From 586ce031eaa0e732603adbc9509aeaca4d6b2769 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Wed, 11 Dec 2019 06:35:17 +0100 Subject: [PATCH] tests: fuzz: fuzz _len variants of checking methods MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In order to increase test coverage. Signed-off-by: Petr Štetiar --- tests/fuzz/test-fuzz.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c index 52f2bbc..4dc13a8 100644 --- a/tests/fuzz/test-fuzz.c +++ b/tests/fuzz/test-fuzz.c @@ -1,10 +1,13 @@ #include #include #include +#include #include "blob.h" #include "blobmsg.h" +#define BLOBMSG_TYPE_TROUBLE INT_MAX + static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) { enum { @@ -14,6 +17,19 @@ static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) __FOO_MAX }; + static const int blobmsg_type[] = { + BLOBMSG_TYPE_UNSPEC, + BLOBMSG_TYPE_ARRAY, + BLOBMSG_TYPE_TABLE, + BLOBMSG_TYPE_STRING, + BLOBMSG_TYPE_INT64, + BLOBMSG_TYPE_INT32, + BLOBMSG_TYPE_INT16, + BLOBMSG_TYPE_INT8, + BLOBMSG_TYPE_DOUBLE, + BLOBMSG_TYPE_TROUBLE, + }; + static const struct blobmsg_policy foo_policy[] = { [FOO_MESSAGE] = { .name = "message", @@ -33,6 +49,14 @@ static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) blobmsg_parse(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size); blobmsg_parse_array(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size); + + blobmsg_check_attr_len((struct blob_attr *)data, false, size); + blobmsg_check_attr_len((struct blob_attr *)data, true, size); + + for (size_t i=0; i < ARRAY_SIZE(blobmsg_type); i++) { + blobmsg_check_array_len((struct blob_attr *)data, blobmsg_type[i], size); + blobmsg_check_attr_list_len((struct blob_attr *)data, blobmsg_type[i], size); + } } static void fuzz_blob_parse(const uint8_t *data, size_t size)