You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

82 lines
2.1 KiB

/*
* unbound-fuzzme.c - parse a packet provided on stdin (for fuzzing).
*
*/
#include "config.h"
#include "util/regional.h"
#include "util/module.h"
#include "util/config_file.h"
#include "iterator/iterator.h"
#include "iterator/iter_priv.h"
#include "iterator/iter_scrub.h"
#include "util/log.h"
#include "util/netevent.h"
#include "util/alloc.h"
#include "sldns/sbuffer.h"
#include "services/cache/rrset.h"
int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t nr) {
log_init("/tmp/foo", 0, NULL);
struct regional* reg;
struct sldns_buffer *pkt = sldns_buffer_new(1);
sldns_buffer_new_frm_data(pkt, buf, nr);
reg = regional_create();
struct msg_parse msg;
struct edns_data edns;
memset(&msg, 0, sizeof(struct msg_parse));
memset(&edns, 0, sizeof(edns));
struct query_info qinfo_out;
memset(&qinfo_out, 0, sizeof(struct query_info));
qinfo_out.qname = (unsigned char *) "\03nic\02de";
uint8_t *peter = (unsigned char *) "\02de"; // zonename
struct module_env env;
memset(&env, 0, sizeof(struct module_env));
struct config_file cfg;
memset(&cfg, 0, sizeof(struct config_file));
cfg.harden_glue = 0; // crashes now, want to remove that later
env.cfg = &cfg;
cfg.rrset_cache_slabs = HASH_DEFAULT_SLABS;
cfg.rrset_cache_size = HASH_DEFAULT_MAXMEM;
struct comm_base* base = comm_base_create(0);
comm_base_timept(base, &env.now, &env.now_tv);
env.alloc = malloc(sizeof(struct alloc_cache));
alloc_init(env.alloc, NULL, 0);
env.rrset_cache = rrset_cache_create(env.cfg, env.alloc);
struct iter_env ie;
memset(&ie, 0, sizeof(struct iter_env));
struct iter_priv priv;
memset(&priv, 0, sizeof(struct iter_priv));
ie.priv = &priv;
if (parse_packet(pkt, &msg, reg) != LDNS_RCODE_NOERROR) {
goto out;
}
if (parse_extract_edns(&msg, &edns, reg) != LDNS_RCODE_NOERROR) {
goto out;
}
scrub_message(pkt, &msg, &qinfo_out, peter, reg, &env, &ie);
out:
rrset_cache_delete(env.rrset_cache);
alloc_clear(env.alloc);
free(env.alloc);
comm_base_delete(base);
regional_destroy(reg);
sldns_buffer_free(pkt);
return 0;
}