1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
/******************************************************************************
*
* Project: PostGIS
* Purpose: Fuzzer
* Author: Even Rouault, even.rouault at spatialys.com
*
******************************************************************************
* Copyright (c) 2017, Even Rouault <even.rouault at spatialys.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
****************************************************************************/
#include <assert.h>
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <setjmp.h>
#include <set>
extern "C"
{
#include "liblwgeom.h"
#include "geos_stub.h"
#include "proj_stub.h"
}
extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv);
// Keep active heap allocated memory corresponding to returns of allocator()
// and reallocator()
std::set<void*> oSetPointers;
jmp_buf jmpBuf;
extern "C"
{
static void *
allocator(size_t size)
{
void *mem = malloc(size);
oSetPointers.insert(mem);
return mem;
}
static void
freeor(void *mem)
{
oSetPointers.erase(mem);
free(mem);
}
static void *
reallocator(void *mem, size_t size)
{
oSetPointers.erase(mem);
void *ret = realloc(mem, size);
oSetPointers.insert(ret);
return ret;
}
static void
noticereporter(const char *, va_list )
{
}
static void
errorreporter(const char *, va_list )
{
// Cleanup any heap-allocated memory still active
for(std::set<void*>::iterator oIter = oSetPointers.begin();
oIter != oSetPointers.end(); ++oIter )
{
free(*oIter);
}
oSetPointers.clear();
// Abort everything to jump to setjmp() call
longjmp(jmpBuf, 1);
}
static void
debuglogger(int, const char *, va_list)
{
}
}
int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/)
{
lwgeom_set_handlers(malloc, realloc, free, noticereporter, noticereporter);
lwgeom_set_debuglogger(debuglogger);
return 0;
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len);
int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len)
{
if( setjmp(jmpBuf) )
return 0;
LWGEOM* lwgeom = lwgeom_from_wkb(buf, len, LW_PARSER_CHECK_NONE);
lwgeom_free(lwgeom);
//assert( oSetPointers.empty() );
return 0;
}
|
