Enabling fuzzers to run on continuous fuzzing plaform

Test: build with ANITIZE_HOST=address SANITIZE_TARGET=hwaddress m fuzzer_connect and run: INFO: Seed: 2237440050 INFO: Loaded 3 modules (51446 inline 8-bit counters): 17625 [0x7f8b0ef9fa50, 0x7f8b0efa3f29), 17495 [0x7f8b0f3dca70, 0x7f8b0f3e0ec7), 16326 [0x55e5292aa6b0, 0x55e5292ae676), INFO: Loaded 3 PC tables (51446 PCs): 17625 [0x7f8b0efa3f30,0x7f8b0efe8cc0), 17495 [0x7f8b0f3e0ec8,0x7f8b0f425438), 16326 [0x55e5292ae678,0x55e5292ee2d8), INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes INFO: A corpus is not provided, starting from an empty corpus 2 INITED cov: 3 ft: 3 corp: 1/1b exec/s: 0 rss: 43Mb Change-Id: If41c505881cc2dba7a71fa4eea2caa72433aa6c0
author: hamzeh <hamzeh@google.com> 2020-10-29 16:26:23 -0700
committer: Hamzeh Zawawy <hamzeh@google.com> 2020-10-30 02:02:15 +0000
commit: 650697ee781dd7500f234cc06ff577897f1bd822 (patch)
tree: c79f80244fe58af55bfe414f936c9451099c2ab1
parent: 1bc86e5df66a7e5bacbe03fb073ed9bfbd785753 (diff)
download: usrsctp-650697ee781dd7500f234cc06ff577897f1bd822.tar.gz
3 files changed, 62 insertions, 7 deletions
diff --git a/Android.bp b/Android.bp
index 972ec97..de49714 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1,7 +1,5 @@
-cc_library_static {
-    name: "usrsctplib",
-    // vendor needed for libpreprocessing effects.
-    vendor: true,
+cc_defaults {
+    name: "usrsctplib_defaults",
     srcs: [
         "usrsctplib/netinet/sctp_asconf.c",
         "usrsctplib/netinet/sctp_auth.c",
@@ -56,5 +54,47 @@ cc_library_static {
         "libcrypto",
     ],
     host_supported: true,
+}
+
+cc_library_static {
+    name: "usrsctplib",
+    // vendor needed for libpreprocessing effects.
+    vendor: true,
+    defaults: ["usrsctplib_defaults"],
     visibility: ["//external/webrtc:__subpackages__"],
 }
+
+cc_library_static {
+    name: "usrsctp_fuzz_lib",
+    defaults: ["usrsctplib_defaults"],
+}
+
+cc_fuzz {
+    name: "fuzzer_connect",
+    srcs: [
+        "fuzzer/fuzzer_connect.c",
+    ],
+    static_libs: [
+        "usrsctp_fuzz_lib",
+    ],
+    shared_libs: [
+        "libcrypto",
+    ],
+    host_supported: true,
+    corpus: ["CORPUS_CONNECT/*"],
+}
+
+cc_fuzz {
+    name: "fuzzer_listen",
+    srcs: [
+        "fuzzer/fuzzer_listen.c",
+    ],
+    static_libs: [
+        "usrsctp_fuzz_lib",
+    ],
+    shared_libs: [
+        "libcrypto",
+    ],
+    host_supported: true,
+    corpus: ["CORPUS_LISTEN/*"],
+}
diff --git a/fuzzer/fuzzer_connect.c b/fuzzer/fuzzer_connect.c
index 61d4ec3..c7f3d99 100644
--- a/fuzzer/fuzzer_connect.c
+++ b/fuzzer/fuzzer_connect.c
@@ -34,6 +34,7 @@
 #include <stdarg.h>
 #include <assert.h>
 #include <usrsctp.h>
+#include <openssl/sha.h>
 #include "../programs/programs_helper.h"
 
 //#define FUZZ_VERBOSE
@@ -67,6 +68,9 @@ static uint32_t assoc_vtag = 0;
 
 static void
 dump_packet(const void *buffer, size_t bufferlen, int inout) {
+(void) buffer;
+(void) bufferlen;
+(void) inout;
 #ifdef FUZZ_VERBOSE
 	static char *dump_buf;
 	if ((dump_buf = usrsctp_dumppacket(buffer, bufferlen, inout)) != NULL) {
@@ -80,6 +84,9 @@ dump_packet(const void *buffer, size_t bufferlen, int inout) {
 static int
 conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
 {
+	(void) addr;
+	(void) tos;
+	(void) set_df;
 	struct sctp_init_chunk *init_chunk;
 	const char *init_chunk_first_bytes = "\x13\x88\x13\x89\x00\x00\x00\x00\x00\x00\x00\x00\x01";
 	// Looking for the outgoing VTAG.
@@ -99,6 +106,8 @@ conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
 static void
 handle_upcall(struct socket *sock, void *arg, int flgs)
 {
+	(void) arg;
+	(void) flgs;
 	fuzzer_printf("handle_upcall()\n");
 	int events = usrsctp_get_events(sock);
 
@@ -443,5 +452,3 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 	return (0);
 }
 
-
-
diff --git a/fuzzer/fuzzer_listen.c b/fuzzer/fuzzer_listen.c
index e6e873c..7d0e58e 100644
--- a/fuzzer/fuzzer_listen.c
+++ b/fuzzer/fuzzer_listen.c
@@ -32,6 +32,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <usrsctp.h>
+#include <openssl/sha.h>
 #include "../programs/programs_helper.h"
 
 #define FUZZ_FAST 1
@@ -53,6 +54,11 @@ struct socket *s_l;
 static int
 conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
 {
+	(void) addr;
+	(void) buf;
+	(void) length;
+	(void) tos;
+	(void) set_df;
 #if 0
 	char *dump_buf;
 	if ((dump_buf = usrsctp_dumppacket(buf, length, SCTP_DUMP_OUTBOUND)) != NULL) {
@@ -66,6 +72,9 @@ conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
 static void
 handle_upcall(struct socket *sock, void *arg, int flgs)
 {
+	(void) sock;
+	(void) arg;
+	(void) flgs;
 	fuzzer_printf("Listening socket established, implement logic!\n");
 	exit(EXIT_FAILURE);
 }
@@ -167,4 +176,3 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 	return (0);
 }
 
-
author	hamzeh <hamzeh@google.com>	2020-10-29 16:26:23 -0700
committer	Hamzeh Zawawy <hamzeh@google.com>	2020-10-30 02:02:15 +0000
commit	650697ee781dd7500f234cc06ff577897f1bd822 (patch)
tree	c79f80244fe58af55bfe414f936c9451099c2ab1
parent	1bc86e5df66a7e5bacbe03fb073ed9bfbd785753 (diff)
download	usrsctp-650697ee781dd7500f234cc06ff577897f1bd822.tar.gz