run->global->exe.externalCommand); + + if (!input_checkSizeNRewind(run)) { + return false; + } + + return true; +} |