diff --git a/projects/haproxy/build.sh b/projects/haproxy/build.sh index 7dc4d4e97..7b41b8128 100755 --- a/projects/haproxy/build.sh +++ b/projects/haproxy/build.sh @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. # -################################################################################ export ORIG_CFLAGS=${CFLAGS} cd haproxy @@ -24,20 +23,23 @@ sed 's/CFLAGS = $(ARCH_FLAGS) $(CPU_CFLAGS) $(DEBUG_CFLAGS) $(SPEC_CFLAGS)/CFLAG sed 's/LDFLAGS = $(ARCH_FLAGS) -g/LDFLAGS = $(ARCH_FLAGS) -g ${CXXFLAGS}/g' -i Makefile make TARGET=generic -cd contrib/hpack -cp /src/fuzz_hpack_decode.c . -$CC $CFLAGS -g -I../../include -I../../ebtree -fwrapv -fno-strict-aliasing -c fuzz_hpack_decode.c -o fuzz_hpack_decode.o -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE ./fuzz_hpack_decode.o -o $OUT/fuzz_hpack_decode - # Make a copy of the main file since it has many global functions we need to declare # We dont want the main function but we need the rest of the stuff in haproxy.c cd /src/haproxy sed 's/int main(int argc/int main2(int argc/g' -i ./src/haproxy.c +sed 's/dladdr(main,/dladdr(main2,/g' -i ./src/standard.c +sed 's/(void*)main/(void*)main2/g' -i ./src/standard.c + $CC $CFLAGS -Iinclude -Iebtree -g -DUSE_POLL -DUSE_TPROXY -DCONFIG_HAPROXY_VERSION=\"\" -DCONFIG_HAPROXY_DATE=\"\" -c -o ./src/haproxy.o ./src/haproxy.c ar cr libetree.a ./ebtree/*.o ar cr libhaproxy.a ./src/*.o +cp $SRC/fuzz_hpack_decode.c . +$CC $CFLAGS -Iinclude -Iebtree -g -DUSE_POLL -DUSE_TPROXY -DCONFIG_HAPROXY_VERSION=\"\" -DCONFIG_HAPROXY_DATE=\"\" -c fuzz_hpack_decode.c -o fuzz_hpack_decode.o +$CXX -g $CXXFLAGS $LIB_FUZZING_ENGINE fuzz_hpack_decode.o libhaproxy.a libetree.a -o $OUT/fuzz_hpack_decode + # Now compile more fuzzers cp $SRC/fuzz_cfg_parser.c . $CC $CFLAGS -Iinclude -Iebtree -g -DUSE_POLL -DUSE_TPROXY -DCONFIG_HAPROXY_VERSION=\"\" -DCONFIG_HAPROXY_DATE=\"\" -c -o fuzz_cfg_parser.o fuzz_cfg_parser.c $CXX -g $CXXFLAGS $LIB_FUZZING_ENGINE fuzz_cfg_parser.o libhaproxy.a libetree.a -o $OUT/fuzz_cfg_parser +################################################################################ diff --git a/projects/haproxy/fuzz_hpack_decode.c b/projects/haproxy/fuzz_hpack_decode.c index 563f91b0d..32c0b3ec4 100644 --- a/projects/haproxy/fuzz_hpack_decode.c +++ b/projects/haproxy/fuzz_hpack_decode.c @@ -23,9 +23,11 @@ #include #include #include + #include #include #include +#define HPACK_STANDALONE #define MAX_RQ_SIZE 65536 #define MAX_HDR_NUM 1000 @@ -36,10 +38,8 @@ uint8_t buf[MAX_RQ_SIZE]; char trash_buf[MAX_RQ_SIZE]; char tmp_buf[MAX_RQ_SIZE]; -struct buffer trash = { .area = trash_buf, .data = 0, .size = sizeof(trash_buf) }; struct buffer tmp = { .area = tmp_buf, .data = 0, .size = sizeof(tmp_buf) }; - /* Empty function we dont need - we just need a callback */ void debug_hexdump(FILE *out, const char *pfx, const char *buf, unsigned int baseaddr, int len) @@ -54,21 +54,27 @@ void debug_hexdump(FILE *out, const char *pfx, const char *buf, int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size){ char *new_str = (char *)malloc(size+1); struct hpack_dht *dht; + struct pool_head pool; int dht_size = 4096; if (new_str == NULL){ return 0; } memcpy(new_str, data, size); new_str[size] = '\0'; - struct http_hdr list[MAX_HDR_NUM]; + struct http_hdr list[MAX_HDR_NUM]; + + pool.size = dht_size; + pool_head_hpack_tbl = &pool; + dht = hpack_dht_alloc(); - dht = hpack_dht_alloc(dht_size); - hpack_decode_frame(dht, new_str, size, list,sizeof(list)/sizeof(list[0]), &tmp); if (dht != NULL) { - free(dht); + hpack_decode_frame(dht, new_str, size, list,sizeof(list)/sizeof(list[0]), &tmp); + if (dht != NULL) + { + free(dht); + } } - free(new_str); return 0; } diff --git a/projects/haproxy/project.yaml b/projects/haproxy/project.yaml index 5bef20bcb..f1400c295 100755 --- a/projects/haproxy/project.yaml +++ b/projects/haproxy/project.yaml @@ -7,4 +7,3 @@ auto_ccs: - "willy@1wt.eu" sanitizers: - address - - memory