premiere
/
premiere-libtorrent
2
2
Fork 1
Code Issues Pull Requests Releases Wiki Activity

add fuzzers to the main repository

This commit is contained in:
arvidn 2019-04-06 19:02:31 +02:00 committed by Arvid Norberg
parent 2ccb5d716a
commit 66b0ab9089
32 changed files with 1511 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.travis.yml
View File

@ -13,7 +13,7 @@ matrix:
- python3-pip
- libboost1.58-all-dev
- libboost1.58-tools-dev
- env: variant=test_debug tests=1 toolset=gcc-sanitizer
- env: variant=test_debug tests=1 toolset=gcc-sanitizer fuzzers=1
- env: variant=test_debug sim=1 crypto=openssl toolset=gcc-sanitizer
- env: variant=test_release coverage=1 tests=1 toolset=gcc-coverage python=1
- env: autotools=1 toolset=gcc
@ -222,6 +222,13 @@ script:
fi;
fi'
# build fuzzers with the same build configuration as the test above, to avoid
# rebuilding libtorrent itself.
- cd ../fuzzers
- 'if [ "$fuzzers" == "1" ]; then
bjam -j3 warnings-as-errors=on warnings=all crypto=$crypto debug-iterators=on picker-debugging=on asserts=on invariant-checks=full $toolset variant=$variant sanitize=off fuzz=off link=shared stage;
fi'
- cd ../examples
- 'if [ "$examples" == "1" ]; then
bjam -j3 warnings-as-errors=on warnings=all crypto=$crypto debug-iterators=on picker-debugging=on asserts=on invariant-checks=full $toolset variant=$variant link=shared;

72
fuzzers/Jamfile Normal file
View File

@ -0,0 +1,72 @@
# to fuzz libtorrent, you need a recent version of clang.
# if you have a favourite component to fuzz, you can run that specific binary
# without specifying the "-runs=" argument, it's probably a good idea to seed
# the fuzzing with the included corpus though
import feature : feature ;
use-project /torrent : .. ;
feature fuzz : off external on : composite propagated link-incompatible ;
feature.compose <fuzz>on : <cflags>-fsanitize=fuzzer <linkflags>-fsanitize=fuzzer ;
project fuzzers
: requirements
<export-extra>on
<define>TORRENT_USE_ASSERTS=1
<define>TORRENT_USE_IPV6=1
<define>_SCL_SECURE=1
<define>_GLIBCXX_DEBUG
<cxxflags>-fno-omit-frame-pointer
<linkflags>-fno-omit-frame-pointer
<library>/torrent//torrent/
: default-build
<fuzz>on
<sanitize>on
<link>static
<variant>release
<debug-symbols>on
<debug-iterators>on
<export-extra>on
<asserts>on
<debug-symbols>on
;
local TARGETS ;
rule fuzzer ( name )
{
exe $(name) : src/$(name).cpp : <fuzz>off:<source>main.cpp ;
TARGETS += $(name) ;
}
fuzzer torrent_info ;
fuzzer parse_magnet_uri ;
fuzzer bdecode_node ;
fuzzer lazy_bdecode ;
fuzzer parse_int ;
fuzzer sanitize_path ;
fuzzer escape_path ;
fuzzer file_storage_add_file ;
fuzzer base32decode ;
fuzzer base32encode ;
fuzzer base64encode ;
fuzzer escape_string ;
fuzzer gzip ;
fuzzer verify_encoding ;
fuzzer convert_to_native ;
fuzzer convert_from_native ;
fuzzer utf8_wchar ;
fuzzer wchar_utf8 ;
fuzzer utf8_codepoint ;
fuzzer http_parser ;
fuzzer upnp ;
fuzzer dht_node ;
fuzzer utp ;
fuzzer resume_data ;
install stage : $(TARGETS) : <install-type>EXE <location>fuzzers ;
explicit stage ;

29
fuzzers/LICENSE Normal file
View File

@ -0,0 +1,29 @@
BSD 3-Clause License
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

