From 66b0ab908965a8a19d9882a9748ffe4c037e7f52 Mon Sep 17 00:00:00 2001 From: arvidn Date: Sat, 6 Apr 2019 19:02:31 +0200 Subject: [PATCH] add fuzzers to the main repository --- .travis.yml | 9 +- fuzzers/Jamfile | 72 ++++++++++++++ fuzzers/LICENSE | 29 ++++++ fuzzers/README.rst | 64 +++++++++++++ fuzzers/main.cpp | 56 +++++++++++ fuzzers/run.sh | 33 +++++++ fuzzers/src/base32decode.cpp | 40 ++++++++ fuzzers/src/base32encode.cpp | 40 ++++++++ fuzzers/src/base64encode.cpp | 40 ++++++++ fuzzers/src/bdecode_node.cpp | 48 ++++++++++ fuzzers/src/convert_from_native.cpp | 40 ++++++++ fuzzers/src/convert_to_native.cpp | 40 ++++++++ fuzzers/src/dht_node.cpp | 130 ++++++++++++++++++++++++++ fuzzers/src/escape_path.cpp | 45 +++++++++ fuzzers/src/escape_string.cpp | 45 +++++++++ fuzzers/src/file_storage_add_file.cpp | 41 ++++++++ fuzzers/src/gzip.cpp | 49 ++++++++++ fuzzers/src/http_parser.cpp | 48 ++++++++++ fuzzers/src/lazy_bdecode.cpp | 46 +++++++++ fuzzers/src/parse_int.cpp | 41 ++++++++ fuzzers/src/parse_magnet_uri.cpp | 46 +++++++++ fuzzers/src/resume_data.cpp | 48 ++++++++++ fuzzers/src/sanitize_path.cpp | 46 +++++++++ fuzzers/src/torrent_info.cpp | 46 +++++++++ fuzzers/src/upnp.cpp | 56 +++++++++++ fuzzers/src/utf8_codepoint.cpp | 45 +++++++++ fuzzers/src/utf8_wchar.cpp | 54 +++++++++++ fuzzers/src/utp.cpp | 95 +++++++++++++++++++ fuzzers/src/verify_encoding.cpp | 41 ++++++++ fuzzers/src/wchar_utf8.cpp | 54 +++++++++++ fuzzers/tools/unify_corpus_names.py | 24 +++++ tools/clean.py | 1 + 32 files changed, 1511 insertions(+), 1 deletion(-) create mode 100644 fuzzers/Jamfile create mode 100644 fuzzers/LICENSE create mode 100644 fuzzers/README.rst create mode 100644 fuzzers/main.cpp create mode 100755 fuzzers/run.sh create mode 100644 fuzzers/src/base32decode.cpp create mode 100644 fuzzers/src/base32encode.cpp create mode 100644 fuzzers/src/base64encode.cpp create mode 100644 fuzzers/src/bdecode_node.cpp create mode 100644 fuzzers/src/convert_from_native.cpp create mode 100644 fuzzers/src/convert_to_native.cpp create mode 100644 fuzzers/src/dht_node.cpp create mode 100644 fuzzers/src/escape_path.cpp create mode 100644 fuzzers/src/escape_string.cpp create mode 100644 fuzzers/src/file_storage_add_file.cpp create mode 100644 fuzzers/src/gzip.cpp create mode 100644 fuzzers/src/http_parser.cpp create mode 100644 fuzzers/src/lazy_bdecode.cpp create mode 100644 fuzzers/src/parse_int.cpp create mode 100644 fuzzers/src/parse_magnet_uri.cpp create mode 100644 fuzzers/src/resume_data.cpp create mode 100644 fuzzers/src/sanitize_path.cpp create mode 100644 fuzzers/src/torrent_info.cpp create mode 100644 fuzzers/src/upnp.cpp create mode 100644 fuzzers/src/utf8_codepoint.cpp create mode 100644 fuzzers/src/utf8_wchar.cpp create mode 100644 fuzzers/src/utp.cpp create mode 100644 fuzzers/src/verify_encoding.cpp create mode 100644 fuzzers/src/wchar_utf8.cpp create mode 100644 fuzzers/tools/unify_corpus_names.py diff --git a/.travis.yml b/.travis.yml index 1a405004b..bcee61d65 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,7 +13,7 @@ matrix: - python3-pip - libboost1.58-all-dev - libboost1.58-tools-dev - - env: variant=test_debug tests=1 toolset=gcc-sanitizer + - env: variant=test_debug tests=1 toolset=gcc-sanitizer fuzzers=1 - env: variant=test_debug sim=1 crypto=openssl toolset=gcc-sanitizer - env: variant=test_release coverage=1 tests=1 toolset=gcc-coverage python=1 - env: autotools=1 toolset=gcc @@ -222,6 +222,13 @@ script: fi; fi' + # build fuzzers with the same build configuration as the test above, to avoid + # rebuilding libtorrent itself. + - cd ../fuzzers + - 'if [ "$fuzzers" == "1" ]; then + bjam -j3 warnings-as-errors=on warnings=all