New upstream version 0.28.1+dfsg.1

[libgit2.git] / fuzzers / packfile_fuzzer.c

diff --git a/fuzzers/packfile_fuzzer.c b/fuzzers/packfile_fuzzer.c
new file mode 100644 (file)
index 0000000..a448233
--- /dev/null
+++ b/fuzzers/packfile_fuzzer.c
@@ -0,0 +1,122 @@
+/*
+ * libgit2 packfile fuzzer target.
+ *
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <limits.h>
+#include <unistd.h>
+
+#include "git2.h"
+#include "git2/sys/mempack.h"
+
+#define UNUSED(x) (void)(x)
+
+static git_odb *odb = NULL;
+static git_odb_backend *mempack = NULL;
+
+/* Arbitrary object to seed the ODB. */
+static const unsigned char base_obj[] = { 07, 076 };
+static const unsigned int base_obj_len = 2;
+
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+       UNUSED(argc);
+       UNUSED(argv);
+       if (git_libgit2_init() < 0) {
+               fprintf(stderr, "Failed to initialize libgit2\n");
+               abort();
+       }
+       if (git_libgit2_opts(GIT_OPT_SET_PACK_MAX_OBJECTS, 10000000) < 0) {
+               fprintf(stderr, "Failed to limit maximum pack object count\n");
+               abort();
+       }
+       if (git_odb_new(&odb) < 0) {
+               fprintf(stderr, "Failed to create the odb\n");
+               abort();
+       }
+       if (git_mempack_new(&mempack) < 0) {
+               fprintf(stderr, "Failed to create the mempack\n");
+               abort();
+       }
+       if (git_odb_add_backend(odb, mempack, 999) < 0) {
+               fprintf(stderr, "Failed to add the mempack\n");
+               abort();
+       }
+       return 0;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+       git_indexer *indexer = NULL;
+       git_transfer_progress stats = {0, 0};
+       bool append_hash = false;
+       git_oid id;
+       char hash[GIT_OID_HEXSZ + 1] = {0};
+       char path[PATH_MAX];
+
+       if (size == 0)
+               return 0;
+
+       if (!odb || !mempack) {
+               fprintf(stderr, "Global state not initialized\n");
+               abort();
+       }
+       git_mempack_reset(mempack);
+
+       if (git_odb_write(&id, odb, base_obj, base_obj_len, GIT_OBJECT_BLOB) < 0) {
+               fprintf(stderr, "Failed to add an object to the odb\n");
+               abort();
+       }
+
+       if (git_indexer_new(&indexer, ".", 0, odb, NULL) < 0) {
+               fprintf(stderr, "Failed to create the indexer: %s\n",
+                       git_error_last()->message);
+               abort();
+       }
+
+       /*
+        * If the first byte in the stream has the high bit set, append the
+        * SHA1 hash so that the packfile is somewhat valid.
+        */
+       append_hash = *data & 0x80;
+       ++data;
+       --size;
+
+       if (git_indexer_append(indexer, data, size, &stats) < 0)
+               goto cleanup;
+       if (append_hash) {
+               git_oid oid;
+               if (git_odb_hash(&oid, data, size, GIT_OBJECT_BLOB) < 0) {
+                       fprintf(stderr, "Failed to compute the SHA1 hash\n");
+                       abort();
+               }
+               if (git_indexer_append(indexer, &oid, sizeof(oid), &stats) < 0) {
+                       goto cleanup;
+               }
+       }
+       if (git_indexer_commit(indexer, &stats) < 0)
+               goto cleanup;
+
+       /*
+        * We made it! We managed to produce a valid packfile.
+        * Let's clean it up.
+        */
+       git_oid_fmt(hash, git_indexer_hash(indexer));
+       printf("Generated packfile %s\n", hash);
+       snprintf(path, sizeof(path), "pack-%s.idx", hash);
+       unlink(path);
+       snprintf(path, sizeof(path), "pack-%s.pack", hash);
+       unlink(path);
+
+cleanup:
+       git_mempack_reset(mempack);
+       git_indexer_free(indexer);
+       return 0;
+}