suricata
fuzz_decodepcapfile.c
Go to the documentation of this file.
1 /**
2  * @file
3  * @author Philippe Antoine <contact@catenacyber.fr>
4  * fuzz target for TMM_DECODEPCAPFILE
5  */
6 
7 #include "suricata-common.h"
8 #include "app-layer-detect-proto.h"
9 #include "defrag.h"
10 #include "tm-modules.h"
11 #include "tm-threads.h"
12 #include "source-pcap-file.h"
13 #include "util-unittest-helper.h"
14 #include "conf-yaml-loader.h"
15 
16 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
17 
18 static int initialized = 0;
19 SCInstance surifuzz;
20 
21 const char configNoChecksum[] = "\
22 %YAML 1.1\n\
23 ---\n\
24 pcap-file:\n\
25 \n\
26  checksum-checks: no\n\
27 ";
28 
29 ThreadVars *tv;
30 DecodeThreadVars *dtv;
31 
32 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
33 {
34  void *ptv = NULL;
35 
36  if (initialized == 0) {
37  //Redirects logs to /dev/null
38  setenv("SC_LOG_OP_IFACE", "file", 0);
39  setenv("SC_LOG_FILE", "/dev/null", 0);
40 
41  InitGlobal();
42  run_mode = RUNMODE_PCAP_FILE;
43 
44  //redirect logs to /tmp
45  ConfigSetLogDirectory("/tmp/");
46  //disables checksums validation for fuzzing
47  if (ConfYamlLoadString(configNoChecksum, strlen(configNoChecksum)) != 0) {
48  abort();
49  }
50 
51  PostConfLoadedSetup(&surifuzz);
52 
53  RunModeInitialize();
54  TimeModeSetOffline();
55  PcapFileGlobalInit();
56 
57  tv = TmThreadCreatePacketHandler("fuzz",
58  "packetpool", "packetpool",
59  "packetpool", "packetpool",
60  "pktacqloop");
61  if (tv == NULL) {
62  return 0;
63  }
64  TmModule *tm_module = TmModuleGetByName("ReceivePcapFile");
65  if (tm_module == NULL) {
66  return 0;
67  }
68  TmSlotSetFuncAppend(tv, tm_module, "/tmp/fuzz.pcap");
69  tm_module = TmModuleGetByName("DecodePcapFile");
70  if (tm_module == NULL) {
71  return 0;
72  }
73  TmSlotSetFuncAppend(tv, tm_module, NULL);
74  tmm_modules[TMM_DECODEPCAPFILE].ThreadInit(tv, NULL, (void **) &dtv);
75  (void)SC_ATOMIC_SET(tv->tm_slots->slot_next->slot_data, dtv);
76 
77  extern intmax_t max_pending_packets;
78  max_pending_packets = 128;
79  PacketPoolInit();
80 
81  initialized = 1;
82  }
83 
84  //rewrite buffer to a file as libpcap does not have buffer inputs
85  if (TestHelperBufferToFile("/tmp/fuzz.pcap", data, size) < 0) {
86  return 0;
87  }
88 
89  if (tmm_modules[TMM_RECEIVEPCAPFILE].ThreadInit(tv, "/tmp/fuzz.pcap", &ptv) == TM_ECODE_OK && ptv != NULL) {
90  suricata_ctl_flags = 0;
91  tmm_modules[TMM_RECEIVEPCAPFILE].PktAcqLoop(tv, ptv, tv->tm_slots);
92  tmm_modules[TMM_RECEIVEPCAPFILE].ThreadDeinit(tv, ptv);
93  }
94 
95  return 0;
96 }
tm-threads.h
source-pcap-file.h
TmThreadCreatePacketHandler
ThreadVars * TmThreadCreatePacketHandler(const char *name, const char *inq_name, const char *inqh_name, const char *outq_name, const char *outqh_name, const char *slots)
Creates and returns a TV instance for a Packet Processing Thread. This function doesn't support custo...
