• Home
  • History
  • Annotate
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * # Copyright 2020 Google Inc.
3  * #
4  * # Licensed under the Apache License, Version 2.0 (the "License");
5  * # you may not use this file except in compliance with the License.
6  * # You may obtain a copy of the License at
7  * #
8  * #      http://www.apache.org/licenses/LICENSE-2.0
9  * #
10  * # Unless required by applicable law or agreed to in writing, software
11  * # distributed under the License is distributed on an "AS IS" BASIS,
12  * # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * # See the License for the specific language governing permissions and
14  * # limitations under the License.
15  * #
16  * ################################################################################
17  * */
18 #define HPACK_STANDALONE
19 
20 #include <stdint.h>
21 #include <string.h>
22 #include <stdlib.h>
23 #include <ctype.h>
24 #include <inttypes.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <unistd.h>
28 
29 #include <haproxy/chunk.h>
30 #include <haproxy/hpack-dec.h>
31 
32 #define MAX_RQ_SIZE 65536
33 #define MAX_HDR_NUM 1000
34 
35 char hex[MAX_RQ_SIZE*3+3]; // enough for "[ XX]* <CR> <LF> \0"
36 uint8_t buf[MAX_RQ_SIZE];
37 
38 char trash_buf[MAX_RQ_SIZE];
39 char tmp_buf[MAX_RQ_SIZE];
40 
41 struct buffer tmp   = { .area = tmp_buf,   .data = 0, .size = sizeof(tmp_buf)   };
42 
43 /* Empty function we dont need - we just need a callback */
debug_hexdump(FILE * out,const char * pfx,const char * buf,unsigned int baseaddr,int len)44 void debug_hexdump(FILE *out, const char *pfx, const char *buf,
45                    unsigned int baseaddr, int len)
46 { }
47 
48 // These must be included here
49 #include "../src/hpack-huff.c"
50 #include "../src/hpack-tbl.c"
51 #include "../src/hpack-dec.c"
52 
53 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)54 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size){
55         char *new_str = (char *)malloc(size+1);
56         struct hpack_dht *dht;
57         struct pool_head pool;
58         int dht_size = 4096;
59         if (new_str == NULL){
60                 return 0;
61         }
62         memcpy(new_str, data, size);
63         new_str[size] = '\0';
64         struct http_hdr list[MAX_HDR_NUM];
65 
66         pool.size = dht_size;
67         pool_head_hpack_tbl = &pool;
68         dht = hpack_dht_alloc();
69 
70         if (dht != NULL)
71         {
72             hpack_decode_frame(dht, new_str, size, list,sizeof(list)/sizeof(list[0]), &tmp);
73             if (dht != NULL)
74             {
75                 free(dht);
76             }
77         }
78         free(new_str);
79         return 0;
80 }
81