tests: add a fuzzer for dev_kmsg_record

evverx · evverx · commit 8857fb9beb9d · 2018-11-16T08:44:35.000+01:00
diff --git a/src/fuzz/fuzz-journald-kmsg.c b/src/fuzz/fuzz-journald-kmsg.c
@@ -0,0 +1,29 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include "fuzz.h"
+#include "journald-kmsg.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+        Server s = {};
+        _cleanup_free_ char *buffer = NULL;
+
+        if (size == 0)
+                return 0;
+
+        s = (Server) {
+                .native_fd = -1,
+                .stdout_fd = -1,
+                .dev_kmsg_fd = -1,
+                .audit_fd = -1,
+                .hostname_fd = -1,
+                .notify_fd = -1,
+                .storage = STORAGE_NONE,
+        };
+        assert_se(sd_event_default(&s.event) >= 0);
+        buffer = memdup(data, size);
+        assert_se(buffer);
+        dev_kmsg_record(&s, buffer, size);
+        server_done(&s);
+
+        return 0;
+}
diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build
@@ -51,6 +51,11 @@ fuzzers += [
           libshared],
          [libmount]],
 
+        [['src/fuzz/fuzz-journald-kmsg.c'],
+         [libjournal_core,
+          libshared],
+         [libselinux]],
+
         [['src/fuzz/fuzz-journald-native.c',
           'src/fuzz/fuzz-journald.c'],
          [libjournal_core,
diff --git a/src/journal/journald-kmsg.c b/src/journal/journald-kmsg.c
@@ -94,7 +94,7 @@ static bool is_us(const char *identifier, const char *pid) {
                streq(identifier, program_invocation_short_name);
 }
 
-static void dev_kmsg_record(Server *s, char *p, size_t l) {
+void dev_kmsg_record(Server *s, char *p, size_t l) {
 
         _cleanup_free_ char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL, *identifier = NULL, *pid = NULL;
         struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_KERNEL_FIELDS + 2 + N_IOVEC_UDEV_FIELDS];
diff --git a/src/journal/journald-kmsg.h b/src/journal/journald-kmsg.h
@@ -9,3 +9,5 @@ int server_flush_dev_kmsg(Server *s);
 void server_forward_kmsg(Server *s, int priority, const char *identifier, const char *message, const struct ucred *ucred);
 
 int server_open_kernel_seqnum(Server *s);
+
+void dev_kmsg_record(Server *s, char *p, size_t l);
diff --git a/test/fuzz/fuzz-journald-kmsg/basic b/test/fuzz/fuzz-journald-kmsg/basic
@@ -0,0 +1 @@
+29,456,292891883,-;systemd[1]: Reexecuting.
diff --git a/test/fuzz/fuzz-journald-kmsg/dev-null b/test/fuzz/fuzz-journald-kmsg/dev-null
@@ -0,0 +1,2 @@
+12,460,1322026586,-;hey
+ DEVICE=c1:3
diff --git a/test/fuzz/fuzz-journald-kmsg/loopback b/test/fuzz/fuzz-journald-kmsg/loopback
@@ -0,0 +1,2 @@
+12,460,1322026586,-;hey
+ DEVICE=n1
diff --git a/test/fuzz/fuzz-journald-kmsg/subsystem-loopback b/test/fuzz/fuzz-journald-kmsg/subsystem-loopback
@@ -0,0 +1,2 @@
+12,460,1322026586,-;hey
+ DEVICE=+net:lo

Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,7 @@ static bool is_us(const char identifier, const char pid) {`
`94`	`94`	`streq(identifier, program_invocation_short_name);`
`95`	`95`	`}`
`96`	`96`
`97`		`-static void dev_kmsg_record(Server s, char p, size_t l) {`
	`97`	`+void dev_kmsg_record(Server s, char p, size_t l) {`
`98`	`98`
`99`	`99`	`_cleanup_free_ char message = NULL, syslog_priority = NULL, syslog_pid = NULL, syslog_facility = NULL, syslog_identifier = NULL, source_time = NULL, identifier = NULL, pid = NULL;`
`100`	`100`	`struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_KERNEL_FIELDS + 2 + N_IOVEC_UDEV_FIELDS];`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+29,456,292891883,-;systemd[1]: Reexecuting.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+12,460,1322026586,-;hey`
	`2`	`+ DEVICE=c1:3`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+12,460,1322026586,-;hey`
	`2`	`+ DEVICE=n1`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+12,460,1322026586,-;hey`
	`2`	`+ DEVICE=+net:lo`