64
fuzzers/README.rst Normal file
View File

@ -0,0 +1,64 @@
libtorrent fuzzing
==================
Fuzzing of various libtorrent APIs (both internal and external),
inspired by Kostya Serebryany's `cppcon 2017 presentation`_
This project requires:
.. _`cppcon 2017 presentation`: https://www.youtube.com/watch?v=k-Cv8Q3zWNQ&index=36&list=PLHTh1InhhwT6bwIpRk0ZbCA0N2p1taxd6
clang
.....
A very recent version of clang that supports libFuzzer.
clang-5.0 may not be recent enough, you may have to build head from source.
boost-build
...........
Also known as ``b2``. To configure boost build with your fresh clang build,
create a ``~/user-config.jam`` with something like this in it (example for macOS)::
using darwin : 6.0 : ~/Documents/dev/clang/build/bin/clang++ ;
Or on Linux::
using clang ;
corpus
......
The corpus is the set of inputs that has been built by libFuzzer. It's the seed
for testing more mutations. The corpus is not checked into the repository,
before running the fuzzer it is advised to download and unzip the corpus
associated with the latest release on github.
https://github.com/arvidn/libtorrent/releases/download/libtorrent_1_2_0/corpus.zip
Uzip the corpus in the fuzzers directory::
unzip corpus.zip
building
........
To build the fuzzers::
b2 clang stage -j4
The fuzzers binaries are placed in a directory called `fuzzers`.
running
.......
To run the fuzzers, there's a convenience `run.sh` script that launches all
fuzzers in parallel. By default, each fuzzer runs for 48 hours. This can be
adjusted in the `run.sh` script.
contribute
..........
Please consider contributing back any updated corpuses (amended by more seed
inputs) or fuzzers for more APIs in libtorrent.

56
fuzzers/main.cpp Normal file
View File

@ -0,0 +1,56 @@
/*
Copyright (c) 2019, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include <iostream>
#include <cstdint>
#include <vector>
#include <fstream>
extern "C" int LLVMFuzzerTestOneInput(uint8_t const*, size_t);
int main(int const argc, char const** argv)
{
if (argc < 2)
{
std::cout << "usage: " << argv[0] << " test-case-file\n";
return 1;
}
std::fstream f(argv[1], std::ios_base::in | std::ios_base::binary);
f.seekg(0, std::ios_base::end);
auto const s = f.tellg();
f.seekg(0, std::ios_base::beg);
std::vector<std::uint8_t> v(static_cast<std::size_t>(s));
f.read(reinterpret_cast<char*>(v.data()), v.size());
return LLVMFuzzerTestOneInput(v.data(), v.size());
}

33
fuzzers/run.sh Executable file
View File

@ -0,0 +1,33 @@
function run
{
# run for 48 hours
./fuzzers/${1} -max_total_time=172800 -timeout=10 -artifact_prefix=./${1}- corpus/${1}
}
run torrent_info &
run parse_magnet_uri &
run bdecode_node &
run lazy_bdecode &
run parse_int &
run sanitize_path &
run escape_path &
run file_storage_add_file &
run base32decode &
run base32encode &
run base64encode &
run escape_string e&
run gzip &
run verify_encoding &
run convert_to_native &
run convert_from_native &
run utf8_wchar &
run wchar_utf8 &
run utf8_codepoint &
run http_parser &
run upnp &
run dht_node &
run utp &
run resume_data &
wait

40
fuzzers/src/base32decode.cpp Normal file
View File

@ -0,0 +1,40 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::base32decode({reinterpret_cast<char const*>(data), size});
return 0;
}

40
fuzzers/src/base32encode.cpp Normal file
View File

@ -0,0 +1,40 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::base32encode({reinterpret_cast<char const*>(data), size});
return 0;
}

40
fuzzers/src/base64encode.cpp Normal file
View File

@ -0,0 +1,40 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::base64encode({reinterpret_cast<char const*>(data), size});
return 0;
}

48
fuzzers/src/bdecode_node.cpp Normal file
View File

@ -0,0 +1,48 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/bdecode.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::error_code ec;
#if LIBTORRENT_VERSION_NUM >= 10200
lt::bdecode({reinterpret_cast<char const*>(data), int(size)}, ec);
#else
lt::bdecode_node ret;
auto d = reinterpret_cast<char const*>(data);
lt::bdecode(d, d + size, ret, ec);
#endif
return 0;
}

40
fuzzers/src/convert_from_native.cpp Normal file
View File

@ -0,0 +1,40 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::convert_from_native({reinterpret_cast<char const*>(data), size});
return 0;
}

40
fuzzers/src/convert_to_native.cpp Normal file
View File

@ -0,0 +1,40 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::convert_to_native({reinterpret_cast<char const*>(data), size});
return 0;
}

