Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / honggfuzz / 0a01ea792cd09caf0dfea7afec70906fdc10e30a / . / input.c
blob: 9264401e00400392a34a081186ecd9f23b775b35 [file] [log] [blame]
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]1/*
2 *
3 * honggfuzz - file operations
4 * -----------------------------------------
5 *
6 * Author: Robert Swiecki <swiecki@google.com>
7 *
8 * Copyright 2010-2015 by Google Inc. All Rights Reserved.
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License. You may obtain
12 * a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS,
18 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
19 * implied. See the License for the specific language governing
20 * permissions and limitations under the License.
21 *
22 */
23
24#include "input.h"
25
26#include <dirent.h>
27#include <errno.h>
28#include <fcntl.h>
29#include <inttypes.h>
30#include <stdint.h>
31#include <stdio.h>
32#include <stdlib.h>
33#include <string.h>
34#include <sys/mman.h>
35#include <sys/socket.h>
36#include <sys/stat.h>
37#include <sys/types.h>
38#include <unistd.h>
39
Robert Swiecki246af3e2018-01-05 14:56:32 +0100[diff] [blame]40#include "libhfcommon/common.h"
41#include "libhfcommon/files.h"
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]42
43#if defined(_HF_ARCH_LINUX)
44#include <sys/syscall.h>
45#if defined(__NR_memfd_create)
46#include <linux/memfd.h>
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]47#endif /* defined(__NR_memfd_create) */
48#endif /* defined(_HF_ARCH_LINUX) */
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]49
Robert Swiecki246af3e2018-01-05 14:56:32 +0100[diff] [blame]50#include "libhfcommon/log.h"
51#include "libhfcommon/util.h"
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]52
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]53static bool input_getDirStatsAndRewind(honggfuzz_t* hfuzz) {
Robert Swieckia35d9d82017-12-15 22:00:41 +0100[diff] [blame]54 rewinddir(hfuzz->io.inputDirPtr);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]55
56 size_t maxSize = 0U;
57 size_t fileCnt = 0U;
58 for (;;) {
59 errno = 0;
Robert Swieckia35d9d82017-12-15 22:00:41 +0100[diff] [blame]60 struct dirent* entry = readdir(hfuzz->io.inputDirPtr);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]61 if (entry == NULL && errno == EINTR) {
62 continue;
63 }
64 if (entry == NULL && errno != 0) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]65 PLOG_W("readdir('%s')", hfuzz->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]66 return false;
67 }
68 if (entry == NULL) {
69 break;
70 }
71
72 char fname[PATH_MAX];
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]73 snprintf(fname, sizeof(fname), "%s/%s", hfuzz->io.inputDir, entry->d_name);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]74 LOG_D("Analyzing file '%s'", fname);
75
76 struct stat st;
77 if (stat(fname, &st) == -1) {
78 LOG_W("Couldn't stat() the '%s' file", fname);
79 continue;
80 }
81 if (!S_ISREG(st.st_mode)) {
82 LOG_D("'%s' is not a regular file, skipping", fname);
83 continue;
84 }
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]85 if (hfuzz->maxFileSz != 0UL && st.st_size > (off_t)hfuzz->maxFileSz) {
Robert Swieckid0fa62c2017-09-28 18:11:05 +0200[diff] [blame]86 LOG_W("File '%s' is bigger than maximal defined file size (-F): %" PRId64 " > %" PRId64,
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]87 fname, (int64_t)st.st_size, (int64_t)hfuzz->maxFileSz);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]88 }
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]89 if ((size_t)st.st_size > maxSize) {
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]90 maxSize = st.st_size;
91 }
92 fileCnt++;
93 }
94
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]95 ATOMIC_SET(hfuzz->io.fileCnt, fileCnt);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]96 if (hfuzz->maxFileSz == 0U) {
97 if (maxSize < 8192) {
98 hfuzz->maxFileSz = 8192;
Robert Swiecki0a01ea72018-01-11 01:50:18 +0100[diff] [blame^]99 } else if (maxSize > _HF_INPUT_MAX_SIZE) {
100 hfuzz->maxFileSz = _HF_INPUT_MAX_SIZE;
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]101 } else {
102 hfuzz->maxFileSz = maxSize;
103 }
104 }
