xref: /aosp_15_r20/external/libpcap/testprogs/fuzz/fuzz_pcap.c (revision 8b26181f966a6af5cf6981a6f474313de533bb28) 
1*8b26181fSAndroid Build Coastguard Worker #include <stdio.h>
2*8b26181fSAndroid Build Coastguard Worker #include <stdlib.h>
3*8b26181fSAndroid Build Coastguard Worker #include <fcntl.h>
4*8b26181fSAndroid Build Coastguard Worker #include <errno.h>
5*8b26181fSAndroid Build Coastguard Worker 
6*8b26181fSAndroid Build Coastguard Worker #include <pcap/pcap.h>
7*8b26181fSAndroid Build Coastguard Worker 
8*8b26181fSAndroid Build Coastguard Worker FILE * outfile = NULL;
9*8b26181fSAndroid Build Coastguard Worker 
bufferToFile(const char * name,const uint8_t * Data,size_t Size)10*8b26181fSAndroid Build Coastguard Worker static int bufferToFile(const char * name, const uint8_t *Data, size_t Size) {
11*8b26181fSAndroid Build Coastguard Worker     FILE * fd;
12*8b26181fSAndroid Build Coastguard Worker     if (remove(name) != 0) {
13*8b26181fSAndroid Build Coastguard Worker         if (errno != ENOENT) {
14*8b26181fSAndroid Build Coastguard Worker             printf("failed remove, errno=%d\n", errno);
15*8b26181fSAndroid Build Coastguard Worker             return -1;
16*8b26181fSAndroid Build Coastguard Worker         }
17*8b26181fSAndroid Build Coastguard Worker     }
18*8b26181fSAndroid Build Coastguard Worker     fd = fopen(name, "wb");
19*8b26181fSAndroid Build Coastguard Worker     if (fd == NULL) {
20*8b26181fSAndroid Build Coastguard Worker         printf("failed open, errno=%d\n", errno);
21*8b26181fSAndroid Build Coastguard Worker         return -2;
22*8b26181fSAndroid Build Coastguard Worker     }
23*8b26181fSAndroid Build Coastguard Worker     if (fwrite (Data, 1, Size, fd) != Size) {
24*8b26181fSAndroid Build Coastguard Worker         fclose(fd);
25*8b26181fSAndroid Build Coastguard Worker         return -3;
26*8b26181fSAndroid Build Coastguard Worker     }
27*8b26181fSAndroid Build Coastguard Worker     fclose(fd);
28*8b26181fSAndroid Build Coastguard Worker     return 0;
29*8b26181fSAndroid Build Coastguard Worker }
30*8b26181fSAndroid Build Coastguard Worker 
fuzz_openFile(const char * name)31*8b26181fSAndroid Build Coastguard Worker void fuzz_openFile(const char * name) {
32*8b26181fSAndroid Build Coastguard Worker     if (outfile != NULL) {
33*8b26181fSAndroid Build Coastguard Worker         fclose(outfile);
34*8b26181fSAndroid Build Coastguard Worker     }
35*8b26181fSAndroid Build Coastguard Worker     outfile = fopen(name, "w");
36*8b26181fSAndroid Build Coastguard Worker }
37*8b26181fSAndroid Build Coastguard Worker 
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)38*8b26181fSAndroid Build Coastguard Worker int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
39*8b26181fSAndroid Build Coastguard Worker     pcap_t * pkts;
40*8b26181fSAndroid Build Coastguard Worker     char errbuf[PCAP_ERRBUF_SIZE];
41*8b26181fSAndroid Build Coastguard Worker     const u_char *pkt;
42*8b26181fSAndroid Build Coastguard Worker     struct pcap_pkthdr *header;
43*8b26181fSAndroid Build Coastguard Worker     struct pcap_stat stats;
44*8b26181fSAndroid Build Coastguard Worker     int r;
45*8b26181fSAndroid Build Coastguard Worker 
46*8b26181fSAndroid Build Coastguard Worker     //initialize output file
47*8b26181fSAndroid Build Coastguard Worker     if (outfile == NULL) {
48*8b26181fSAndroid Build Coastguard Worker         outfile = fopen("/dev/null", "w");
49*8b26181fSAndroid Build Coastguard Worker         if (outfile == NULL) {
50*8b26181fSAndroid Build Coastguard Worker             return 0;
51*8b26181fSAndroid Build Coastguard Worker         }
52*8b26181fSAndroid Build Coastguard Worker     }
53*8b26181fSAndroid Build Coastguard Worker 
54*8b26181fSAndroid Build Coastguard Worker     //rewrite buffer to a file as libpcap does not have buffer inputs
55*8b26181fSAndroid Build Coastguard Worker     if (bufferToFile("/tmp/fuzz.pcap", Data, Size) < 0) {
56*8b26181fSAndroid Build Coastguard Worker         return 0;
57*8b26181fSAndroid Build Coastguard Worker     }
58*8b26181fSAndroid Build Coastguard Worker 
59*8b26181fSAndroid Build Coastguard Worker     //initialize structure
60*8b26181fSAndroid Build Coastguard Worker     pkts = pcap_open_offline("/tmp/fuzz.pcap", errbuf);
61*8b26181fSAndroid Build Coastguard Worker     if (pkts == NULL) {
62*8b26181fSAndroid Build Coastguard Worker         fprintf(outfile, "Couldn't open pcap file %s\n", errbuf);
63*8b26181fSAndroid Build Coastguard Worker         return 0;
64*8b26181fSAndroid Build Coastguard Worker     }
65*8b26181fSAndroid Build Coastguard Worker 
66*8b26181fSAndroid Build Coastguard Worker     //loop over packets
67*8b26181fSAndroid Build Coastguard Worker     r = pcap_next_ex(pkts, &header, &pkt);
68*8b26181fSAndroid Build Coastguard Worker     while (r > 0) {
69*8b26181fSAndroid Build Coastguard Worker         //TODO pcap_offline_filter
70*8b26181fSAndroid Build Coastguard Worker         fprintf(outfile, "packet length=%d/%d\n",header->caplen, header->len);
71*8b26181fSAndroid Build Coastguard Worker         r = pcap_next_ex(pkts, &header, &pkt);
72*8b26181fSAndroid Build Coastguard Worker     }
73*8b26181fSAndroid Build Coastguard Worker     if (pcap_stats(pkts, &stats) == 0) {
74*8b26181fSAndroid Build Coastguard Worker         fprintf(outfile, "number of packets=%d\n", stats.ps_recv);
75*8b26181fSAndroid Build Coastguard Worker     }
76*8b26181fSAndroid Build Coastguard Worker     //close structure
77*8b26181fSAndroid Build Coastguard Worker     pcap_close(pkts);
78*8b26181fSAndroid Build Coastguard Worker 
79*8b26181fSAndroid Build Coastguard Worker     return 0;
80*8b26181fSAndroid Build Coastguard Worker }
81