crypto=$crypto debug-iterators=on picker-debugging=on asserts=on invariant-checks=full $toolset variant=$variant sanitize=off fuzz=off link=shared stage; + fi' + - cd ../examples - 'if [ "$examples" == "1" ]; then bjam -j3 warnings-as-errors=on warnings=all crypto=$crypto debug-iterators=on picker-debugging=on asserts=on invariant-checks=full $toolset variant=$variant link=shared; diff --git a/fuzzers/Jamfile b/fuzzers/Jamfile new file mode 100644 index 000000000..402743e64 --- /dev/null +++ b/fuzzers/Jamfile @@ -0,0 +1,72 @@ +# to fuzz libtorrent, you need a recent version of clang. + +# if you have a favourite component to fuzz, you can run that specific binary +# without specifying the "-runs=" argument, it's probably a good idea to seed +# the fuzzing with the included corpus though + +import feature : feature ; + +use-project /torrent : .. ; + +feature fuzz : off external on : composite propagated link-incompatible ; +feature.compose on : -fsanitize=fuzzer -fsanitize=fuzzer ; + +project fuzzers + : requirements + on + TORRENT_USE_ASSERTS=1 + TORRENT_USE_IPV6=1 + _SCL_SECURE=1 + _GLIBCXX_DEBUG + -fno-omit-frame-pointer + -fno-omit-frame-pointer + /torrent//torrent/ + : default-build + on + on + static + release + on + on + on + on + on + ; + +local TARGETS ; + +rule fuzzer ( name ) +{ + exe $(name) : src/$(name).cpp : off:main.cpp ; + TARGETS += $(name) ; +} + +fuzzer torrent_info ; +fuzzer parse_magnet_uri ; +fuzzer bdecode_node ; +fuzzer lazy_bdecode ; +fuzzer parse_int ; +fuzzer sanitize_path ; +fuzzer escape_path ; +fuzzer file_storage_add_file ; +fuzzer base32decode ; +fuzzer base32encode ; +fuzzer base64encode ; +fuzzer escape_string ; +fuzzer gzip ; +fuzzer verify_encoding ; +fuzzer convert_to_native ; +fuzzer convert_from_native ; +fuzzer utf8_wchar ; +fuzzer wchar_utf8 ; +fuzzer utf8_codepoint ; +fuzzer http_parser ; +fuzzer upnp ; +fuzzer dht_node ; +fuzzer utp ; +fuzzer resume_data ; + +install stage : $(TARGETS) : EXE fuzzers ; + +explicit stage ; + diff --git a/fuzzers/LICENSE b/fuzzers/LICENSE new file mode 100644 index 000000000..8778d7cec --- /dev/null +++ b/fuzzers/LICENSE @@ -0,0 +1,29 @@ +BSD 3-Clause License + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/fuzzers/README.rst b/fuzzers/README.rst new file mode 100644 index 000000000..bbda97143 --- /dev/null +++ b/fuzzers/README.rst @@ -0,0 +1,64 @@ +libtorrent fuzzing +================== + +Fuzzing of various libtorrent APIs (both internal and external), +inspired by Kostya Serebryany's `cppcon 2017 presentation`_ + +This project requires: + +.. _`cppcon 2017 presentation`: https://www.youtube.com/watch?v=k-Cv8Q3zWNQ&index=36&list=PLHTh1InhhwT6bwIpRk0ZbCA0N2p1taxd6 + +clang +..... + +A very recent version of clang that supports libFuzzer. +clang-5.0 may not be recent enough, you may have to build head from source. + +boost-build +........... + +Also known as ``b2``. To configure boost build with your fresh clang build, +create a ``~/user-config.jam`` with something like this in it (example for macOS):: + + using darwin : 6.0 : ~/Documents/dev/clang/build/bin/clang++ ; + +Or on Linux:: + + using clang ; + +corpus +...... + +The corpus is the set of inputs that has been built by libFuzzer. It's the seed +for testing more mutations. The corpus is not checked into the repository, +before running the fuzzer it is advised to download and unzip the corpus +associated with the latest release on github. + + https://github.com/arvidn/libtorrent/releases/download/libtorrent_1_2_0/corpus.zip + +Uzip the corpus in the fuzzers directory:: + + unzip corpus.zip + +building +........ + +To build the fuzzers:: + + b2 clang stage -j4 + +The fuzzers binaries are placed in a directory called `fuzzers`. + +running +....... + +To run the fuzzers, there's a convenience `run.sh` script that launches all +fuzzers in parallel. By default, each fuzzer runs for 48 hours. This can be +adjusted in the `run.sh` script. + +contribute +.......... + +Please consider contributing back any updated corpuses (amended by more seed +inputs) or fuzzers for more APIs in libtorrent. + diff --git a/fuzzers/main.cpp b/fuzzers/main.cpp new file mode 100644 index 000000000..1d5d33475 --- /dev/null +++ b/fuzzers/main.cpp @@ -0,0 +1,56 @@ +/* + +Copyright (c) 2019, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ +#include +#include +#include +#include + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const*, size_t); + +int main(int const argc, char const** argv) +{ + if (argc < 2) + { + std::cout << "usage: " << argv[0] << " test-case-file\n"; + return 1; + } + + std::fstream f(argv[1], std::ios_base::in | std::ios_base::binary); + f.seekg(0, std::ios_base::end); + auto const s = f.tellg(); + f.seekg(0, std::ios_base::beg); + std::vector v(static_cast(s)); + f.read(reinterpret_cast(v.data()), v.size()); + + return LLVMFuzzerTestOneInput(v.data(), v.size()); +} + diff --git a/fuzzers/run.sh b/fuzzers/run.sh new file mode 100755 index 000000000..e966ffcfd --- /dev/null +++ b/fuzzers/run.sh @@ -0,0 +1,33 @@ + +function run +{ +# run for 48 hours +./fuzzers/${1} -max_total_time=172800 -timeout=10 -artifact_prefix=./${1}- corpus/${1} +} + +run torrent_info & +run parse_magnet_uri & +run bdecode_node & +run lazy_bdecode & +run parse_int & +run sanitize_path & +run escape_path & +run file_storage_add_file & +run base32decode & +run base32encode & +run base64encode & +run escape_string e& +run gzip & +run verify_encoding & +run convert_to_native & +run convert_from_native & +run utf8_wchar & +run wchar_utf8 & +run utf8_codepoint & +run http_parser & +run upnp & +run dht_node & +run utp & +run resume_data & + +wait diff --git a/fuzzers/src/base32decode.cpp b/fuzzers/src/base32decode.cpp new file mode 100644 index 000000000..1113d75c2 --- /dev/null +++ b/fuzzers/src/base32decode.cpp @@ -0,0 +1,40 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::base32decode({reinterpret_cast(data), size}); + return 0; +} + diff --git a/fuzzers/src/base32encode.cpp b/fuzzers/src/base32encode.cpp new file mode 100644 index 000000000..f65b5be8c --- /dev/null +++ b/fuzzers/src/base32encode.cpp @@ -0,0 +1,40 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::base32encode({reinterpret_cast(data), size}); + return 0; +} + diff --git a/fuzzers/src/base64encode.cpp b/fuzzers/src/base64encode.cpp new file mode 100644 index 000000000..a95d4bb98 --- /dev/null +++ b/fuzzers/src/base64encode.cpp @@ -0,0 +1,40 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::base64encode({reinterpret_cast(data), size}); + return 0; +} + diff --git a/fuzzers/src/bdecode_node.cpp b/fuzzers/src/bdecode_node.cpp new file mode 100644 index 000000000..5b1a6c909 --- /dev/null +++ b/fuzzers/src/bdecode_node.cpp @@ -0,0 +1,48 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/bdecode.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::error_code ec; +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::bdecode({reinterpret_cast(data), int(size)}, ec); +#else + lt::bdecode_node ret; + auto d = reinterpret_cast(data); + lt::bdecode(d, d + size, ret, ec); +#endif + return 0; +} + diff --git a/fuzzers/src/convert_from_native.cpp b/fuzzers/src/convert_from_native.cpp new file mode 100644 index 000000000..f5815981b --- /dev/null +++ b/fuzzers/src/convert_from_native.cpp @@ -0,0 +1,40 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::convert_from_native({reinterpret_cast(data), size}); + return 