130
fuzzers/src/dht_node.cpp Normal file
View File

@ -0,0 +1,130 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/version.hpp"
#include "libtorrent/kademlia/dht_tracker.hpp"
#include "libtorrent/performance_counters.hpp"
#include "libtorrent/kademlia/dht_observer.hpp"
#include <memory>
using namespace lt;
#if LIBTORRENT_VERSION_NUM >= 10200
dht::dht_settings sett;
dht::dht_state state;
std::unique_ptr<lt::dht::dht_storage_interface> dht_storage(dht::dht_default_storage_constructor(sett));
#else
dht_settings sett;
entry state;
#endif
counters cnt;
struct obs : dht::dht_observer
{
#if LIBTORRENT_VERSION_NUM >= 10200
void set_external_address(lt::aux::listen_socket_handle const&, lt::address const& /* addr */
, lt::address const&) override
{}
int get_listen_port(aux::transport ssl, aux::listen_socket_handle const& s) override
{ return 6881; }
#else
void set_external_address(address const& addr
, address const& source) override {}
#endif
void get_peers(lt::sha1_hash const&) override {}
void outgoing_get_peers(sha1_hash const&
, sha1_hash const&, lt::udp::endpoint const&) override {}
void announce(sha1_hash const&, lt::address const&, int) override {}
#if LIBTORRENT_VERSION_NUM >= 10200
bool on_dht_request(string_view
, dht::msg const&, entry&) override
{ return false; }
#else
bool on_dht_request(char const* query, int query_len
, dht::msg const& request, entry& response) override { return false; }
address external_address() override { return address(); }
#endif
#ifndef TORRENT_DISABLE_LOGGING
void log(dht_logger::module_t, char const*, ...) override {}
#if LIBTORRENT_VERSION_NUM < 10200
void log_packet(message_direction_t dir, char const* pkt, int len
, udp::endpoint node) override {}
#else
bool should_log(module_t) const override { return true; }
void log_packet(message_direction_t
, span<char const>
, lt::udp::endpoint const&) override {}
#endif // LIBTORRENT_VERSION_NUM
#endif // TORRENT_DISABLE_LOGGING
};
obs o;
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10300
io_context ios;
#else
io_service ios;
#endif
#if LIBTORRENT_VERSION_NUM < 10200
rate_limited_udp_socket sock(ios);
#endif
dht::dht_tracker(&o
#if LIBTORRENT_VERSION_NUM >= 10200
, ios
, [](aux::listen_socket_handle const&, udp::endpoint const&
, span<char const>, error_code&, udp_send_flags_t) {}
#else
, sock
#endif
, sett
, cnt
#if LIBTORRENT_VERSION_NUM >= 10200
, *dht_storage
#else
, dht::dht_default_storage_constructor
#endif
, std::move(state));
return 0;
}

45
fuzzers/src/escape_path.cpp Normal file
View File

@ -0,0 +1,45 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10200
lt::escape_path({reinterpret_cast<char const*>(data), size});
#else
lt::escape_path(reinterpret_cast<char const*>(data), size);
#endif
return 0;
}

45
fuzzers/src/escape_string.cpp Normal file
View File

@ -0,0 +1,45 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/aux_/escape_string.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10200
lt::escape_string({reinterpret_cast<char const*>(data), size});
#else
lt::escape_string(reinterpret_cast<char const*>(data), size);
#endif
return 0;
}

41
fuzzers/src/file_storage_add_file.cpp Normal file
View File

@ -0,0 +1,41 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/file_storage.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::file_storage fs;
fs.add_file({reinterpret_cast<char const*>(data), size}, 1);
return 0;
}

49
fuzzers/src/gzip.cpp Normal file
View File

@ -0,0 +1,49 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/gzip.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::error_code ec;
std::vector<char> out;
#if LIBTORRENT_VERSION_NUM >= 10200
lt::inflate_gzip({reinterpret_cast<char const*>(data), int(size)}, out
, 100000, ec);
#else
lt::inflate_gzip(reinterpret_cast<char const*>(data), size, out
, 100000, ec);
#endif
return 0;
}

48
fuzzers/src/http_parser.cpp Normal file
View File

@ -0,0 +1,48 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/http_parser.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::http_parser p;
bool error;
#if LIBTORRENT_VERSION_NUM >= 10200
p.incoming({reinterpret_cast<char const*>(data), int(size)}, error);
#else
p.incoming({reinterpret_cast<char const*>(data)
, reinterpret_cast<char const*>(data) + size}, error);
#endif
return 0;
}

