1 #include <iostream> 2 #include <fstream> 3 #include <string.h> 4 #include <string> 5 #include <iostream> 6 #include <sstream> 7 #include <errno.h> 8 #include "gptcl.h" 9 #include <fcntl.h> 10 #include <unistd.h> 11 fuzz_gpt(char * partition_file)12static int fuzz_gpt(char* partition_file) { 13 BasicMBRData mbrData; 14 GPTData gptData; 15 GPTPart partData; 16 int numParts = 0; 17 stringstream res; 18 19 gptData.JustLooking(); 20 gptData.LoadPartitions((string) partition_file); 21 gptData.LoadMainTable(); 22 gptData.GetDiskGUID(); 23 numParts = gptData.GetNumParts(); 24 25 //Extracted from the android_dump function in sgdisk.cc, hits more code 26 for (int i = 0; i < numParts; i++) { 27 partData = gptData[i]; 28 if (partData.GetFirstLBA() > 0) { 29 partData.GetType(); 30 partData.GetUniqueGUID(); 31 partData.GetDescription();; 32 } 33 } 34 return 0; 35 } 36 37 #ifdef GPTFDISK_FUZZER_DEVICE 38 #define TMPFILE_TEMPLATE "/data/local/tmp/gptfuzzXXXXXXXX\x00" 39 #else 40 #define TMPFILE_TEMPLATE "/dev/shm/gptfuzzXXXXXXXX\x00" 41 #endif 42 43 size_t TMPFILE_LEN = sizeof(TMPFILE_TEMPLATE); 44 LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)45extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 46 char partition_tmp_file[TMPFILE_LEN]; 47 int tmpfd; 48 49 memcpy(partition_tmp_file, TMPFILE_TEMPLATE, TMPFILE_LEN); 50 tmpfd = mkstemp(partition_tmp_file); 51 if(tmpfd < 0) 52 return -1; 53 write(tmpfd, data, size); 54 close(tmpfd); 55 fuzz_gpt(partition_tmp_file); 56 remove(partition_tmp_file); 57 return 0; 58 } 59