0; +} + diff --git a/fuzzers/src/convert_to_native.cpp b/fuzzers/src/convert_to_native.cpp new file mode 100644 index 000000000..6e6331d5e --- /dev/null +++ b/fuzzers/src/convert_to_native.cpp @@ -0,0 +1,40 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::convert_to_native({reinterpret_cast(data), size}); + return 0; +} + diff --git a/fuzzers/src/dht_node.cpp b/fuzzers/src/dht_node.cpp new file mode 100644 index 000000000..c4d5986d9 --- /dev/null +++ b/fuzzers/src/dht_node.cpp @@ -0,0 +1,130 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/version.hpp" +#include "libtorrent/kademlia/dht_tracker.hpp" +#include "libtorrent/performance_counters.hpp" +#include "libtorrent/kademlia/dht_observer.hpp" + +#include + +using namespace lt; + +#if LIBTORRENT_VERSION_NUM >= 10200 +dht::dht_settings sett; +dht::dht_state state; +std::unique_ptr dht_storage(dht::dht_default_storage_constructor(sett)); +#else +dht_settings sett; +entry state; +#endif + +counters cnt; + +struct obs : dht::dht_observer +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + void set_external_address(lt::aux::listen_socket_handle const&, lt::address const& /* addr */ + , lt::address const&) override + {} + int get_listen_port(aux::transport ssl, aux::listen_socket_handle const& s) override + { return 6881; } +#else + void set_external_address(address const& addr + , address const& source) override {} +#endif + + void get_peers(lt::sha1_hash const&) override {} + void outgoing_get_peers(sha1_hash const& + , sha1_hash const&, lt::udp::endpoint const&) override {} + void announce(sha1_hash const&, lt::address const&, int) override {} +#if LIBTORRENT_VERSION_NUM >= 10200 + bool on_dht_request(string_view + , dht::msg const&, entry&) override + { return false; } +#else + bool on_dht_request(char const* query, int query_len + , dht::msg const& request, entry& response) override { return false; } + address external_address() override { return address(); } +#endif + +#ifndef TORRENT_DISABLE_LOGGING + + void log(dht_logger::module_t, char const*, ...) override {} + +#if LIBTORRENT_VERSION_NUM < 10200 + + void log_packet(message_direction_t dir, char const* pkt, int len + , udp::endpoint node) override {} + +#else + + bool should_log(module_t) const override { return true; } + void log_packet(message_direction_t + , span + , lt::udp::endpoint const&) override {} +#endif // LIBTORRENT_VERSION_NUM +#endif // TORRENT_DISABLE_LOGGING +}; + +obs o; +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10300 + io_context ios; +#else + io_service ios; +#endif +#if LIBTORRENT_VERSION_NUM < 10200 + rate_limited_udp_socket sock(ios); +#endif + + dht::dht_tracker(&o +#if LIBTORRENT_VERSION_NUM >= 10200 + , ios + , [](aux::listen_socket_handle const&, udp::endpoint const& + , span, error_code&, udp_send_flags_t) {} +#else + , sock +#endif + , sett + , cnt +#if LIBTORRENT_VERSION_NUM >= 10200 + , *dht_storage +#else + , dht::dht_default_storage_constructor +#endif + , std::move(state)); + + return 0; +} + diff --git a/fuzzers/src/escape_path.cpp b/fuzzers/src/escape_path.cpp new file mode 100644 index 000000000..26623e420 --- /dev/null +++ b/fuzzers/src/escape_path.cpp @@ -0,0 +1,45 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::escape_path({reinterpret_cast(data), size}); +#else + lt::escape_path(reinterpret_cast(data), size); +#endif + return 0; +} + diff --git a/fuzzers/src/escape_string.cpp b/fuzzers/src/escape_string.cpp new file mode 100644 index 000000000..c448f8ed5 --- /dev/null +++ b/fuzzers/src/escape_string.cpp @@ -0,0 +1,45 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/aux_/escape_string.