Fix/improve fuzzing (#2426)

IvanNardi · web-flow · commit 7c6910d9e5d5 · 2024-05-08T11:46:02.000+02:00
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
@@ -774,6 +774,7 @@ distdir:
 		-o -name '*.cpp' \
 		-o -name '*.options' \
 		-o -name 'ipv4_addresses.txt' \
+		-o -name 'ipv6_addresses.txt' \
 		-o -name 'bd_param.txt' \
 		-o -name 'splt_param.txt' \
 		-o -name 'random_list.list' \
diff --git a/fuzz/fuzz_ds_ptree.cpp b/fuzz/fuzz_ds_ptree.cpp
@@ -49,6 +49,12 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     }
   }
 
+  /* Some higher level functions */
+  ndpi_load_ipv4_ptree_file(t, "ipv4_addresses.txt", NDPI_PROTOCOL_TLS);
+  ndpi_load_ipv4_ptree_file(t, "invalid_filename", NDPI_PROTOCOL_TLS);
+  ndpi_load_ipv6_ptree_file(t, "ipv6_addresses.txt", NDPI_PROTOCOL_TLS);
+  ndpi_load_ipv6_ptree_file(t, "invalid_filename", NDPI_PROTOCOL_TLS);
+
   /* Random search */
   num_iteration = fuzzed_data.ConsumeIntegral<u_int8_t>();
   for (i = 0; i < num_iteration; i++) {
diff --git a/fuzz/ipv6_addresses.txt b/fuzz/ipv6_addresses.txt
@@ -0,0 +1,5 @@
+#Random list of ipv6 addresses
+
+2001:db8:3333:4444:5555:6666:7777:8888
+2001:a:b:c::/64
+ff06::c3
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
@@ -2735,7 +2735,7 @@ static ndpi_patricia_node_t* add_to_ptree(ndpi_patricia_tree_t *tree, int family
 /* ******************************************* */
 
 /*
-  Load a file containing IPv4 addresses in CIDR format as 'protocol_id'
+  Load a file containing IPv4 OR IPv6 addresses in CIDR format as 'protocol_id'
 
   Return: the number of entries loaded or -1 in case of error
 */
@@ -2808,13 +2808,17 @@ int ndpi_load_ptree_file(ndpi_patricia_tree_t *ptree,
 
 int ndpi_load_ipv4_ptree_file(ndpi_ptree_t *ptree, const char *path,
 			      u_int16_t protocol_id) {
+  if(!ptree)
+    return -1;
   return(ndpi_load_ptree_file(ptree->v4, path, true /* IPv4 */, protocol_id));
 }
 
 /* ******************************************* */
 
 int ndpi_load_ipv6_ptree_file(ndpi_ptree_t *ptree, const char *path,
 			      u_int16_t protocol_id) {
+  if(!ptree)
+    return -1;
   return(ndpi_load_ptree_file(ptree->v6, path, false /* IPv6 */, protocol_id));
 }
 
@@ -2827,6 +2831,8 @@ int ndpi_load_ipv6_ptree_file(ndpi_ptree_t *ptree, const char *path,
 */
 int ndpi_load_ipv4_ptree(struct ndpi_detection_module_struct *ndpi_str,
 			 const char *path, u_int16_t protocol_id) {
+  if(!ndpi_str)
+    return -1;
   return(ndpi_load_ptree_file(ndpi_str->protocols_ptree,
 			      path, true /* is_ipv4 */,
 			      protocol_id));
diff --git a/tests/ossfuzz.sh b/tests/ossfuzz.sh
@@ -61,7 +61,7 @@ cp example/ja3_fingerprints.csv $OUT/
 cp example/sha1_fingerprints.csv $OUT/
 cp example/config.txt $OUT/
 cp lists/public_suffix_list.dat $OUT/
-cp fuzz/ipv4_addresses.txt $OUT/
+cp fuzz/ipv*_addresses.txt $OUT/
 cp fuzz/bd_param.txt $OUT/
 cp fuzz/splt_param.txt $OUT/
 cp fuzz/random_list.list $OUT/

Original file line number	Diff line number	Diff line change
`@@ -49,6 +49,12 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {`
`49`	`49`	`}`
`50`	`50`	`}`
`51`	`51`
	`52`	`+ /* Some higher level functions */`
	`53`	`+ ndpi_load_ipv4_ptree_file(t, "ipv4_addresses.txt", NDPI_PROTOCOL_TLS);`
	`54`	`+ ndpi_load_ipv4_ptree_file(t, "invalid_filename", NDPI_PROTOCOL_TLS);`
	`55`	`+ ndpi_load_ipv6_ptree_file(t, "ipv6_addresses.txt", NDPI_PROTOCOL_TLS);`
	`56`	`+ ndpi_load_ipv6_ptree_file(t, "invalid_filename", NDPI_PROTOCOL_TLS);`
	`57`	`+`
`52`	`58`	`/* Random search */`
`53`	`59`	`num_iteration = fuzzed_data.ConsumeIntegral<u_int8_t>();`
`54`	`60`	`for (i = 0; i < num_iteration; i++) {`