libder/tests/make_corpus.c

*35c0a8c4SKyle Evans/*-
*35c0a8c4SKyle Evans * Copyright (c) 2024 Kyle Evans <kevans@FreeBSD.org>
*35c0a8c4SKyle Evans *
*35c0a8c4SKyle Evans * SPDX-License-Identifier: BSD-2-Clause
*35c0a8c4SKyle Evans */
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#include <sys/param.h>
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#undef NDEBUG
*35c0a8c4SKyle Evans#include <assert.h>
*35c0a8c4SKyle Evans#include <err.h>
*35c0a8c4SKyle Evans#include <fcntl.h>
*35c0a8c4SKyle Evans#include <stdbool.h>
*35c0a8c4SKyle Evans#include <stdio.h>
*35c0a8c4SKyle Evans#include <stdlib.h>
*35c0a8c4SKyle Evans#include <string.h>
*35c0a8c4SKyle Evans#include <unistd.h>
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#include <libder.h>
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#include "fuzzers.h"
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#define	LARGE_SIZE	(1024 * 64)
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evansstatic const uint8_t empty_seq[] = { BT_SEQUENCE, 0x00 };
*35c0a8c4SKyle Evansstatic const uint8_t long_size[21] = { BT_OCTETSTRING, 0x83, 0x00, 0x00, 0x10 };
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans/* 64k */
*35c0a8c4SKyle Evans#define	LARGE_SIZE_ENCODING	0x83, 0x01, 0x00, 0x00
*35c0a8c4SKyle Evansstatic const uint8_t large_octet[LARGE_SIZE + 5] = { BT_OCTETSTRING, LARGE_SIZE_ENCODING };
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#define	VARLEN_SEQ	BT_OCTETSTRING, 0x04, 0x01, 0x02, 0x03, 0x04
*35c0a8c4SKyle Evans#define	VARLEN_CHILDREN	VARLEN_SEQ, VARLEN_SEQ, VARLEN_SEQ
*35c0a8c4SKyle Evansstatic const uint8_t varlen[] = { BT_SEQUENCE, 0x80,
*35c0a8c4SKyle Evans    VARLEN_CHILDREN, 0x00, 0x00 };
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#define	BITSTRING1	BT_BITSTRING, 0x04, 0x03, 0xc0, 0xc0, 0xcc
*35c0a8c4SKyle Evans#define	BITSTRING2	BT_BITSTRING, 0x04, 0x05, 0xdd, 0xdd, 0xff
*35c0a8c4SKyle Evansstatic const uint8_t constructed_bitstring[] = { 0x20 | BT_BITSTRING,
*35c0a8c4SKyle Evans    2 * 6, BITSTRING1, BITSTRING2 };
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans#define	FUZZER_SEED(seq)	{ #seq, sizeof(seq), seq }
*35c0a8c4SKyle Evansstatic const struct seed {
*35c0a8c4SKyle Evans	const char	*seed_name;
*35c0a8c4SKyle Evans	size_t		 seed_seqsz;
*35c0a8c4SKyle Evans	const uint8_t	*seed_seq;
*35c0a8c4SKyle Evans} seeds[] = {
*35c0a8c4SKyle Evans	FUZZER_SEED(empty_seq),
*35c0a8c4SKyle Evans	FUZZER_SEED(long_size),
*35c0a8c4SKyle Evans	FUZZER_SEED(large_octet),
*35c0a8c4SKyle Evans	FUZZER_SEED(varlen),
*35c0a8c4SKyle Evans	FUZZER_SEED(constructed_bitstring),
*35c0a8c4SKyle Evans};
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evansstatic void
*35c0a8c4SKyle Evansusage(void)
*35c0a8c4SKyle Evans{
*35c0a8c4SKyle Evans	fprintf(stderr, "usage: %s [-H] <corpus-dir>\n", getprogname());
*35c0a8c4SKyle Evans	exit(1);
*35c0a8c4SKyle Evans}
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evansstatic void
*35c0a8c4SKyle Evanswrite_one(const struct fuzz_params *params, const struct seed *seed, int dirfd,
*35c0a8c4SKyle Evans    bool striphdr)
*35c0a8c4SKyle Evans{
*35c0a8c4SKyle Evans	char *name;
*35c0a8c4SKyle Evans	int fd = -1;
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	assert(asprintf(&name, "base_%d_%d_%d_%s", params->type,
*35c0a8c4SKyle Evans	    params->buftype, params->strict, seed->seed_name) != -1);
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	fd = openat(dirfd, name, O_RDWR | O_TRUNC | O_CREAT, 0644);
*35c0a8c4SKyle Evans	assert(fd != -1);
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	/*
*35c0a8c4SKyle Evans	 * Write our params + seed; if we're stripping the header we won't have
*35c0a8c4SKyle Evans	 * the full params, but we'll still have our signal byte for strict
*35c0a8c4SKyle Evans	 * mode.
*35c0a8c4SKyle Evans	 */
*35c0a8c4SKyle Evans	if (!striphdr)
*35c0a8c4SKyle Evans		assert(write(fd, &params,  sizeof(params)) == sizeof(params));
*35c0a8c4SKyle Evans	else
*35c0a8c4SKyle Evans		assert(write(fd, &params->strict, sizeof(params->strict)) == sizeof(params->strict));
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	assert(write(fd, seed->seed_seq, seed->seed_seqsz) == seed->seed_seqsz);
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	free(name);
*35c0a8c4SKyle Evans	close(fd);
*35c0a8c4SKyle Evans}
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evansint
*35c0a8c4SKyle Evansmain(int argc, char *argv[])
*35c0a8c4SKyle Evans{
*35c0a8c4SKyle Evans	struct fuzz_params params;
*35c0a8c4SKyle Evans	const struct seed *seed;
*35c0a8c4SKyle Evans	const char *seed_dir;
*35c0a8c4SKyle Evans	int dirfd = -1;
*35c0a8c4SKyle Evans	bool striphdr = false;
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	if (argc < 2 || argc > 3)
*35c0a8c4SKyle Evans		usage();
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	if (argc == 3 && strcmp(argv[1], "-H") != 0)
*35c0a8c4SKyle Evans		usage();
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	striphdr = argc == 3;
*35c0a8c4SKyle Evans	seed_dir = argv[argc - 1];
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	dirfd = open(seed_dir, O_SEARCH);
*35c0a8c4SKyle Evans	if (dirfd == -1)
*35c0a8c4SKyle Evans		err(1, "%s: open", seed_dir);
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	memset(&params, 0, sizeof(params));
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	for (int type = 0; type < STREAM_END; type++) {
*35c0a8c4SKyle Evans		params.type = type;
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans		for (int buffered = 0; buffered < BUFFER_END; buffered++) {
*35c0a8c4SKyle Evans			params.buftype = buffered;
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans			for (uint8_t strict = 0; strict < 2; strict++) {
*35c0a8c4SKyle Evans				params.strict = strict;
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans				for (size_t i = 0; i < nitems(seeds); i++) {
*35c0a8c4SKyle Evans					seed = &seeds[i];
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans					write_one(&params, seed, dirfd, striphdr);
*35c0a8c4SKyle Evans				}
*35c0a8c4SKyle Evans			}
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans			if (type != STREAM_FILE)
*35c0a8c4SKyle Evans				break;
*35c0a8c4SKyle Evans		}
*35c0a8c4SKyle Evans	}
*35c0a8c4SKyle Evans
*35c0a8c4SKyle Evans	close(dirfd);
*35c0a8c4SKyle Evans}