diff --git a/tests/fuzz/Makefile.am b/tests/fuzz/Makefile.am index 4ef502fa..a54a3a2a 100644 --- a/tests/fuzz/Makefile.am +++ b/tests/fuzz/Makefile.am @@ -3,6 +3,7 @@ dist_noinst_DATA = \ LUKS2.proto \ LUKS2_plain_JSON.proto \ crypt2_load_fuzz.dict \ + crypt2_load_ondisk_fuzz.dict \ crypt2_load_proto_plain_json_fuzz.dict CLEANFILES = \ LUKS2.pb.h \ @@ -23,6 +24,11 @@ crypt2_load_fuzz_LDADD = ../../libcryptsetup.la ../../libcrypto_backend.la -L$( crypt2_load_fuzz_LDFLAGS = $(AM_LDFLAGS) $(LIB_FUZZING_ENGINE) $(SANITIZER) crypt2_load_fuzz_CXXFLAGS = $(AM_CXXFLAGS) -I$(top_srcdir)/lib -I$(top_srcdir)/tests/fuzz +crypt2_load_ondisk_fuzz_SOURCES = FuzzerInterface.h crypt2_load_ondisk_fuzz.cc +crypt2_load_ondisk_fuzz_LDADD = ../../libcryptsetup.la -L$(DEPS_PATH)/lib +crypt2_load_ondisk_fuzz_LDFLAGS = $(AM_LDFLAGS) $(LIB_FUZZING_ENGINE) $(SANITIZER) +crypt2_load_ondisk_fuzz_CXXFLAGS = $(AM_CXXFLAGS) -I$(top_srcdir)/lib -I$(top_srcdir)/tests/fuzz + test-environment-m: @ if test ! -d $(DEPS_PATH); then \ echo "You need to build static libraries first; use oss-fuzz-build.sh script."; \ @@ -104,6 +110,7 @@ plain_json_proto_to_luks2_CXXFLAGS = $(AM_CXXFLAGS) \ if ENABLE_FUZZ_TARGETS noinst_PROGRAMS = \ crypt2_load_fuzz \ + crypt2_load_ondisk_fuzz \ crypt2_load_proto_fuzz \ crypt2_load_proto_plain_json_fuzz \ proto_to_luks2 \ diff --git a/tests/fuzz/crypt2_load_ondisk_fuzz.cc b/tests/fuzz/crypt2_load_ondisk_fuzz.cc new file mode 100644 index 00000000..9b5328dd --- /dev/null +++ b/tests/fuzz/crypt2_load_ondisk_fuzz.cc @@ -0,0 +1,64 @@ +/* + * cryptsetup LUKS1, FileVault, BitLocker fuzz target + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +extern "C" { +#define FILESIZE (16777216) +#include "src/cryptsetup.h" +#include +#include "luks1/luks.h" +#include "crypto_backend/crypto_backend.h" +#include "FuzzerInterface.h" + +void empty_log(int level, const char *msg, void *usrptr) {} + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + int fd, r; + struct crypt_device *cd = NULL; + char name[] = "/tmp/test-script-fuzz.XXXXXX"; + + fd = mkostemp(name, O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC); + if (fd == -1) + err(EXIT_FAILURE, "mkostemp() failed"); + + /* enlarge header */ + if (ftruncate(fd, FILESIZE) == -1) + goto out; + + if (write_buffer(fd, data, size) != (ssize_t) size) + goto out; + + crypt_set_log_callback(NULL, empty_log, NULL); + + if (crypt_init(&cd, name) == 0) { + r = crypt_load(cd, CRYPT_LUKS1, NULL); + if (r == 0) + goto out; + + r = crypt_load(cd, CRYPT_FVAULT2, NULL); + if (r == 0) + goto out; + + (void) crypt_load(cd, CRYPT_BITLK, NULL); + } +out: + crypt_free(cd); + close(fd); + unlink(name); + return 0; +} +} diff --git a/tests/fuzz/crypt2_load_ondisk_fuzz.dict b/tests/fuzz/crypt2_load_ondisk_fuzz.dict new file mode 100644 index 00000000..3923db5a --- /dev/null +++ b/tests/fuzz/crypt2_load_ondisk_fuzz.dict @@ -0,0 +1,9 @@ +"aegis128-random" +"aes-cbc:essiv:sha256" +"aes-xts-plain64" +"aes-lrv-plain64" +"twofish-xts-plain64" +"serpent-xts-plain64" +"whirpool" +"sha256" +"sha1" diff --git a/tests/fuzz/oss-fuzz-build.sh b/tests/fuzz/oss-fuzz-build.sh index ba0ae925..2f4eb9ff 100755 --- a/tests/fuzz/oss-fuzz-build.sh +++ b/tests/fuzz/oss-fuzz-build.sh @@ -29,7 +29,7 @@ export CFLAGS="${CFLAGS:-$flags} -I$DEPS_PATH/include" export CXXFLAGS="${CXXFLAGS:-$flags} -I$DEPS_PATH/include" export LDFLAGS="${LDFLAGS-} -L$DEPS_PATH/lib" -ENABLED_FUZZERS=${ENABLED_FUZZERS:-crypt2_load_fuzz crypt2_load_proto_plain_json_fuzz} +ENABLED_FUZZERS=${ENABLED_FUZZERS:-crypt2_load_fuzz crypt2_load_ondisk_fuzz crypt2_load_proto_plain_json_fuzz} mkdir -p $SRC mkdir -p $OUT