davea42
diff --git a/‎fuzz/fuzz_aranges.c‎
Lines changed: 116 additions & 0 deletions b/‎fuzz/fuzz_aranges.c‎
Lines changed: 116 additions & 0 deletions
diff --git a/‎fuzz/fuzz_crc.c‎
Lines changed: 72 additions & 0 deletions b/‎fuzz/fuzz_crc.c‎
Lines changed: 72 additions & 0 deletions
diff --git a/‎fuzz/fuzz_crc_32.c‎
Lines changed: 61 additions & 0 deletions b/‎fuzz/fuzz_crc_32.c‎
Lines changed: 61 additions & 0 deletions
diff --git a/‎fuzz/fuzz_debug_addr_access.c‎
Lines changed: 97 additions & 0 deletions b/‎fuzz/fuzz_debug_addr_access.c‎
Lines changed: 97 additions & 0 deletions
@@ -0,0 +1,116 @@
+/* Copyright 2021 Google LLC
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+      http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+#include <fcntl.h> /* open() O_RDONLY */
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#define O_BINARY 0 /* So it does nothing in Linux/Unix */
+
+/*
+ * Libdwarf library callers can only use these headers.
+ */
+#include "dwarf.h"
+#include "libdwarf.h"
+
+/*
+ * Helper function definitions.
+ */
+static void cleanup_bad_arange(Dwarf_Debug dbg, Dwarf_Arange *arange,
+                               Dwarf_Signed i, Dwarf_Signed count);
+int arange_processing_example(Dwarf_Debug dbg, Dwarf_Error *error);
+
+/*
+ * Fuzzer function
+ */
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  char filename[256];
+  sprintf(filename, "/tmp/libfuzzer.%d", getpid());
+
+  FILE *fp = fopen(filename, "wb");
+  if (!fp) {
+    return 0;
+  }
+  fwrite(data, size, 1, fp);
+  fclose(fp);
+
+  Dwarf_Debug dbg = 0;
+  int res = DW_DLV_ERROR;
+  Dwarf_Error error;
+  Dwarf_Handler errhand = 0;
+  Dwarf_Ptr errarg = 0;
+
+  int fd = open(filename, O_RDONLY | O_BINARY);
+  if (fd < 0) {
+    exit(EXIT_FAILURE);
+  }
+
+  res = dwarf_init_b(fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, &error);
+
+  if (res != DW_DLV_OK) {
+    dwarf_dealloc_error(dbg, error);
+  } else {
+    printf("Processing");
+    arange_processing_example(dbg, &error);
+  }
+
+  dwarf_finish(dbg);
+  close(fd);
+  unlink(filename);
+  return 0;
+}
+
+static void cleanup_bad_arange(Dwarf_Debug dbg, Dwarf_Arange *arange,
+                               Dwarf_Signed i, Dwarf_Signed count) {
+  Dwarf_Signed k = i;
+  for (; k < count; ++k) {
+    dwarf_dealloc(dbg, arange[k], DW_DLA_ARANGE);
+    arange[k] = 0;
+  }
+}
+
+// Source:
+// https://www.prevanders.net/libdwarfdoc/group__aranges.html#ga9b628e21a71f4280f93788815796ef92
+int arange_processing_example(Dwarf_Debug dbg, Dwarf_Error *error) {
+  Dwarf_Signed count = 0;
+  Dwarf_Arange *arange = 0;
+  int res = 0;
+
+  res = dwarf_get_aranges(dbg, &arange, &count, error);
+  if (res == DW_DLV_OK) {
+    Dwarf_Signed i = 0;
+
+    for (i = 0; i < count; ++i) {
+      Dwarf_Arange ara = arange[i];
+      Dwarf_Unsigned segment = 0;
+      Dwarf_Unsigned segment_entry_size = 0;
+      Dwarf_Addr start = 0;
+      Dwarf_Unsigned length = 0;
+      Dwarf_Off cu_die_offset = 0;
+
+      res = dwarf_get_arange_info_b(ara, &segment, &segment_entry_size, &start,
+                                    &length, &cu_die_offset, error);
+      if (res != DW_DLV_OK) {
+        cleanup_bad_arange(dbg, arange, i, count);
+        dwarf_dealloc(dbg, arange, DW_DLA_LIST);
+        return res;
+      }
+      dwarf_dealloc(dbg, ara, DW_DLA_ARANGE);
+      arange[i] = 0;
+    }
+    dwarf_dealloc(dbg, arange, DW_DLA_LIST);
+  }
+  return res;
+}
@@ -0,0 +1,72 @@
+/* Copyright 2021 Google LLC
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+      http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+/*
+ * Libdwarf library callers can only use these headers.
