mirror of
https://github.com/systemd/systemd
synced 2024-10-15 04:24:19 +00:00
tests: add fuzz-bcd
This commit is contained in:
parent
b3bfe6b9e1
commit
4b65fc8725
26
src/boot/efi/fuzz-bcd.c
Normal file
26
src/boot/efi/fuzz-bcd.c
Normal file
|
@ -0,0 +1,26 @@
|
|||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "fuzz.h"
|
||||
#include "utf8.h"
|
||||
|
||||
#include "bcd.c"
|
||||
|
||||
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
||||
_cleanup_free_ void *p = NULL;
|
||||
|
||||
/* This limit was borrowed from src/boot/efi/boot.c */
|
||||
if (size > 100*1024)
|
||||
return 0;
|
||||
|
||||
if (!getenv("SYSTEMD_LOG_LEVEL"))
|
||||
log_set_max_level(LOG_CRIT);
|
||||
|
||||
p = memdup(data, size);
|
||||
assert_se(p);
|
||||
|
||||
char16_t *title = get_bcd_title(p, size);
|
||||
assert_se(!title || char16_strlen(title) >= 0);
|
||||
return 0;
|
||||
}
|
|
@ -360,6 +360,9 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
|
|||
[],
|
||||
'HAVE_ZSTD'],
|
||||
]
|
||||
fuzzers += [
|
||||
[['src/boot/efi/fuzz-bcd.c']],
|
||||
]
|
||||
endif
|
||||
|
||||
systemd_boot_objects = []
|
||||
|
|
|
@ -36,6 +36,13 @@ else
|
|||
apt-get install -y gperf m4 gettext python3-pip \
|
||||
libcap-dev libmount-dev libkmod-dev \
|
||||
pkg-config wget python3-jinja2
|
||||
|
||||
# gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
|
||||
# is hidden. It isn't linked against efi. It doesn't
|
||||
# even include "efi.h" because "bcd.c" can work in "unit test" mode
|
||||
# where it isn't necessary.
|
||||
apt-get install -y gnu-efi zstd
|
||||
|
||||
pip3 install -r .github/workflows/requirements.txt --require-hashes
|
||||
|
||||
# https://github.com/google/oss-fuzz/issues/6868
|
||||
|
@ -56,6 +63,15 @@ fi
|
|||
|
||||
ninja -v -C "$build" fuzzers
|
||||
|
||||
# Compressed BCD files are kept in test/test-bcd so let's unpack them
|
||||
# and put them all in the seed corpus.
|
||||
bcd=$(mktemp -d)
|
||||
for i in test/test-bcd/*.zst; do
|
||||
unzstd "$i" -o "$bcd/$(basename "${i%.zst}")";
|
||||
done
|
||||
zip -jqr "$OUT/fuzz-bcd_seed_corpus.zip" "$bcd"
|
||||
rm -rf "$bcd"
|
||||
|
||||
# The seed corpus is a separate flat archive for each fuzzer,
|
||||
# with a fixed name ${fuzzer}_seed_corpus.zip.
|
||||
for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do
|
||||
|
|
Loading…
Reference in a new issue