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::escape_string({reinterpret_cast(data), size}); +#else + lt::escape_string(reinterpret_cast(data), size); +#endif + return 0; +} + diff --git a/fuzzers/src/file_storage_add_file.cpp b/fuzzers/src/file_storage_add_file.cpp new file mode 100644 index 000000000..38b561ddc --- /dev/null +++ b/fuzzers/src/file_storage_add_file.cpp @@ -0,0 +1,41 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/file_storage.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::file_storage fs; + fs.add_file({reinterpret_cast(data), size}, 1); + return 0; +} + diff --git a/fuzzers/src/gzip.cpp b/fuzzers/src/gzip.cpp new file mode 100644 index 000000000..5a93590b9 --- /dev/null +++ b/fuzzers/src/gzip.cpp @@ -0,0 +1,49 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/gzip.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::error_code ec; + std::vector out; +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::inflate_gzip({reinterpret_cast(data), int(size)}, out + , 100000, ec); +#else + lt::inflate_gzip(reinterpret_cast(data), size, out + , 100000, ec); +#endif + return 0; +} + diff --git a/fuzzers/src/http_parser.cpp b/fuzzers/src/http_parser.cpp new file mode 100644 index 000000000..e24667556 --- /dev/null +++ b/fuzzers/src/http_parser.cpp @@ -0,0 +1,48 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/http_parser.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::http_parser p; + bool error; +#if LIBTORRENT_VERSION_NUM >= 10200 + p.incoming({reinterpret_cast(data), int(size)}, error); +#else + p.incoming({reinterpret_cast(data) + , reinterpret_cast(data) + size}, error); +#endif + return 0; +} + diff --git a/fuzzers/src/lazy_bdecode.cpp b/fuzzers/src/lazy_bdecode.cpp new file mode 100644 index 000000000..9e56efdb7 --- /dev/null +++ b/fuzzers/src/lazy_bdecode.cpp @@ -0,0 +1,46 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include +#include "libtorrent/error_code.hpp" +#include "libtorrent/lazy_entry.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::error_code ec; + lt::lazy_entry ret; + int pos; + lazy_bdecode(reinterpret_cast(data), reinterpret_cast(data) + size, ret, ec, &pos); + return 0; +} + diff --git a/fuzzers/src/parse_int.cpp b/fuzzers/src/parse_int.cpp new file mode 100644 index 000000000..d2d1b7644 --- /dev/null +++ b/fuzzers/src/parse_int.cpp @@ -0,0 +1,41 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ +#include "libtorrent/bdecode.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::bdecode_errors::error_code_enum ec; + std::int64_t val; + lt::parse_int(reinterpret_cast(data), reinterpret_cast(data) + size, ':', val, ec); + return 0; +} + diff --git a/fuzzers/src/parse_magnet_uri.cpp b/fuzzers/src/parse_magnet_uri.cpp new file mode 100644 index 000000000..7304d4877 --- /dev/null +++ b/fuzzers/src/parse_magnet_uri.cpp @@ -0,0 +1,46 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/magnet_uri.hpp" +#include "libtorrent/add_torrent_params.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::error_code ec; + lt::add_torrent_params params; + lt::parse_magnet_uri({reinterpret_cast(data), size} + , params, ec); + return 0; +} + + diff --git a/fuzzers/src/resume_data.cpp b/fuzzers/src/resume_data.cpp new file mode 100644 index 000000000..347c2fdf3 --- /dev/null +++ b/fuzzers/src/resume_data.cpp @@ -0,0 +1,48 @@ +/* + +Copyright (c) 2018, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include +#include "libtorrent/version.hpp" +#if LIBTORRENT_VERSION_NUM >= 10200 +#include "libtorrent/read_resume_data.hpp" +#include "libtorrent/add_torrent_params.hpp" +#endif + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::error_code ec; + auto ret = lt::read_resume_data({reinterpret_cast(data), int(size)}, ec); +#endif + return 0; +} + diff --git a/fuzzers/src/sanitize_path.cpp b/fuzzers/src/sanitize_path.cpp new file mode 100644 index 000000000..6814a1a4c --- /dev/null +++ b/fuzzers/src/sanitize_path.cpp @@ -0,0 +1,46 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/torrent_info.