1 #include <stdlib.h>
2 #include <stdio.h>
3 #include <stdint.h>
4 #include <string.h>
5 #include <getopt.h>
6 #include <sys/stat.h>
7
8 #include <sepol/cil/cil.h>
9 #include <sepol/policydb.h>
10
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)11 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
12 enum cil_log_level log_level = CIL_ERR;
13 struct sepol_policy_file *pf = NULL;
14 FILE *dev_null = NULL;
15 int target = SEPOL_TARGET_SELINUX;
16 int disable_dontaudit = 0;
17 int multiple_decls = 0;
18 int disable_neverallow = 0;
19 int preserve_tunables = 0;
20 int policyvers = POLICYDB_VERSION_MAX;
21 int mls = -1;
22 int attrs_expand_generated = 0;
23 struct cil_db *db = NULL;
24 sepol_policydb_t *pdb = NULL;
25
26 cil_set_log_level(log_level);
27
28 cil_db_init(&db);
29 cil_set_disable_dontaudit(db, disable_dontaudit);
30 cil_set_multiple_decls(db, multiple_decls);
31 cil_set_disable_neverallow(db, disable_neverallow);
32 cil_set_preserve_tunables(db, preserve_tunables);
33 cil_set_mls(db, mls);
34 cil_set_target_platform(db, target);
35 cil_set_policy_version(db, policyvers);
36 cil_set_attrs_expand_generated(db, attrs_expand_generated);
37
38 if (cil_add_file(db, "fuzz", (const char *)data, size) != SEPOL_OK)
39 goto exit;
40
41 if (cil_compile(db) != SEPOL_OK)
42 goto exit;
43
44 if (cil_build_policydb(db, &pdb) != SEPOL_OK)
45 goto exit;
46
47 if (sepol_policydb_optimize(pdb) != SEPOL_OK)
48 goto exit;
49
50 dev_null = fopen("/dev/null", "w");
51 if (dev_null == NULL)
52 goto exit;
53
54 if (sepol_policy_file_create(&pf) != 0)
55 goto exit;
56
57 sepol_policy_file_set_fp(pf, dev_null);
58
59 if (sepol_policydb_write(pdb, pf) != 0)
60 goto exit;
61 exit:
62 if (dev_null != NULL)
63 fclose(dev_null);
64
65 cil_db_destroy(&db);
66 sepol_policydb_free(pdb);
67 sepol_policy_file_free(pf);
68 return 0;
69 }
70