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]105
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]106 if (hfuzz->io.fileCnt == 0U) {
107 LOG_W("No usable files in the input directory '%s'", hfuzz->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]108 return false;
109 }
110
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]111 LOG_D("Re-read the '%s', maxFileSz:%zu, number of usable files:%zu", hfuzz->io.inputDir,
112 hfuzz->maxFileSz, hfuzz->io.fileCnt);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]113
Robert Swieckia35d9d82017-12-15 22:00:41 +0100[diff] [blame]114 rewinddir(hfuzz->io.inputDirPtr);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]115
116 return true;
117}
118
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]119bool input_getNext(run_t* run, char* fname, bool rewind) {
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]120 static pthread_mutex_t input_mutex = PTHREAD_MUTEX_INITIALIZER;
121 MX_SCOPED_LOCK(&input_mutex);
122
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]123 if (run->global->io.fileCnt == 0U) {
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]124 return false;
125 }
126
127 for (;;) {
128 errno = 0;
Robert Swieckia35d9d82017-12-15 22:00:41 +0100[diff] [blame]129 struct dirent* entry = readdir(run->global->io.inputDirPtr);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]130 if (entry == NULL && errno == EINTR) {
131 continue;
132 }
133 if (entry == NULL && errno != 0) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]134 PLOG_W("readdir_r('%s')", run->global->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]135 return false;
136 }
137 if (entry == NULL && rewind == false) {
138 return false;
139 }
140 if (entry == NULL && rewind == true) {
Robert Swiecki78633d12017-11-13 23:24:55 +0100[diff] [blame]141 if (input_getDirStatsAndRewind(run->global) == false) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]142 LOG_E("input_getDirStatsAndRewind('%s')", run->global->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]143 return false;
144 }
145 continue;
146 }
147
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]148 snprintf(fname, PATH_MAX, "%s/%s", run->global->io.inputDir, entry->d_name);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]149
150 struct stat st;
151 if (stat(fname, &st) == -1) {
152 LOG_W("Couldn't stat() the '%s' file", fname);
153 continue;
154 }
155 if (!S_ISREG(st.st_mode)) {
156 LOG_D("'%s' is not a regular file, skipping", fname);
157 continue;
158 }
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]159 return true;
160 }
161}
162
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]163bool input_init(honggfuzz_t* hfuzz) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]164 hfuzz->io.fileCnt = 0U;
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]165
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]166 if (!hfuzz->io.inputDir) {
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]167 LOG_W("No input file/dir specified");
168 return false;
169 }
170
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]171 int dir_fd = open(hfuzz->io.inputDir, O_DIRECTORY | O_RDONLY | O_CLOEXEC);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]172 if (dir_fd == -1) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]173 PLOG_W("open('%s', O_DIRECTORY|O_RDONLY|O_CLOEXEC)", hfuzz->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]174 return false;
175 }
Robert Swieckia35d9d82017-12-15 22:00:41 +0100[diff] [blame]176 if ((hfuzz->io.inputDirPtr = fdopendir(dir_fd)) == NULL) {
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]177 close(dir_fd);
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]178 PLOG_W("opendir('%s')", hfuzz->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]179 return false;
180 }
181 if (input_getDirStatsAndRewind(hfuzz) == false) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]182 hfuzz->io.fileCnt = 0U;
183 LOG_W("input_getDirStatsAndRewind('%s')", hfuzz->io.inputDir);
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]184 return false;
185 }
186
187 return true;
188}
189
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]190bool input_parseDictionary(honggfuzz_t* hfuzz) {