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + std::string out; +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::sanitize_append_path_element(out, {reinterpret_cast(data), size}); +#else + lt::sanitize_append_path_element(out, reinterpret_cast(data), size); +#endif + return 0; +} + diff --git a/fuzzers/src/torrent_info.cpp b/fuzzers/src/torrent_info.cpp new file mode 100644 index 000000000..c66ca8d98 --- /dev/null +++ b/fuzzers/src/torrent_info.cpp @@ -0,0 +1,46 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/torrent_info.hpp" +#include "libtorrent/version.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + lt::error_code ec; +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::torrent_info ti({reinterpret_cast(data), int(size)}, ec, lt::from_span); +#else + lt::torrent_info ti(reinterpret_cast(data), size, ec); +#endif + return 0; +} + diff --git a/fuzzers/src/upnp.cpp b/fuzzers/src/upnp.cpp new file mode 100644 index 000000000..af14596fe --- /dev/null +++ b/fuzzers/src/upnp.cpp @@ -0,0 +1,56 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/upnp.hpp" +#include "libtorrent/xml_parse.hpp" +#include "libtorrent/version.hpp" + +#if LIBTORRENT_VERSION_NUM < 10200 +#include +namespace pl = boost::placeholders; +#endif + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + using namespace std::placeholders; + + lt::parse_state s; +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::xml_parse({reinterpret_cast(data), size} + , std::bind(<::find_control_url, _1, _2, std::ref(s))); +#else + lt::xml_parse(reinterpret_cast(data), reinterpret_cast(data) + size + , boost::bind(<::find_control_url, pl::_1, pl::_2, pl::_3, std::ref(s))); +#endif + return 0; +} + diff --git a/fuzzers/src/utf8_codepoint.cpp b/fuzzers/src/utf8_codepoint.cpp new file mode 100644 index 000000000..ec2666196 --- /dev/null +++ b/fuzzers/src/utf8_codepoint.cpp @@ -0,0 +1,45 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/utf8.hpp" +#include "libtorrent/version.hpp" + +#include + +extern "C" int LLVMFuzzerTestOneInput(std::uint8_t const* data, size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::parse_utf8_codepoint({reinterpret_cast(data), size}); +#endif + return 0; +} + diff --git a/fuzzers/src/utf8_wchar.cpp b/fuzzers/src/utf8_wchar.cpp new file mode 100644 index 000000000..17ebb0041 --- /dev/null +++ b/fuzzers/src/utf8_wchar.cpp @@ -0,0 +1,54 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/config.hpp" +#include "libtorrent/error_code.hpp" +#include "libtorrent/utf8.hpp" +#include "libtorrent/version.hpp" +#include + +#if LIBTORRENT_VERSION_NUM < 10200 +#include +#endif + +extern "C" int LLVMFuzzerTestOneInput(std::uint8_t const* data, std::size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::error_code ec; + lt::utf8_wchar({reinterpret_cast(data), size}, ec); +#else + std::wstring out; + lt::utf8_wchar({reinterpret_cast(data), size}, out); +#endif + return 0; +} + diff --git a/fuzzers/src/utp.cpp b/fuzzers/src/utp.cpp new file mode 100644 index 000000000..501af592a --- /dev/null +++ b/fuzzers/src/utp.cpp @@ -0,0 +1,95 @@ +/* + +Copyright (c) 2018, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/version.hpp" +#include "libtorrent/utp_socket_manager.hpp" +#include "libtorrent/aux_/session_settings.hpp" +#include "libtorrent/performance_counters.hpp" +#include "libtorrent/utp_stream.hpp" +#include "libtorrent/udp_socket.hpp" + +using namespace lt; + +#if LIBTORRENT_VERSION_NUM >= 10300 +io_context ios; +#else +io_service ios; +#endif +lt::aux::session_settings sett; +counters cnt; + +#if LIBTORRENT_VERSION_NUM >= 10200 +utp_socket_manager man( + [](std::weak_ptr, udp::endpoint const&, span, error_code&, udp_send_flags_t){} + , [](std::shared_ptr const&){} + , ios + , sett + , cnt + , nullptr); +#else +udp_socket sock(ios); +utp_socket_manager man( + sett + , sock + , cnt + , nullptr + , [](boost::shared_ptr const&){} + ); +#endif + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + utp_socket_impl* sock = NULL; + { + utp_stream str(ios); +#if LIBTORRENT_VERSION_NUM >= 10200 + sock = construct_utp_impl(1, 0, &str, man); +#else + sock = construct_utp_impl(1, 0, &str, &man); +#endif + str.set_impl(sock); + udp::endpoint ep; + time_point ts(seconds(100)); +#if LIBTORRENT_VERSION_NUM >= 10200 + span buf(reinterpret_cast(data), size); + utp_incoming_packet(sock, buf, ep, ts); +#else + utp_incoming_packet(sock, reinterpret_cast(data), size, ep, ts); +#endif + + // clear any deferred acks + man.socket_drained(); + } + delete_utp_impl(sock); + return 0; +} + diff --git a/fuzzers/src/verify_encoding.cpp b/fuzzers/src/verify_encoding.cpp new file mode 100644 index 000000000..960fa497d --- /dev/null +++ b/fuzzers/src/verify_encoding.cpp @@ -0,0 +1,41 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/torrent_info.hpp" + +extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size) +{ + std::string str{reinterpret_cast(data), size}; + lt::verify_encoding(str); + return 0; +} + diff --git a/fuzzers/src/wchar_utf8.cpp b/fuzzers/src/wchar_utf8.cpp new file mode 100644 index 000000000..457f0b26d --- /dev/null +++ b/fuzzers/src/wchar_utf8.cpp @@ -0,0 +1,54 @@ +/* + +Copyright (c) 2017, Arvid Norberg +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + * Neither the name of the author nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +*/ + +#include "libtorrent/config.hpp" +#include "libtorrent/error_code.hpp" +#include "libtorrent/utf8.hpp" +#include "libtorrent/version.hpp" +#include + +#if LIBTORRENT_VERSION_NUM < 10200 +#include +#endif + +extern "C" int LLVMFuzzerTestOneInput(std::uint8_t const* data, std::size_t size) +{ +#if LIBTORRENT_VERSION_NUM >= 10200 + lt::error_code ec; + lt::wchar_utf8(std::wstring{reinterpret_cast(data), size / sizeof(wchar_t)}, ec); +#else + std::string out; + lt::wchar_utf8(std::wstring{reinterpret_cast(data), size / sizeof(wchar_t)}, out); +#endif + return 0; +} + diff --git a/fuzzers/tools/unify_corpus_names.py b/fuzzers/tools/unify_corpus_names.py new file mode 100644 index 000000000..e6b8002ff --- /dev/null +++ b/fuzzers/tools/unify_corpus_names.py @@ -0,0 +1,24 @@ +import sys +import os +import string +import hashlib + +if len(sys.argv) < 2: + print('usage: unify_corpus_names.py \n') + sys.exit(1) + +root = sys.argv[1] +for name in os.listdir(root): + f = os.path.join(root, name) + + # ignore directories + if not os.path.isfile(f): + continue + + # if the name already looks like a SHA-1 hash, ignore it + if len(name) == 40 and all(c in string.hexdigits for c in name): + continue + + new_name = hashlib.sha1(open(f, 'r').read()).hexdigest() + print('%s -> %s' % (f, new_name)) + os.rename(f, os.path.join(root, new_name)) diff --git a/tools/clean.py b/tools/clean.py index f7b167e6e..65f6e14ef 100755 --- a/tools/clean.py +++ b/tools/clean.py @@ -52,6 +52,7 @@ def clean(): 'tools', 'src', 'simulation', + 'fuzzers', os.path.join('src', 'kademlia'), os.path.join('include', 'libtorrent'), os.path.join('include', os.path.join('libtorrent', '_aux')),