2022-09-19 13:28:07 +01:00
|
|
|
#define MG_ENABLE_SOCKET 0
|
|
|
|
#define MG_ENABLE_LOG 0
|
|
|
|
#define MG_ENABLE_LINES 1
|
|
|
|
#define MG_ENABLE_MIP 1
|
|
|
|
|
|
|
|
#include "mongoose.c"
|
|
|
|
|
|
|
|
#include "driver_mock.c"
|
2019-07-12 13:28:20 +01:00
|
|
|
|
2020-12-13 16:56:30 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *, size_t);
|
2021-10-22 19:41:26 +01:00
|
|
|
#else
|
|
|
|
int LLVMFuzzerTestOneInput(const uint8_t *, size_t);
|
2020-12-13 16:56:30 +00:00
|
|
|
#endif
|
2020-12-05 11:26:32 +00:00
|
|
|
|
2019-07-12 13:28:20 +01:00
|
|
|
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
2022-08-01 11:19:32 +01:00
|
|
|
mg_log_set(MG_LL_NONE);
|
2022-05-06 21:09:13 +01:00
|
|
|
|
2020-12-05 11:26:32 +00:00
|
|
|
struct mg_dns_message dm;
|
|
|
|
mg_dns_parse(data, size, &dm);
|
2020-12-11 13:16:51 +00:00
|
|
|
mg_dns_parse(NULL, 0, &dm);
|
2020-12-05 11:26:32 +00:00
|
|
|
|
|
|
|
struct mg_http_message hm;
|
|
|
|
mg_http_parse((const char *) data, size, &hm);
|
2020-12-11 13:16:51 +00:00
|
|
|
mg_http_parse(NULL, 0, &hm);
|
2020-12-05 11:26:32 +00:00
|
|
|
|
2020-12-07 18:52:40 +00:00
|
|
|
struct mg_str body = mg_str_n((const char *) data, size);
|
|
|
|
char tmp[256];
|
|
|
|
mg_http_get_var(&body, "key", tmp, sizeof(tmp));
|
2020-12-13 16:33:46 +00:00
|
|
|
mg_http_get_var(&body, "key", NULL, 0);
|
2020-12-11 09:35:50 +00:00
|
|
|
mg_url_decode((char *) data, size, tmp, sizeof(tmp), 1);
|
|
|
|
mg_url_decode((char *) data, size, tmp, 1, 1);
|
2020-12-11 13:16:51 +00:00
|
|
|
mg_url_decode(NULL, 0, tmp, 1, 1);
|
2020-12-07 18:52:40 +00:00
|
|
|
|
2020-12-05 11:26:32 +00:00
|
|
|
struct mg_mqtt_message mm;
|
2022-06-28 11:31:13 +01:00
|
|
|
mg_mqtt_parse(data, size, 0, &mm);
|
|
|
|
mg_mqtt_parse(NULL, 0, 0, &mm);
|
|
|
|
mg_mqtt_parse(data, size, 5, &mm);
|
|
|
|
mg_mqtt_parse(NULL, 0, 5, &mm);
|
2020-12-05 11:26:32 +00:00
|
|
|
|
2021-12-21 21:50:18 +00:00
|
|
|
mg_sntp_parse(data, size);
|
|
|
|
mg_sntp_parse(NULL, 0);
|
2020-12-05 11:26:32 +00:00
|
|
|
|
2020-12-07 18:52:40 +00:00
|
|
|
char buf[size * 4 / 3 + 5]; // At least 4 chars and nul termination
|
2021-07-26 11:00:37 +01:00
|
|
|
mg_base64_decode((char *) data, (int) size, buf);
|
2020-12-11 13:16:51 +00:00
|
|
|
mg_base64_decode(NULL, 0, buf);
|
2021-07-26 11:00:37 +01:00
|
|
|
mg_base64_encode(data, (int) size, buf);
|
2020-12-11 13:16:51 +00:00
|
|
|
mg_base64_encode(NULL, 0, buf);
|
2020-12-07 18:52:40 +00:00
|
|
|
|
2020-12-24 09:07:55 +00:00
|
|
|
mg_globmatch((char *) data, size, (char *) data, size);
|
|
|
|
|
|
|
|
struct mg_str k, v, s = mg_str_n((char *) data, size);
|
2021-08-28 06:54:56 +01:00
|
|
|
while (mg_commalist(&s, &k, &v)) k.len = v.len = 0;
|
2020-12-24 09:07:55 +00:00
|
|
|
|
2022-06-09 12:39:48 +01:00
|
|
|
int n;
|
2022-07-30 07:55:26 +01:00
|
|
|
mg_json_get(mg_str_n((char *) data, size), "$", &n);
|
2022-09-19 13:28:07 +01:00
|
|
|
mg_json_get(mg_str_n((char *) data, size), "$.a.b", &n);
|
|
|
|
mg_json_get(mg_str_n((char *) data, size), "$[0]", &n);
|
|
|
|
|
2022-09-25 10:19:17 +01:00
|
|
|
if (size > 0) {
|
2022-09-29 16:53:11 +01:00
|
|
|
struct mip_cfg cfg = {0};
|
2022-09-25 10:19:17 +01:00
|
|
|
size_t pktlen = 1540;
|
|
|
|
char t[sizeof(struct mip_if) + pktlen * 2 + 0 /* qlen */];
|
|
|
|
struct mip_if *ifp = (struct mip_if *) t;
|
|
|
|
struct mg_mgr mgr;
|
|
|
|
mg_mgr_init(&mgr);
|
|
|
|
if_init(ifp, &mgr, &cfg, &mip_driver_mock, NULL, pktlen, 0);
|
|
|
|
|
|
|
|
// Make a copy of the random data, in order to modify it
|
|
|
|
uint8_t pkt[size];
|
|
|
|
struct eth *eth = (struct eth *) pkt;
|
|
|
|
memcpy(pkt, data, size);
|
|
|
|
if (size > sizeof(*eth)) {
|
2022-09-25 11:58:28 +01:00
|
|
|
static size_t i;
|
|
|
|
uint16_t eth_types[] = {0x800, 0x800, 0x806, 0x86dd};
|
2022-09-25 10:19:17 +01:00
|
|
|
memcpy(eth->dst, ifp->mac, 6); // Set valid destination MAC
|
2022-09-25 11:58:28 +01:00
|
|
|
eth->type = mg_htons(eth_types[i++]);
|
|
|
|
if (i >= sizeof(eth_types) / sizeof(eth_types[0])) i = 0;
|
2022-09-25 10:19:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
mip_rx(ifp, (void *) pkt, size);
|
|
|
|
mgr.priv = NULL; // Don't let Mongoose free() ifp
|
|
|
|
mg_mgr_free(&mgr);
|
|
|
|
}
|
2022-06-09 12:39:48 +01:00
|
|
|
|
2019-07-12 13:28:20 +01:00
|
|
|
return 0;
|
|
|
|
}
|
2022-09-29 16:53:11 +01:00
|
|
|
|
|
|
|
#if defined(MAIN)
|
|
|
|
int main(int argc, char *argv[]) {
|
|
|
|
if (argc > 1) {
|
|
|
|
size_t len = 0;
|
|
|
|
char *buf = mg_file_read(&mg_fs_posix, argv[1], &len);
|
|
|
|
if (buf != NULL) LLVMFuzzerTestOneInput((uint8_t *) buf, len);
|
|
|
|
free(buf);
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#endif
|