diff --git a/scripts/fuzz/fuzz_command_parser.c b/scripts/fuzz/fuzz_command_parser.c index 5131eff66..4a35d5a91 100644 --- a/scripts/fuzz/fuzz_command_parser.c +++ b/scripts/fuzz/fuzz_command_parser.c @@ -1,6 +1,11 @@ -#include "fuzz_standalone.h" -#include "fuzz_rtpp_utils.h" +#include +#include +#include +#include +#include "fuzz_standalone.h" +#include "rfz_utils.h" +#include "rfz_command.h" #include "rfz_chunk.h" int diff --git a/scripts/fuzz/fuzz_rtp_session.c b/scripts/fuzz/fuzz_rtp_session.c index 00fdaf8fb..8dede8193 100644 --- a/scripts/fuzz/fuzz_rtp_session.c +++ b/scripts/fuzz/fuzz_rtp_session.c @@ -2,12 +2,19 @@ #include #include #include +#include #include +#include #include "fuzz_standalone.h" -#include "fuzz_rtpp_utils.h" +#define HAVE_CONFIG_H 1 +#include "config_pp.h" + +#include "rtpp_types.h" +#include "rtpp_cfg.h" #include "rtp.h" +#include "rtpp_time.h" #include "rtp_packet.h" #include "rtpp_session.h" #include "rtpp_pipe.h" @@ -15,10 +22,17 @@ #include "rtpp_network.h" #include "rtpp_stream.h" #include "rtpp_ttl.h" +#include "rtpp_codeptr.h" +#include "rtpp_refcnt.h" +#include "rtpp_command.h" +#include "rtpp_weakref.h" +#include "rtpp_hash_table.h" #include "advanced/packet_processor.h" #include "advanced/pproc_manager.h" #include "rfz_chunk.h" +#include "rfz_utils.h" +#include "rfz_command.h" static struct { sem_t wi_proc_done; diff --git a/scripts/fuzz/fuzz_standalone.h b/scripts/fuzz/fuzz_standalone.h index a33a7e472..447507ee2 100644 --- a/scripts/fuzz/fuzz_standalone.h +++ b/scripts/fuzz/fuzz_standalone.h @@ -8,27 +8,6 @@ #include #endif /* FUZZ_STANDALONE */ -#if defined(__linux__) -static int optreset; /* Not present in linux */ -#endif - -static struct opt_save { - char *optarg; - int optind; - int optopt; - int opterr; - int optreset; -} opt_save; - -#define OPT_SAVE() (opt_save = (struct opt_save){optarg, optind, optopt, opterr, optreset}) -#define OPT_RESTORE() ({ \ - optarg = opt_save.optarg; \ - optind = opt_save.optind; \ - optopt = opt_save.optopt; \ - opterr = opt_save.opterr; \ - optreset = opt_save.optreset; \ -}) - #if defined(FUZZ_STANDALONE) extern int LLVMFuzzerInitialize(int *argc, char ***argv) __attribute__((__weak__)); @@ -52,7 +31,6 @@ main(int argc, char *argv[]) size_t size; fflag = 0; - OPT_SAVE(); while ((ch = getopt(argc, argv, "f")) != -1) { switch (ch) { case 'f': @@ -64,7 +42,6 @@ main(int argc, char *argv[]) } argc -= optind; argv += optind; - OPT_RESTORE(); assert(argc == 1); if (fflag) { diff --git a/scripts/fuzz/oss-fuzz-build.sh b/scripts/fuzz/oss-fuzz-build.sh index ac2757f86..bfc211c05 100755 --- a/scripts/fuzz/oss-fuzz-build.sh +++ b/scripts/fuzz/oss-fuzz-build.sh @@ -101,15 +101,15 @@ do done make -C src librtpproxy.la -CFLAGS="${CFLAGS} -flto -fPIE -fPIC" -CXXFLAGS="${CXXFLAGS} -flto -fPIE -fPIC" +CFLAGS="${CFLAGS} -flto -fPIE -fPIC -fvisibility=hidden" +CXXFLAGS="${CXXFLAGS} -flto -fPIE -fPIC -fvisibility=hidden" RTPPLIB="src/.libs/librtpproxy.a" -for src in rfz_chunk.c +for src in rfz_chunk.c rfz_command.c rfz_utils.c do obj="${OUT}/${src%.*}.o" src=scripts/fuzz/${src} - ${CC} ${CFLAGS} ${LIB_FUZZING_ENGINE} -o ${obj} -c ${src} + ${CC} ${CFLAGS} ${LIB_FUZZING_ENGINE} -Isrc -o ${obj} -c ${src} OBJS="${OBJS} ${obj}" done diff --git a/scripts/fuzz/rfz_command.c b/scripts/fuzz/rfz_command.c new file mode 100644 index 000000000..6cda6b6ed --- /dev/null +++ b/scripts/fuzz/rfz_command.c @@ -0,0 +1,45 @@ +#include +#include +#include +#include + +#define HAVE_CONFIG_H 1 +#include "config_pp.h" + +#include "rtpp_types.h" +#include "rtpp_cfg.h" +#include "rtpp_refcnt.h" +#include "rtpp_command.h" +#include "rtpp_command_args.h" +#include "rtpp_command_sub.h" +#include "rtpp_command_private.h" +#include "rtpp_command_stats.h" +#include "rtpp_time.h" + +#include "rfz_utils.h" +#include "rfz_command.h" + +int +ExecuteRTPPCommand(struct rtpp_conf *gcp, const char *data, size_t size) +{ + struct rtpp_timestamp dtime = {}; + static struct rtpp_command_stats cstat = {}; + struct rtpp_command *cmd; + int rval = -1; + + if (size >= RTPP_CMD_BUFLEN) + return (-1); + + cmd = rtpp_command_ctor(gcp->cfsp, gcp->tfd, &dtime, &cstat, 0); + if (cmd == NULL) + return (-1); + memcpy(cmd->buf, data, size); + cmd->buf[size] = '\0'; + + rval = rtpp_command_split(cmd, size, &rval, NULL); + if (rval == 0) { + rval = handle_command(gcp->cfsp, cmd); + } + free_command(cmd); + return (rval); +} diff --git a/scripts/fuzz/rfz_command.h b/scripts/fuzz/rfz_command.h new file mode 100644 index 000000000..af0240f9f --- /dev/null +++ b/scripts/fuzz/rfz_command.h @@ -0,0 +1,3 @@ +#pragma once + +int ExecuteRTPPCommand(struct rtpp_conf *, const char *, size_t); diff --git a/scripts/fuzz/fuzz_rtpp_utils.h b/scripts/fuzz/rfz_utils.c similarity index 70% rename from scripts/fuzz/fuzz_rtpp_utils.h rename to scripts/fuzz/rfz_utils.c index 30b631b50..27d6911d8 100644 --- a/scripts/fuzz/fuzz_rtpp_utils.h +++ b/scripts/fuzz/rfz_utils.c @@ -1,5 +1,3 @@ -#pragma once - #include #include #include @@ -20,12 +18,6 @@ #include "rtpp_refcnt.h" #include "rtpp_log_stand.h" #include "rtpp_log_obj.h" -#include "rtpp_command_args.h" -#include "rtpp_command.h" -#include "rtpp_command_sub.h" -#include "rtpp_command_private.h" -#include "rtpp_command_async.h" -#include "rtpp_command_stats.h" #include "rtpp_proc_async.h" #include "rtpp_hash_table.h" #include "rtpp_weakref.h" @@ -36,14 +28,32 @@ #include "librtpproxy.h" -struct rtpp_conf { - struct rtpp_cfg *cfsp; - int tfd; -}; +#include "rfz_utils.h" #define howmany(x, y) (sizeof(x) / sizeof(y)) -static struct rtpp_conf gconf; +struct rtpp_conf gconf; + +#if defined(__linux__) +static int optreset; /* Not present in linux */ +#endif + +static struct opt_save { + char *optarg; + int optind; + int optopt; + int opterr; + int optreset; +} opt_save; + +#define OPT_SAVE() (opt_save = (struct opt_save){optarg, optind, optopt, opterr, optreset}) +#define OPT_RESTORE() ({ \ + optarg = opt_save.optarg; \ + optind = opt_save.optind; \ + optopt = opt_save.optopt; \ + opterr = opt_save.opterr; \ + optreset = opt_save.optreset; \ +}) static void cleanupHandler(void) @@ -83,23 +93,14 @@ RAND_METHOD dummy = { .status = &dRAND_status, }; -static void +void SeedRNGs(void) { offset = 0; seedrandom(); } -static struct RTPPInitializeParams { - const char *ttl; - const char *setup_ttl; - const char *socket; - const char *debug_level; - const char *notify_socket; - const char *rec_spool_dir; - const char *rec_final_dir; - const char *modules[]; -} RTPPInitializeParams = { +struct RTPPInitializeParams RTPPInitializeParams = { .ttl = "1", .setup_ttl = "1", .socket = NULL, @@ -112,7 +113,7 @@ static struct RTPPInitializeParams { extern void __afl_manual_init(void) __attribute__((__weak__)); -static int +int RTPPInitialize(void) { const struct RTPPInitializeParams *rp = &RTPPInitializeParams; @@ -156,28 +157,3 @@ RTPPInitialize(void) e0: return (-1); } - -static int -ExecuteRTPPCommand(struct rtpp_conf *gcp, const char *data, size_t size) -{ - struct rtpp_timestamp dtime = {}; - static struct rtpp_command_stats cstat = {}; - struct rtpp_command *cmd; - int rval = -1; - - if (size >= RTPP_CMD_BUFLEN) - return (-1); - - cmd = rtpp_command_ctor(gcp->cfsp, gcp->tfd, &dtime, &cstat, 0); - if (cmd == NULL) - return (-1); - memcpy(cmd->buf, data, size); - cmd->buf[size] = '\0'; - - rval = rtpp_command_split(cmd, size, &rval, NULL); - if (rval == 0) { - rval = handle_command(gcp->cfsp, cmd); - } - free_command(cmd); - return (rval); -} diff --git a/scripts/fuzz/rfz_utils.h b/scripts/fuzz/rfz_utils.h new file mode 100644 index 000000000..3cc2d0f5f --- /dev/null +++ b/scripts/fuzz/rfz_utils.h @@ -0,0 +1,23 @@ +#pragma once + +struct RTPPInitializeParams { + const char *ttl; + const char *setup_ttl; + const char *socket; + const char *debug_level; + const char *notify_socket; + const char *rec_spool_dir; + const char *rec_final_dir; + const char *modules[]; +}; + +struct rtpp_conf { + struct rtpp_cfg *cfsp; + int tfd; +}; + +int RTPPInitialize(void); +void SeedRNGs(void); + +extern struct rtpp_conf gconf; +extern struct RTPPInitializeParams RTPPInitializeParams;