]> CyberLeo.Net >> Repos - FreeBSD/stable/10.git/blob - contrib/libarchive/libarchive/test/test_fuzz.c
projects / FreeBSD / stable / 10.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
MFC r347990:
[FreeBSD/stable/10.git] / contrib / libarchive / libarchive / test / test_fuzz.c
1 /*-
2  * Copyright (c) 2003-2007 Tim Kientzle
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17  * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  */
25 #include "test.h"
26 __FBSDID("$FreeBSD$");
27
28 /*
29  * This was inspired by an ISO fuzz tester written by Michal Zalewski
30  * and posted to the "vulnwatch" mailing list on March 17, 2005:
31  *    http://seclists.org/vulnwatch/2005/q1/0088.html
32  *
33  * This test simply reads each archive image into memory, pokes
34  * random values into it and runs it through libarchive.  It tries
35  * to damage about 1% of each file and repeats the exercise 100 times
36  * with each file.
37  *
38  * Unlike most other tests, this test does not verify libarchive's
39  * responses other than to ensure that libarchive doesn't crash.
40  *
41  * Due to the deliberately random nature of this test, it may be hard
42  * to reproduce failures.  Because this test deliberately attempts to
43  * induce crashes, there's little that can be done in the way of
44  * post-failure diagnostics.
45  */
46
47 /* Because this works for any archive, we can just re-use the archives
48  * developed for other tests. */
49 struct files {
50         int uncompress; /* If 1, decompress the file before fuzzing. */
51         const char **names;
52 };
53
54 static void
55 test_fuzz(const struct files *filesets)
56 {
57         const void *blk;
58         size_t blk_size;
59         int64_t blk_offset;
60         int n;
61         const char *skip_fuzz_tests;
62
63         skip_fuzz_tests = getenv("SKIP_TEST_FUZZ");
64         if (skip_fuzz_tests != NULL) {
65                 skipping("Skipping fuzz tests due to SKIP_TEST_FUZZ "
66                     "environment variable");
67                 return;
68         }
69
70         for (n = 0; filesets[n].names != NULL; ++n) {
71                 const size_t buffsize = 30000000;
72                 struct archive_entry *ae;
73                 struct archive *a;
74                 char *rawimage = NULL, *image = NULL, *tmp = NULL;
75                 size_t size = 0, oldsize = 0;
76                 int i, q;
77
78                 extract_reference_files(filesets[n].names);
79                 if (filesets[n].uncompress) {
80                         int r;
81                         /* Use format_raw to decompress the data. */
82                         assert((a = archive_read_new()) != NULL);
83                         assertEqualIntA(a, ARCHIVE_OK,
84                             archive_read_support_filter_all(a));
85                         assertEqualIntA(a, ARCHIVE_OK,
86                             archive_read_support_format_raw(a));
87                         r = archive_read_open_filenames(a, filesets[n].names, 16384);
88                         if (r != ARCHIVE_OK) {
89                                 archive_read_free(a);
90                                 if (filesets[n].names[0] == NULL || filesets[n].names[1] == NULL) {
91                                         skipping("Cannot uncompress fileset");
92                                 } else {
93                                         skipping("Cannot uncompress %s", filesets[n].names[0]);
94                                 }
95                                 continue;
96                         }
97                         assertEqualIntA(a, ARCHIVE_OK,
98                             archive_read_next_header(a, &ae));
99                         rawimage = malloc(buffsize);
100                         size = archive_read_data(a, rawimage, buffsize);
101                         assertEqualIntA(a, ARCHIVE_EOF,
102                             archive_read_next_header(a, &ae));
103                         assertEqualInt(ARCHIVE_OK,
104                             archive_read_free(a));
105                         assert(size > 0);
106                         if (filesets[n].names[0] == NULL || filesets[n].names[1] == NULL) {
107                                 failure("Internal buffer is not big enough for "
108                                         "uncompressed test files");
109                         } else {
110                                 failure("Internal buffer is not big enough for "
111                                         "uncompressed test file: %s", filesets[n].names[0]);
112                         }
113                         if (!assert(size < buffsize)) {
114                                 free(rawimage);
115                                 rawimage = NULL;
116                                 continue;
117                         }
118                 } else {
119                         for (i = 0; filesets[n].names[i] != NULL; ++i)
120                         {
121                                 char *newraw;
122                                 tmp = slurpfile(&size, filesets[n].names[i]);
123                                 newraw = realloc(rawimage, oldsize + size);
124                                 if (!assert(newraw != NULL))
125                                 {
126                                         free(rawimage);
127                                         rawimage = NULL;
128                                         free(tmp);
129                                         continue;
130                                 }
131                                 rawimage = newraw;
132                                 memcpy(rawimage + oldsize, tmp, size);
133                                 oldsize += size;
134                                 size = oldsize;
135                                 free(tmp);
136                         }
137                 }
138                 if (size == 0) {
139                         free(rawimage);
140                         rawimage = NULL;
141                         continue;
142                 }
143                 image = malloc(size);
144                 assert(image != NULL);
145                 if (image == NULL) {
146                         free(rawimage);
147                         rawimage = NULL;
148                         return;
149                 }
150
151                 assert(rawimage != NULL);
152
153                 srand((unsigned)time(NULL));
154
155                 for (i = 0; i < 1000; ++i) {
156                         FILE *f;
157                         int j, numbytes, trycnt;
158
159                         /* Fuzz < 1% of the bytes in the archive. */
160                         memcpy(image, rawimage, size);
161                         q = (int)size / 100;
162                         if (q < 4)
163                                 q = 4;
164                         numbytes = (int)(rand() % q);
165                         for (j = 0; j < numbytes; ++j)
166                                 image[rand() % size] = (char)rand();
167
168                         /* Save the messed-up image to a file.