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]191 FILE* fDict = fopen(hfuzz->dictionaryFile, "rb");
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]192 if (fDict == NULL) {
193 PLOG_W("Couldn't open '%s' - R/O mode", hfuzz->dictionaryFile);
194 return false;
195 }
Robert Swiecki0b566112017-10-17 17:39:07 +0200[diff] [blame]196 defer { fclose(fDict); };
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]197
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]198 char* lineptr = NULL;
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]199 size_t n = 0;
Robert Swiecki0b566112017-10-17 17:39:07 +0200[diff] [blame]200 defer { free(lineptr); };
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]201 for (;;) {
202 ssize_t len = getdelim(&lineptr, &n, '\n', fDict);
203 if (len == -1) {
204 break;
205 }
206 if (len > 1 && lineptr[len - 1] == '\n') {
207 lineptr[len - 1] = '\0';
208 len--;
209 }
210 if (lineptr[0] == '#') {
211 continue;
212 }
213 if (lineptr[0] == '\n') {
214 continue;
215 }
216 if (lineptr[0] == '\0') {
217 continue;
218 }
Robert Swiecki49117302017-12-27 20:47:31 +0100[diff] [blame]219 char bufn[1025] = {};
220 char bufv[1025] = {};
221 if (sscanf(lineptr, "\"%1024[^\"]", bufv) != 1 &&
222 sscanf(lineptr, "%1024[^=]=\"%1024[^\"]", bufn, bufv) != 2) {
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]223 LOG_W("Incorrect dictionary entry: '%s'. Skipping", lineptr);
224 continue;
225 }
226
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]227 char* s = util_StrDup(bufv);
228 struct strings_t* str = (struct strings_t*)util_Malloc(sizeof(struct strings_t));
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]229 str->len = util_decodeCString(s);
230 str->s = s;
231 hfuzz->dictionaryCnt += 1;
232 TAILQ_INSERT_TAIL(&hfuzz->dictq, str, pointers);
233
234 LOG_D("Dictionary: loaded word: '%s' (len=%zu)", str->s, str->len);
235 }
236 LOG_I("Loaded %zu words from the dictionary", hfuzz->dictionaryCnt);
237 return true;
238}
239
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]240bool input_parseBlacklist(honggfuzz_t* hfuzz) {
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]241 FILE* fBl = fopen(hfuzz->blacklistFile, "rb");
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]242 if (fBl == NULL) {
243 PLOG_W("Couldn't open '%s' - R/O mode", hfuzz->blacklistFile);
244 return false;
245 }
Robert Swiecki0b566112017-10-17 17:39:07 +0200[diff] [blame]246 defer { fclose(fBl); };
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]247
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]248 char* lineptr = NULL;
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]249 /* lineptr can be NULL, but it's fine for free() */
Robert Swiecki0b566112017-10-17 17:39:07 +0200[diff] [blame]250 defer { free(lineptr); };
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]251 size_t n = 0;
252 for (;;) {
253 if (getline(&lineptr, &n, fBl) == -1) {
254 break;
255 }
256
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]257 if ((hfuzz->blacklist = util_Realloc(hfuzz->blacklist,
258 (hfuzz->blacklistCnt + 1) * sizeof(hfuzz->blacklist[0]))) == NULL) {
Robert Swiecki0b566112017-10-17 17:39:07 +0200[diff] [blame]259 PLOG_W(
260 "realloc failed (sz=%zu)", (hfuzz->blacklistCnt + 1) * sizeof(hfuzz->blacklist[0]));
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]261 return false;
262 }
263
264 hfuzz->blacklist[hfuzz->blacklistCnt] = strtoull(lineptr, 0, 16);
265 LOG_D("Blacklist: loaded %'" PRIu64 "'", hfuzz->blacklist[hfuzz->blacklistCnt]);
266
267 // Verify entries are sorted so we can use interpolation search
268 if (hfuzz->blacklistCnt > 1) {
269 if (hfuzz->blacklist[hfuzz->blacklistCnt - 1] > hfuzz->blacklist[hfuzz->blacklistCnt]) {
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]270 LOG_F(
271 "Blacklist file not sorted. Use 'tools/createStackBlacklist.sh' to sort "
272 "records");
Robert Swiecki47476f22017-09-28 15:45:02 +0200[diff] [blame]273 return false;
274 }
275 }
276 hfuzz->blacklistCnt += 1;
277 }
278
279 if (hfuzz->blacklistCnt > 0) {
280 LOG_I("Loaded %zu stack hash(es) from the blacklist file", hfuzz->blacklistCnt);
281 } else {
282 LOG_F("Empty stack hashes blacklist file '%s'", hfuzz->blacklistFile);
283 }
284 return true;
285}