46
fuzzers/src/lazy_bdecode.cpp Normal file
View File

@ -0,0 +1,46 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdint.h>
#include "libtorrent/error_code.hpp"
#include "libtorrent/lazy_entry.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::error_code ec;
lt::lazy_entry ret;
int pos;
lazy_bdecode(reinterpret_cast<char const*>(data), reinterpret_cast<char const*>(data) + size, ret, ec, &pos);
return 0;
}

41
fuzzers/src/parse_int.cpp Normal file
View File

@ -0,0 +1,41 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/bdecode.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::bdecode_errors::error_code_enum ec;
std::int64_t val;
lt::parse_int(reinterpret_cast<char const*>(data), reinterpret_cast<char const*>(data) + size, ':', val, ec);
return 0;
}

46
fuzzers/src/parse_magnet_uri.cpp Normal file
View File

@ -0,0 +1,46 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/magnet_uri.hpp"
#include "libtorrent/add_torrent_params.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::error_code ec;
lt::add_torrent_params params;
lt::parse_magnet_uri({reinterpret_cast<char const*>(data), size}
, params, ec);
return 0;
}

48
fuzzers/src/resume_data.cpp Normal file
View File

@ -0,0 +1,48 @@
/*
Copyright (c) 2018, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include <cstdint>
#include "libtorrent/version.hpp"
#if LIBTORRENT_VERSION_NUM >= 10200
#include "libtorrent/read_resume_data.hpp"
#include "libtorrent/add_torrent_params.hpp"
#endif
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10200
lt::error_code ec;
auto ret = lt::read_resume_data({reinterpret_cast<char const*>(data), int(size)}, ec);
#endif
return 0;
}

46
fuzzers/src/sanitize_path.cpp Normal file
View File

@ -0,0 +1,46 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/torrent_info.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
std::string out;
#if LIBTORRENT_VERSION_NUM >= 10200
lt::sanitize_append_path_element(out, {reinterpret_cast<char const*>(data), size});
#else
lt::sanitize_append_path_element(out, reinterpret_cast<char const*>(data), size);
#endif
return 0;
}

46
fuzzers/src/torrent_info.cpp Normal file
View File

@ -0,0 +1,46 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/torrent_info.hpp"
#include "libtorrent/version.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
lt::error_code ec;
#if LIBTORRENT_VERSION_NUM >= 10200
lt::torrent_info ti({reinterpret_cast<char const*>(data), int(size)}, ec, lt::from_span);
#else
lt::torrent_info ti(reinterpret_cast<char const*>(data), size, ec);
#endif
return 0;
}

56
fuzzers/src/upnp.cpp Normal file
View File

@ -0,0 +1,56 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/upnp.hpp"
#include "libtorrent/xml_parse.hpp"
#include "libtorrent/version.hpp"
#if LIBTORRENT_VERSION_NUM < 10200
#include <boost/bind.hpp>
namespace pl = boost::placeholders;
#endif
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
using namespace std::placeholders;
lt::parse_state s;
#if LIBTORRENT_VERSION_NUM >= 10200
lt::xml_parse({reinterpret_cast<char const*>(data), size}
, std::bind(&lt::find_control_url, _1, _2, std::ref(s)));
#else
lt::xml_parse(reinterpret_cast<char const*>(data), reinterpret_cast<char const*>(data) + size
, boost::bind(&lt::find_control_url, pl::_1, pl::_2, pl::_3, std::ref(s)));
#endif
return 0;
}

45
fuzzers/src/utf8_codepoint.cpp Normal file
View File

@ -0,0 +1,45 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/utf8.hpp"
#include "libtorrent/version.hpp"
#include <cstdint>
extern "C" int LLVMFuzzerTestOneInput(std::uint8_t const* data, size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10200
lt::parse_utf8_codepoint({reinterpret_cast<char const*>(data), size});
#endif
return 0;
}

54
fuzzers/src/utf8_wchar.cpp Normal file
View File

@ -0,0 +1,54 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/config.hpp"
#include "libtorrent/error_code.hpp"
#include "libtorrent/utf8.hpp"
#include "libtorrent/version.hpp"
#include <cstdint>
#if LIBTORRENT_VERSION_NUM < 10200
#include <string>
#endif
extern "C" int LLVMFuzzerTestOneInput(std::uint8_t const* data, std::size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10200
lt::error_code ec;
lt::utf8_wchar({reinterpret_cast<char const*>(data), size}, ec);
#else
std::wstring out;
lt::utf8_wchar({reinterpret_cast<char const*>(data), size}, out);
#endif
return 0;
}

