Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[20732] Improve xml loading method in fuzz_XMLProfiles #4685

Merged
merged 3 commits into from
Apr 16, 2024
Merged

[20732] Improve xml loading method in fuzz_XMLProfiles #4685

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
389d59b
Refs #20732: Change xml loading method to avoid copy to a file in fuz…
elianalf Apr 12, 2024
9c740bc
Refs #20732: Remove methods no longer used
elianalf Apr 15, 2024
62b4eea
Refs #20732: Apply suggestions
elianalf Apr 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 2 additions & 17 deletions fuzz/C++/fuzz_XMLProfiles/fuzz_XMLProfiles.cxx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
#include <fastrtps/Domain.h>
#include <fastrtps/xmlparser/XMLProfileManager.h>
#include <fastdds/dds/domain/DomainParticipantFactory.hpp>

#include "fuzz_utils.h"

Expand All @@ -23,21 +22,7 @@ extern "C" int LLVMFuzzerTestOneInput(
return EXIT_FAILURE;
}

const char* filename = buf_to_file(data, size);

if (filename == NULL)
{
return EXIT_FAILURE;
}

// TODO change this to a func. taking buf + len (or C string)
// to avoid using `buf_to_file`
xmlparser::XMLProfileManager::loadXMLFile(filename);

if (delete_file(filename) != 0)
{
return EXIT_FAILURE;
}
fastdds::dds::DomainParticipantFactory::get_instance()->load_XML_profiles_string(reinterpret_cast<const char*>(data), size);

return 0;
}
61 changes: 0 additions & 61 deletions fuzz/C++/fuzz_XMLProfiles/fuzz_utils.cxx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,64 +32,3 @@ extern "C" int ignore_stdout(

return ret;
}

extern "C" int delete_file(
const char* pathname)
{
int ret = unlink(pathname);
if (ret == -1)
{
warn("failed to delete \"%s\"", pathname);
}

free((void*)pathname);

return ret;
}

extern "C" char* buf_to_file(
const uint8_t* buf,
size_t size)
{
char* pathname = strdup("/dev/shm/fuzz-XXXXXX");
if (pathname == NULL)
{
return NULL;
}

int fd = mkstemp(pathname);
if (fd == -1)
{
warn("mkstemp(\"%s\")", pathname);
free(pathname);
return NULL;
}

size_t pos = 0;
while (pos < size)
{
int nbytes = write(fd, &buf[pos], size - pos);
if (nbytes <= 0)
{
if (nbytes == -1 && errno == EINTR)
{
continue;
}
warn("write");
goto err;
}
pos += nbytes;
}

if (close(fd) == -1)
{
warn("close");
goto err;
}

return pathname;

err:
delete_file(pathname);
return NULL;
}
16 changes: 0 additions & 16 deletions fuzz/C++/fuzz_XMLProfiles/fuzz_utils.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,5 @@
extern "C" int ignore_stdout(
void);

// Delete the file passed as argument and free the associated buffer. This
// function is meant to be called on buf_to_file return value.
//
// Return 0 on success, -1 otherwise.
extern "C" int delete_file(
const char* pathname);

// Write the data provided in buf to a new temporary file. This function is
// meant to be called by LLVMFuzzerTestOneInput() for fuzz targets that only
// take file names (and not data) as input.
//
// Return the path of the newly created file or NULL on error. The caller should
// eventually free the returned buffer (see delete_file).
extern "C" char* buf_to_file(
const uint8_t* buf,
size_t size);

#endif // FUZZ_UTILS_H_