forked from acouzens/open5gs
[Fuzzing] oss-fuzz support for fuzzing (#2283)
* [Fuzzing] oss-fuzz support for fuzzing Signed-off-by: Arjun Singh <ajsinghyadav00@gmail.com> * [Fuzzing] fix error 2284 Signed-off-by: Arjun Singh <ajsinghyadav00@gmail.com> --------- Signed-off-by: Arjun Singh <ajsinghyadav00@gmail.com>
This commit is contained in:
Arjun
GitHub
parent
0c3fd10c24
commit
1f078cb3c6
|
|
@ -131,6 +131,11 @@ if build_tests
|
|||
subdir('tests')
|
||||
endif
|
||||
|
||||
# Check if the 'fuzzing' option is defined
|
||||
if get_option('fuzzing')
|
||||
subdir('tests/fuzzing')
|
||||
endif
|
||||
|
||||
message('\n'.join([
|
||||
'',
|
||||
' prefix: ' + prefix,
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
option('fuzzing', type: 'boolean', value: false, description: 'Enable fuzzing tests')
|
||||
option('lib_fuzzing_engine', type : 'string', value : '', description : 'Path to the libFuzzer engine library')
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
/*
|
||||
* Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com>
|
||||
*
|
||||
* This file is part of Open5GS.
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
#include "ogs-core.h"
|
||||
#include "core/abts.h"
|
||||
|
||||
static int initialized = 0;
|
||||
|
||||
void initialize(void) {
|
||||
|
||||
ogs_pkbuf_config_t config;
|
||||
|
||||
ogs_core_initialize();
|
||||
|
||||
ogs_pkbuf_default_init(&config);
|
||||
ogs_pkbuf_default_create(&config);
|
||||
|
||||
initialized = 1;
|
||||
}
|
||||
|
|
@ -0,0 +1,58 @@
|
|||
/*
|
||||
* Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com>
|
||||
*
|
||||
* This file is part of Open5GS.
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "fuzzing.h"
|
||||
#include "ogs-gtp.h"
|
||||
|
||||
#define kMinInputLength 5
|
||||
#define kMaxInputLength 1024
|
||||
|
||||
extern int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
|
||||
{ /* open5gs/tests/unit/gtp-message-test.c */
|
||||
|
||||
if (Size < kMinInputLength || Size > kMaxInputLength) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!initialized) {
|
||||
initialize();
|
||||
ogs_log_install_domain(&__ogs_gtp_domain, "gtp", OGS_LOG_NONE);
|
||||
ogs_log_install_domain(&__ogs_tlv_domain, "tlv", OGS_LOG_NONE);
|
||||
}
|
||||
|
||||
int result;
|
||||
ogs_pkbuf_t *pkbuf;
|
||||
ogs_gtp2_create_session_request_t req;
|
||||
|
||||
pkbuf = ogs_pkbuf_alloc(NULL, OGS_MAX_SDU_LEN);
|
||||
if (pkbuf == NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
ogs_pkbuf_put_data(pkbuf, Data, Size);
|
||||
|
||||
ogs_tlv_parse_msg(&req, &ogs_gtp2_tlv_desc_create_session_request, pkbuf, OGS_TLV_MODE_T1_L2_I1);
|
||||
|
||||
ogs_pkbuf_free(pkbuf);
|
||||
|
||||
return 0;
|
||||
}
|
||||
Binary file not shown.
|
|
@ -0,0 +1,41 @@
|
|||
# Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com>
|
||||
|
||||
# This file is part of Open5GS.
|
||||
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Affero General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
# Get the lib_fuzzing_engine build option.
|
||||
lib_fuzzing_engine = get_option('lib_fuzzing_engine')
|
||||
|
||||
# All fuzzer sources.
|
||||
gtp_message_source = files('gtp-message-fuzz.c')
|
||||
nas_message_source = files('nas-message-fuzz.c')
|
||||
|
||||
# Build all executable
|
||||
executable(
|
||||
'gtp_message_fuzz',
|
||||
sources : gtp_message_source,
|
||||
c_args : [testunit_core_cc_flags, sbi_cc_flags],
|
||||
dependencies : [libgtp_dep],
|
||||
link_args: lib_fuzzing_engine
|
||||
)
|
||||
|
||||
executable(
|
||||
'nas_message_fuzz',
|
||||
sources : nas_message_source,
|
||||
c_args : [testunit_core_cc_flags, sbi_cc_flags],
|
||||
dependencies : [libnas_eps_dep],
|
||||
link_args: lib_fuzzing_engine
|
||||
)
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
/*
|
||||
* Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com>
|
||||
*
|
||||
* This file is part of Open5GS.
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "fuzzing.h"
|
||||
#include "ogs-nas-eps.h"
|
||||
|
||||
#define kMinInputLength 5
|
||||
#define kMaxInputLength 1024
|
||||
|
||||
extern int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
|
||||
{ /* open5gs/tests/unit/nas-message-test.c */
|
||||
|
||||
if (Size < kMinInputLength || Size > kMaxInputLength) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!initialized) {
|
||||
initialize();
|
||||
ogs_log_install_domain(&__ogs_nas_domain, "nas", OGS_LOG_NONE);
|
||||
}
|
||||
|
||||
int result;
|
||||
ogs_pkbuf_t *pkbuf;
|
||||
ogs_nas_eps_message_t message;
|
||||
|
||||
pkbuf = ogs_pkbuf_alloc(NULL, OGS_MAX_SDU_LEN);
|
||||
if (pkbuf == NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
ogs_pkbuf_put_data(pkbuf, Data, Size);
|
||||
|
||||
result = ogs_nas_emm_decode(&message, pkbuf);
|
||||
|
||||
ogs_pkbuf_free(pkbuf);
|
||||
|
||||
return result;
|
||||
}
|
||||
Binary file not shown.
Loading…
Reference in New Issue