• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* MIT License
2  *
3  * Copyright (c) The c-ares project and its contributors
4  *
5  * Permission is hereby granted, free of charge, to any person obtaining a copy
6  * of this software and associated documentation files (the "Software"), to deal
7  * in the Software without restriction, including without limitation the rights
8  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9  * copies of the Software, and to permit persons to whom the Software is
10  * furnished to do so, subject to the following conditions:
11  *
12  * The above copyright notice and this permission notice (including the next
13  * paragraph) shall be included in all copies or substantial portions of the
14  * Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22  * SOFTWARE.
23  *
24  * SPDX-License-Identifier: MIT
25  */
26 #include <stddef.h>
27 #include <stdlib.h>
28 #include <string.h>
29 
30 #include "ares.h"
31 /* Include ares internal file for DNS protocol constants */
32 #include "ares_nameser.h"
33 
34 int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size);
35 
36 /* Fuzzing on a query name isn't very useful as its already fuzzed as part
37  * of the normal fuzzing operations.  So we'll disable this by default and
38  * instead use this same fuzzer to validate our URI scheme parsers accessed
39  * via ares_set_servers_csv() */
40 #ifdef USE_LEGACY_FUZZERS
41 /* Entrypoint for Clang's libfuzzer, exercising query creation. */
LLVMFuzzerTestOneInput(const unsigned char * data,unsigned long size)42 int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size)
43 {
44   /* Null terminate the data. */
45   char          *name   = malloc(size + 1);
46   unsigned char *buf    = NULL;
47   int            buflen = 0;
48   name[size]            = '\0';
49   memcpy(name, data, size);
50 
51   ares_create_query(name, C_IN, T_AAAA, 1234, 0, &buf, &buflen, 1024);
52   free(buf);
53   free(name);
54   return 0;
55 }
56 
57 #else
58 
LLVMFuzzerTestOneInput(const unsigned char * data,unsigned long size)59 int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size)
60 {
61   ares_channel_t *channel = NULL;
62   char           *csv;
63 
64   ares_library_init(ARES_LIB_INIT_ALL);
65   ares_init(&channel);
66 
67   /* Need to null-term data */
68   csv = malloc(size + 1);
69   memcpy(csv, data, size);
70   csv[size] = '\0';
71   ares_set_servers_csv(channel, csv);
72   free(csv);
73 
74   ares_destroy(channel);
75   ares_library_cleanup();
76 
77   return 0;
78 }
79 #endif
80