+ */
+#include "dwarf.h"
+#include "libdwarf.h"
+
+/*
+ * Fuzzer function
+ */
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  char filename[256];
+  sprintf(filename, "/tmp/libfuzzer.%d", getpid());
+
+  FILE *fp = fopen(filename, "wb");
+  if (!fp) {
+    return 0;
+  }
+  fwrite(data, size, 1, fp);
+  fclose(fp);
+
+  int fuzz_fd = 0;
+  Dwarf_Ptr errarg = 0;
+  Dwarf_Handler errhand = 0;
+  Dwarf_Error *errp = NULL;
+  Dwarf_Debug dbg = 0;
+  off_t size_left = 0;
+  off_t fsize = 0;
+  ssize_t readlen = 1000;
+  ssize_t readval = 0;
+  unsigned char *readbuf = 0;
+  unsigned int tcrc = 0;
+  unsigned int init = 0;
+
+  fuzz_fd = open(filename, O_RDONLY);
+  fsize = size_left = lseek(fuzz_fd, 0L, SEEK_END);
+  readbuf = (unsigned char *)malloc(readlen);
+  if (fuzz_fd != -1) {
+    while (size_left > 0) {
+      if (size_left < readlen) {
+        readlen = size_left;
+      }
+      readval = read(fuzz_fd, readbuf, readlen);
+      size_left -= readlen;
+      tcrc = dwarf_basic_crc32(readbuf, readlen, init);
+      init = tcrc;
+    }
+  }
+  free(readbuf);
+  close(fuzz_fd);
+  unlink(filename);
+  return 0;
+}
@@ -0,0 +1,61 @@
+/* Copyright 2021 Google LLC
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+      http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+/*
+ * Libdwarf library callers can only use these headers.
+ */
+#include "dwarf.h"
+#include "libdwarf.h"
+
+/*
+ * Fuzzer function targeting dwarf_crc32
+ */
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  char filename[256];
+  sprintf(filename, "/tmp/libfuzzer.%d", getpid());
+
+  FILE *fp = fopen(filename, "wb");
+  if (!fp) {
+    return 0;
+  }
+  fwrite(data, size, 1, fp);
+  fclose(fp);
+
+  int fuzz_fd = 0;
+  Dwarf_Ptr errarg = 0;
+  Dwarf_Handler errhand = 0;
+  Dwarf_Error error;
+  Dwarf_Debug dbg = 0;
+  off_t size_left = 0;
+  off_t fsize = 0;
+  unsigned char *crcbuf = 0;
+  int res = 0;
+
+  fuzz_fd = open(filename, O_RDONLY);
+  fsize = size_left = lseek(fuzz_fd, 0L, SEEK_END);
+  if (fuzz_fd != -1) {
+    dwarf_init_b(fuzz_fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, &error);
+    res = dwarf_crc32(dbg, crcbuf, &error);
+    dwarf_finish(dbg);
+  }
+  close(fuzz_fd);
+  unlink(filename);
+  return 0;
+}
@@ -0,0 +1,97 @@
+/* Copyright 2021 Google LLC
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+      http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+/*
+ * Libdwarf library callers can only use these headers.
+ */
+#include "dwarf.h"
+#include "libdwarf.h"
+
+/*
+ * Fuzzer function
+ */
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  char filename[256];
+  sprintf(filename, "/tmp/libfuzzer.%d", getpid());
+
+  FILE *fp = fopen(filename, "wb");
+  if (!fp) {
+    return 0;
+  }
+  fwrite(data, size, 1, fp);
+  fclose(fp);
+
+  int fuzz_fd = 0;
+  Dwarf_Ptr errarg = 0;
+  Dwarf_Handler errhand = 0;
+  Dwarf_Error *errp = 0;
+  Dwarf_Debug dbg = 0;
+
+  fuzz_fd = open(filename, O_RDONLY);
+  if (fuzz_fd != -1) {
+    int res =
+        dwarf_init_b(fuzz_fd, DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, errp);
+
+    if (res != DW_DLV_OK) {
+      dwarf_finish(dbg);
+      close(fuzz_fd);
+      unlink(filename);
+      return 0;
+    }
+    Dwarf_Debug_Addr_Table debug_address_table;
+    Dwarf_Unsigned dw_section_offset = 0;
+    Dwarf_Unsigned dw_debug_address_table_length = 0;
+    Dwarf_Half dw_version;
+    Dwarf_Small dw_address_size;
+    Dwarf_Unsigned dw_dw_at_addr_base;
+    Dwarf_Unsigned dw_entry_count;
+    Dwarf_Unsigned dw_next_table_offset;
+    res = dwarf_debug_addr_table(dbg, dw_section_offset, &debug_address_table,
+                                 &dw_debug_address_table_length, &dw_version,
+                                 &dw_address_size, &dw_dw_at_addr_base,
+                                 &dw_entry_count, &dw_next_table_offset, errp);
+
+    if (res != DW_DLV_OK) {
+      if (res == DW_DLV_ERROR) {
+        dwarf_dealloc_error(dbg, *errp);
+      }
+      dwarf_finish(dbg);
+      close(fuzz_fd);
+      unlink(filename);
+      return 0;
+    }
+    for (Dwarf_Unsigned curindex = 0; curindex < dw_entry_count; ++curindex) {
+      Dwarf_Unsigned addr = 0;
+      res =
+          dwarf_debug_addr_by_index(debug_address_table, curindex, &addr, errp);
+
+      if (res != DW_DLV_OK) {
+        break;
+      }
+    }
+    dwarf_dealloc_error(dbg, *errp);
+    dwarf_dealloc_debug_addr_table(debug_address_table);
+    dwarf_finish(dbg);
+    close(fuzz_fd);
+  }
+
+  unlink(filename);
+  return 0;
+}