fuzz-nspawn-oci: add fuzzer for the oci bundle loader

2019-03-21 23:16:56 +01:00 · 2019-03-21 23:16:56 +01:00 · 9ddd62cda1
parent 8238423095
commit 9ddd62cda1
3 changed files with 174 additions and 0 deletions
--- a/src/fuzz/fuzz-nspawn-oci.c
+++ b/src/fuzz/fuzz-nspawn-oci.c
@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include <errno.h>
+
+#include "alloc-util.h"
+#include "fd-util.h"
+#include "fuzz.h"
+#include "nspawn-oci.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+        _cleanup_fclose_ FILE *f = NULL;
+        _cleanup_(settings_freep) Settings *s = NULL;
+
+        if (size == 0)
+                return 0;
+
+        f = fmemopen((char*) data, size, "re");
+        assert_se(f);
+
+        /* We don't want to fill the logs with messages about parse errors.
+         * Disable most logging if not running standalone */
+        if (!getenv("SYSTEMD_LOG_LEVEL"))
+                log_set_max_level(LOG_CRIT);
+
+        (void) oci_load(f, "/dev/null", &s);
+
+        return 0;
+}
--- a/src/fuzz/meson.build
+++ b/src/fuzz/meson.build
@ -130,6 +130,11 @@ fuzzers += [
          libnspawn_core],
         []],

+        [['src/fuzz/fuzz-nspawn-oci.c'],
+         [libshared,
+          libnspawn_core],
+         []],
+
        [['src/fuzz/fuzz-calendarspec.c'],
         [libshared],
         []],
--- a/test/fuzz/fuzz-nspawn-oci/basic.json
+++ b/test/fuzz/fuzz-nspawn-oci/basic.json
@ -0,0 +1,141 @@
+{
+    "ociVersion": "1.0.0",
+
+    "root": {
+        "path": "rootfs",
+        "readonly": true
+    },
+
+    "process": {
+        "terminal": false,
+        "consoleSize": {
+            "height":6667,
+            "width":6668
+        },
+
+        "user": {
+            "uid": 14,
+            "gid": 14,
+            "additionalGids": [59, 81]
+        },
+
+        "args": [
+            "/tmp/verify.sh"
+        ],
+
+        "env": [
+            "FOO=BAR",
+            "WITHSPACES=FOO BAR",
+            "WITHSHELLCHARS=$ASDF \\\"asdf asdf\\\" !",
+            "WITHCONTROLCHARS=\\123\\125\\010\\020",
+            "TERM=xterm"
+        ],
+
+        "cwd": "/tmp/src",
+
+        "rlimits": [
+            {
+                "type": "RLIMIT_NOFILE",
+                "hard": 1020,
+                "soft": 1020
+            }
+        ]
+    },
+
+    "mounts": [
+        {
+            "destination": "/tmp/src",
+            "source": "src",
+            "options": ["ro"]
+        },
+
+        {
+            "destination": "/tmp/verify.sh",
+            "source": "verify.sh",
+            "options": ["ro"]
+        },
+
+        {
+            "destination": "/proc",
+            "type": "proc",
+            "source": "proc"
+        },
+        {
+            "destination": "/dev",
+            "type": "tmpfs",
+            "source": "tmpfs",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/dev/pts",
+            "type": "devpts",
+            "source": "devpts",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/dev/shm",
+            "type": "tmpfs",
+            "source": "shm",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/dev/mqueue",
+            "type": "mqueue",
+            "source": "mqueue",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/sys",
+            "type": "sysfs",
+            "source": "sysfs",
+            "options": [
+                "mode=777"
+            ]
+        },
+        {
+            "destination": "/sys/fs/cgroup",
+            "type": "cgroup",
+            "source": "cgroup",
+            "options": [
+                "mode=777"
+            ]
+        }
+    ],
+
+    "hooks": {},
+
+    "linux": {
+        "resources": {
+            "devices": [
+                {
+                    "allow": false,
+                    "access": "rwm"
+                }
+            ]
+        },
+        "namespaces": [
+            {
+                "type": "pid"
+            },
+            {
+                "type": "ipc"
+            },
+            {
+                "type": "mount"
+            }
+        ]
+    },
+
+    "annotations": {
+        "com.example.key1": "value1",
+        "com.example.key2": "value2"
+    }
+}