95
fuzzers/src/utp.cpp Normal file
View File

@ -0,0 +1,95 @@
/*
Copyright (c) 2018, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/version.hpp"
#include "libtorrent/utp_socket_manager.hpp"
#include "libtorrent/aux_/session_settings.hpp"
#include "libtorrent/performance_counters.hpp"
#include "libtorrent/utp_stream.hpp"
#include "libtorrent/udp_socket.hpp"
using namespace lt;
#if LIBTORRENT_VERSION_NUM >= 10300
io_context ios;
#else
io_service ios;
#endif
lt::aux::session_settings sett;
counters cnt;
#if LIBTORRENT_VERSION_NUM >= 10200
utp_socket_manager man(
[](std::weak_ptr<utp_socket_interface>, udp::endpoint const&, span<char const>, error_code&, udp_send_flags_t){}
, [](std::shared_ptr<aux::socket_type> const&){}
, ios
, sett
, cnt
, nullptr);
#else
udp_socket sock(ios);
utp_socket_manager man(
sett
, sock
, cnt
, nullptr
, [](boost::shared_ptr<socket_type> const&){}
);
#endif
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
utp_socket_impl* sock = NULL;
{
utp_stream str(ios);
#if LIBTORRENT_VERSION_NUM >= 10200
sock = construct_utp_impl(1, 0, &str, man);
#else
sock = construct_utp_impl(1, 0, &str, &man);
#endif
str.set_impl(sock);
udp::endpoint ep;
time_point ts(seconds(100));
#if LIBTORRENT_VERSION_NUM >= 10200
span<char const> buf(reinterpret_cast<char const*>(data), size);
utp_incoming_packet(sock, buf, ep, ts);
#else
utp_incoming_packet(sock, reinterpret_cast<char const*>(data), size, ep, ts);
#endif
// clear any deferred acks
man.socket_drained();
}
delete_utp_impl(sock);
return 0;
}

41
fuzzers/src/verify_encoding.cpp Normal file
View File

@ -0,0 +1,41 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/torrent_info.hpp"
extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
{
std::string str{reinterpret_cast<char const*>(data), size};
lt::verify_encoding(str);
return 0;
}

54
fuzzers/src/wchar_utf8.cpp Normal file
View File

@ -0,0 +1,54 @@
/*
Copyright (c) 2017, Arvid Norberg
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#include "libtorrent/config.hpp"
#include "libtorrent/error_code.hpp"
#include "libtorrent/utf8.hpp"
#include "libtorrent/version.hpp"
#include <cstdint>
#if LIBTORRENT_VERSION_NUM < 10200
#include <string>
#endif
extern "C" int LLVMFuzzerTestOneInput(std::uint8_t const* data, std::size_t size)
{
#if LIBTORRENT_VERSION_NUM >= 10200
lt::error_code ec;
lt::wchar_utf8(std::wstring{reinterpret_cast<wchar_t const*>(data), size / sizeof(wchar_t)}, ec);
#else
std::string out;
lt::wchar_utf8(std::wstring{reinterpret_cast<wchar_t const*>(data), size / sizeof(wchar_t)}, out);
#endif
return 0;
}

24
fuzzers/tools/unify_corpus_names.py Normal file
View File

@ -0,0 +1,24 @@
import sys
import os
import string
import hashlib
if len(sys.argv) < 2:
print('usage: unify_corpus_names.py <corpus-directory>\n')
sys.exit(1)
root = sys.argv[1]
for name in os.listdir(root):
f = os.path.join(root, name)
# ignore directories
if not os.path.isfile(f):
continue
# if the name already looks like a SHA-1 hash, ignore it
if len(name) == 40 and all(c in string.hexdigits for c in name):
continue
new_name = hashlib.sha1(open(f, 'r').read()).hexdigest()
print('%s -> %s' % (f, new_name))
os.rename(f, os.path.join(root, new_name))

1
tools/clean.py
View File

@ -52,6 +52,7 @@ def clean():
'tools',
'src',
'simulation',
'fuzzers',
os.path.join('src', 'kademlia'),
os.path.join('include', 'libtorrent'),
os.path.join('include', os.path.join('libtorrent', '_aux')),