169                          * If we crash, that file will be useful. */
170                         for (trycnt = 0; trycnt < 3; trycnt++) {
171                                 f = fopen("after.test.failure.send.this.file."
172                                     "to.libarchive.maintainers.with.system.details", "wb");
173                                 if (f != NULL)
174                                         break;
175 #if defined(_WIN32) && !defined(__CYGWIN__)
176                                 /*
177                                  * Sometimes previous close operation does not completely
178                                  * end at this time. So we should take a wait while
179                                  * the operation running.
180                                  */
181                                 Sleep(100);
182 #endif
183                         }
184                         assert(f != NULL);
185                         assertEqualInt((size_t)size, fwrite(image, 1, (size_t)size, f));
186                         fclose(f);
187
188                         // Try to read all headers and bodies.
189                         assert((a = archive_read_new()) != NULL);
190                         assertEqualIntA(a, ARCHIVE_OK,
191                             archive_read_support_filter_all(a));
192                         assertEqualIntA(a, ARCHIVE_OK,
193                             archive_read_support_format_all(a));
194
195                         if (0 == archive_read_open_memory(a, image, size)) {
196                                 while(0 == archive_read_next_header(a, &ae)) {
197                                         while (0 == archive_read_data_block(a,
198                                                 &blk, &blk_size, &blk_offset))
199                                                 continue;
200                                 }
201                                 archive_read_close(a);
202                         }
203                         archive_read_free(a);
204
205                         // Just list headers, skip bodies.
206                         assert((a = archive_read_new()) != NULL);
207                         assertEqualIntA(a, ARCHIVE_OK,
208                             archive_read_support_filter_all(a));
209                         assertEqualIntA(a, ARCHIVE_OK,
210                             archive_read_support_format_all(a));
211
212                         if (0 == archive_read_open_memory(a, image, size)) {
213                                 while(0 == archive_read_next_header(a, &ae)) {
214                                 }
215                                 archive_read_close(a);
216                         }
217                         archive_read_free(a);
218                 }
219                 free(image);
220                 free(rawimage);
221         }
222 }
223
224 DEFINE_TEST(test_fuzz_ar)
225 {
226         static const char *fileset1[] = {
227                 "test_read_format_ar.ar",
228                 NULL
229         };
230         static const struct files filesets[] = {
231                 {0, fileset1},
232                 {1, NULL}
233         };
234         test_fuzz(filesets);
235 }
236
237 DEFINE_TEST(test_fuzz_cab)
238 {
239         static const char *fileset1[] = {
240                 "test_fuzz.cab",
241                 NULL
242         };
243         static const struct files filesets[] = {
244                 {0, fileset1},
245                 {1, NULL}
246         };
247         test_fuzz(filesets);
248 }
249
250 DEFINE_TEST(test_fuzz_cpio)
251 {
252         static const char *fileset1[] = {
253                 "test_read_format_cpio_bin_be.cpio",
254                 NULL
255         };
256         static const char *fileset2[] = {
257                 "test_read_format_cpio_bin_le.cpio",
258                 NULL
259         };
260         static const char *fileset3[] = {
261                 /* Test RPM unwrapper */
262                 "test_read_format_cpio_svr4_gzip_rpm.rpm",
263                 NULL
264         };
265         static const struct files filesets[] = {
266                 {0, fileset1},
267                 {0, fileset2},
268                 {0, fileset3},
269                 {1, NULL}
270         };
271         test_fuzz(filesets);
272 }
273
274 DEFINE_TEST(test_fuzz_iso9660)
275 {
276         static const char *fileset1[] = {
277                 "test_fuzz_1.iso.Z",
278                 NULL
279         };
280         static const struct files filesets[] = {
281                 {0, fileset1}, /* Exercise compress decompressor. */
282                 {1, fileset1},
283                 {1, NULL}
284         };
285         test_fuzz(filesets);
286 }
287
288 DEFINE_TEST(test_fuzz_lzh)
289 {
290         static const char *fileset1[] = {
291                 "test_fuzz.lzh",
292                 NULL
293         };
294         static const struct files filesets[] = {
295                 {0, fileset1},
296                 {1, NULL}
