Skip to content

Commit

Permalink
Add: fuzz_mmdb to support OSS-Fuzz
Browse files Browse the repository at this point in the history 
Signed-off-by: Arjun <pkillarjun@protonmail.com>
  • Loading branch information
@pkillarjun
pkillarjun committed Nov 5, 2024
1 parent 5134712 commit 5212822
Show file tree
Hide file tree
Showing 4 changed files with 60 additions and 0 deletions.
1 change: 1 addition & 0 deletions CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ if (WIN32)
endif()
option(BUILD_SHARED_LIBS "Build shared libraries (.dll/.so) instead of static ones (.lib/.a)" OFF)
option(BUILD_TESTING "Build test programs" ON)
option(BUILD_FUZZ "Build fuzzer" OFF)
option(MAXMINDDB_BUILD_BINARIES "Build binaries" ON)
option(MAXMINDDB_INSTALL "Generate the install target" ON)

Expand Down
17 changes: 17 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,23 @@ runtime library, using the `MSVC_STATIC_RUNTIME` setting:

$ cmake -DMSVC_STATIC_RUNTIME=ON -DBUILD_SHARED_LIBS=OFF ..

## Fuzzing libmaxminddb locally

$ export CC=clang
$ export CXX=clang++
$ export CFLAGS="-g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address,undefined -fsanitize=fuzzer-no-link"
$ export CXXFLAGS="-g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address,undefined -fsanitize=fuzzer-no-link"
$ export LIB_FUZZING_ENGINE="-fsanitize=fuzzer"

$ mkdir -p build && cd build
$ cmake -DBUILD_FUZZ=ON ../.
$ cmake --build .

$ mkdir -p fuzz_mmdb_seed fuzz_mmdb_seed_corpus
$ find ../t/maxmind-db/test-data/ -type f -size -4k -exec cp {} ./fuzz_mmdb_seed_corpus/ \;

$ ./t/fuzz_mmdb fuzz_mmdb_seed/ fuzz_mmdb_seed_corpus/

## On Ubuntu via PPA

MaxMind provides a PPA for recent version of Ubuntu. To add the PPA to your
Expand Down
6 changes: 6 additions & 0 deletions t/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,3 +52,9 @@ foreach(TEST_TARGET_NAME ${TEST_TARGET_NAMES})

add_test( NAME ${TEST_TARGET_NAME} COMMAND ${TEST_TARGET_NAME} WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/t)
endforeach()

if(BUILD_FUZZ)
add_executable(fuzz_mmdb fuzz_mmdb.c)
target_include_directories(fuzz_mmdb PRIVATE ../src)
target_link_libraries(fuzz_mmdb maxminddb $ENV{LIB_FUZZING_ENGINE})
endif()
36 changes: 36 additions & 0 deletions t/fuzz_mmdb.c
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
#include "maxminddb-compat-util.h"
#include "maxminddb.h"
#include <unistd.h>

#define kMinInputLength 2
#define kMaxInputLength 4048

extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

int
LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
int status;
FILE *fp;
MMDB_s mmdb;
char filename[256];

if (size < kMinInputLength || size > kMaxInputLength)
return 0;

sprintf(filename, "/tmp/libfuzzer.%d", getpid());

fp = fopen(filename, "wb");
if (!fp)
return 0;

fwrite(data, size, sizeof(uint8_t), fp);
fclose(fp);

status = MMDB_open(filename, MMDB_MODE_MMAP, &mmdb);
if (status == MMDB_SUCCESS)
MMDB_close(&mmdb);

unlink(filename);
return 0;
}

0 comments on commit 5212822

Please sign in to comment.