aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'fuzz-ar.c')
-rw-r--r--fuzz-ar.c46
1 files changed, 46 insertions, 0 deletions
diff --git a/fuzz-ar.c b/fuzz-ar.c
new file mode 100644
index 0000000..360194f
--- /dev/null
+++ b/fuzz-ar.c
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2024 Gentoo Foundation
+ * Distributed under the terms of the GNU General Public License v2
+ *
+ * Copyright 2024 Mike Frysinger - <vapier@gentoo.org>
+ */
+
+/* Fuzz the ar interface. */
+
+const char argv0[] = "fuzz-ar";
+
+#include "paxinc.h"
+
+static int fd;
+
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+ (void)argc;
+ (void)argv;
+
+ fd = memfd_create("fuzz-input.a", MFD_CLOEXEC);
+ if (fd == -1)
+ errp("memfd_create() failed");
+ return 0;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+ if (ftruncate(fd, size) != 0)
+ errp("ftruncate(%i, %zu) failed", fd, size);
+ if (pwrite(fd, data, size, 0) != (ssize_t)size)
+ errp("pwrite() failed");
+ if (lseek(fd, 0, SEEK_SET) != 0)
+ errp("lseek() failed");
+
+ int afd = dup(fd);
+ archive_handle *ar = ar_open_fd("fuzz-input.a", afd, 0);
+ if (ar == NULL) {
+ close(afd);
+ return 0;
+ }
+ while (ar_next(ar) != NULL)
+ continue;
+
+ return 0;
+}