diff --git a/CHANGES b/CHANGES index e713d0e42b..5447be40fb 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,15 @@ +3.2.0-dev.547 | 2020-05-18 10:47:54 -0700 + + * add packet fuzzer (Justin Azoff) + + * Fix building fuzz targets on macOS (Jon Siwek, Corelight) + + * Highwayhash: small build fix (Johanna Amann, Corelight) + + Turns out that hh_neon should not be compiled on generic arm CPUs. + That one is only for aarch64. + 3.2.0-dev.539 | 2020-05-15 19:47:55 +0000 * Replace bzero() with memset() (Noah Treuhaft) diff --git a/VERSION b/VERSION index 41ac6f6a46..6f92b88996 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.2.0-dev.539 +3.2.0-dev.547 diff --git a/src/fuzzers/CMakeLists.txt b/src/fuzzers/CMakeLists.txt index 74097cb00e..ac8b6ca345 100644 --- a/src/fuzzers/CMakeLists.txt +++ b/src/fuzzers/CMakeLists.txt @@ -79,3 +79,4 @@ target_link_libraries(zeek_fuzzer_shared ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS}) add_fuzz_target(pop3) +add_fuzz_target(packet) diff --git a/src/fuzzers/packet-corpus.zip b/src/fuzzers/packet-corpus.zip new file mode 100644 index 0000000000..8ffc9d4162 Binary files /dev/null and b/src/fuzzers/packet-corpus.zip differ diff --git a/src/fuzzers/packet-fuzzer.cc b/src/fuzzers/packet-fuzzer.cc new file mode 100644 index 0000000000..eab8202ce1 --- /dev/null +++ b/src/fuzzers/packet-fuzzer.cc @@ -0,0 +1,45 @@ +#include "binpac.h" + +#include "iosource/Packet.h" +#include "Event.h" +#include "Sessions.h" + +#include "FuzzBuffer.h" +#include "fuzzer-setup.h" + +#include "pcap/dlt.h" + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) + { + zeek::detail::FuzzBuffer fb{data, size}; + + if ( ! fb.Valid() ) + return 0; + + for ( ; ; ) + { + auto chunk = fb.Next(); + + if ( ! chunk ) + break; + + Packet pkt; + auto timestamp = 42; + pkt_timeval ts = {timestamp, 0}; + pkt.Init(DLT_RAW, &ts, chunk->size, chunk->size, chunk->data.get(), false, ""); + + try + { + sessions->NextPacket(timestamp, &pkt); + } + catch ( binpac::Exception const &e ) + { + } + + chunk = {}; + mgr.Drain(); + } + + zeek::detail::fuzzer_cleanup_one_input(); + return 0; + }