Definition: tm-threads.c:1065
SC_ATOMIC_SET
#define SC_ATOMIC_SET(name, val)
Set the value for the atomic variable.
Definition: util-atomic.h:387
RunModeInitialize
void RunModeInitialize(void)
Definition: runmodes.c:927
tm-modules.h
configNoChecksum
const char configNoChecksum[]
Definition: fuzz_decodepcapfile.c:21
util-unittest-helper.h
TmModule_::PktAcqLoop
TmEcode(* PktAcqLoop)(ThreadVars *, void *, void *)
Definition: tm-modules.h:54
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:80
PacketPoolInit
void PacketPoolInit(void)
Definition: tmqh-packetpool.c:302
TmModule_::ThreadDeinit
TmEcode(* ThreadDeinit)(ThreadVars *, void *)
Definition: tm-modules.h:49
TmModuleGetByName
TmModule * TmModuleGetByName(const char *name)
get a tm module ptr by name
Definition: tm-modules.c:53
app-layer-detect-proto.h
surifuzz
SCInstance surifuzz
Definition: fuzz_decodepcapfile.c:19
ThreadVars_::tm_slots
struct TmSlot_ * tm_slots
Definition: threadvars.h:96
TMM_RECEIVEPCAPFILE
@ TMM_RECEIVEPCAPFILE
Definition: tm-threads-common.h:39
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:58
TestHelperBufferToFile
int TestHelperBufferToFile(const char *name, const uint8_t *data, size_t size)
writes the contents of a buffer into a file
Definition: util-unittest-helper.c:101
ConfYamlLoadString
int ConfYamlLoadString(const char *string, size_t len)
Load configuration from a YAML string.
Definition: conf-yaml-loader.c:475
PostConfLoadedSetup
int PostConfLoadedSetup(SCInstance *suri)
Definition: suricata.c:2436
tmm_modules
TmModule tmm_modules[TMM_SIZE]
Definition: tm-modules.c:33
conf-yaml-loader.h
TMM_DECODEPCAPFILE
@ TMM_DECODEPCAPFILE
Definition: tm-threads-common.h:41
defrag.h
setenv
void setenv(const char *name, const char *value, int overwrite)
TmModule_
Definition: tm-modules.h:43
dtv
DecodeThreadVars * dtv
Definition: fuzz_decodepcapfile.c:30
TmSlotSetFuncAppend
void TmSlotSetFuncAppend(ThreadVars *tv, TmModule *tm, const void *data)
Appends a new entry to the slots.
Definition: tm-threads.c:647
TimeModeSetOffline
void TimeModeSetOffline(void)
Definition: util-time.c:103
suricata-common.h
run_mode
int run_mode
Definition: suricata.c:197
PcapFileGlobalInit
void PcapFileGlobalInit()
Definition: source-pcap-file.c:136
TmModule_::ThreadInit
TmEcode(* ThreadInit)(ThreadVars *, const void *, void **)
Definition: tm-modules.h:47
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:29
ConfigSetLogDirectory
TmEcode ConfigSetLogDirectory(const char *name)
Definition: util-conf.c:30
max_pending_packets
int max_pending_packets
Definition: suricata.c:208
DecodeThreadVars_
Structure to hold thread specific data for all decode modules.
Definition: decode.h:640
SCInstance_
Definition: suricata.h:123
TmSlot_::slot_next
struct TmSlot_ * slot_next
Definition: tm-threads.h:61
InitGlobal
int InitGlobal(void)
Global initialization common to all runmodes.
Definition: suricata.c:2658
RUNMODE_PCAP_FILE
@ RUNMODE_PCAP_FILE
Definition: runmodes.h:30
LLVMFuzzerTestOneInput
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
Definition: fuzz_decodepcapfile.c:32
suricata_ctl_flags
volatile uint8_t suricata_ctl_flags
Definition: suricata.c:194