297         };
298         test_fuzz(filesets);
299 }
300
301 DEFINE_TEST(test_fuzz_mtree)
302 {
303         static const char *fileset1[] = {
304                 "test_read_format_mtree.mtree",
305                 NULL
306         };
307         static const struct files filesets[] = {
308                 {0, fileset1},
309                 {1, NULL}
310         };
311         test_fuzz(filesets);
312 }
313
314 DEFINE_TEST(test_fuzz_rar)
315 {
316         static const char *fileset1[] = {
317                 /* Uncompressed RAR test */
318                 "test_read_format_rar.rar",
319                 NULL
320         };
321         static const char *fileset2[] = {
322                 /* RAR file with binary data */
323                 "test_read_format_rar_binary_data.rar",
324                 NULL
325         };
326         static const char *fileset3[] = {
327                 /* Best Compressed RAR test */
328                 "test_read_format_rar_compress_best.rar",
329                 NULL
330         };
331         static const char *fileset4[] = {
332                 /* Normal Compressed RAR test */
333                 "test_read_format_rar_compress_normal.rar",
334                 NULL
335         };
336         static const char *fileset5[] = {
337                 /* Normal Compressed Multi LZSS blocks RAR test */
338                 "test_read_format_rar_multi_lzss_blocks.rar",
339                 NULL
340         };
341         static const char *fileset6[] = {
342                 /* RAR with no EOF header */
343                 "test_read_format_rar_noeof.rar",
344                 NULL
345         };
346         static const char *fileset7[] = {
347                 /* Best Compressed RAR file with both PPMd and LZSS blocks */
348                 "test_read_format_rar_ppmd_lzss_conversion.rar",
349                 NULL
350         };
351         static const char *fileset8[] = {
352                 /* RAR with subblocks */
353                 "test_read_format_rar_subblock.rar",
354                 NULL
355         };
356         static const char *fileset9[] = {
357                 /* RAR with Unicode filenames */
358                 "test_read_format_rar_unicode.rar",
359                 NULL
360         };
361         static const char *fileset10[] = {
362                 "test_read_format_rar_multivolume.part0001.rar",
363                 "test_read_format_rar_multivolume.part0002.rar",
364                 "test_read_format_rar_multivolume.part0003.rar",
365                 "test_read_format_rar_multivolume.part0004.rar",
366                 NULL
367         };
368         static const struct files filesets[] = {
369                 {0, fileset1},
370                 {0, fileset2},
371                 {0, fileset3},
372                 {0, fileset4},
373                 {0, fileset5},
374                 {0, fileset6},
375                 {0, fileset7},
376                 {0, fileset8},
377                 {0, fileset9},
378                 {0, fileset10},
379                 {1, NULL}
380         };
381         test_fuzz(filesets);
382 }
383
384 DEFINE_TEST(test_fuzz_tar)
385 {
386         static const char *fileset1[] = {
387                 "test_compat_bzip2_1.tbz",
388                 NULL
389         };
390         static const char *fileset2[] = {
391                 "test_compat_gtar_1.tar",
392                 NULL
393         };
394         static const char *fileset3[] = {
395                 "test_compat_gzip_1.tgz",
396                 NULL
397         };
398         static const char *fileset4[] = {
399                 "test_compat_gzip_2.tgz",
400                 NULL
401         };
402         static const char *fileset5[] = {
403                 "test_compat_tar_hardlink_1.tar",
404                 NULL
405         };
406         static const char *fileset6[] = {
407                 "test_compat_xz_1.txz",
408                 NULL
409         };
410         static const char *fileset7[] = {
411                 "test_read_format_gtar_sparse_1_17_posix10_modified.tar",
412                 NULL
413         };
414         static const char *fileset8[] = {
415                 "test_read_format_tar_empty_filename.tar",
416                 NULL
417         };
418 #if HAVE_LIBLZO2 && HAVE_LZO_LZO1X_H && HAVE_LZO_LZOCONF_H
419         static const char *fileset9[] = {
420                 "test_compat_lzop_1.tar.lzo",
421                 NULL
422         };
423 #endif
424 #if HAVE_ZSTD_H && HAVE_LIBZSTD
425         static const char *fileset10[] = {
426                 "test_compat_zstd_1.tar.zst",
427                 NULL
428         };
429 #endif
430         static const struct files filesets[] = {
431                 {0, fileset1}, /* Exercise bzip2 decompressor. */
432                 {1, fileset1},
433                 {0, fileset2},
434                 {0, fileset3}, /* Exercise gzip decompressor. */
435                 {0, fileset4}, /* Exercise gzip decompressor. */
436                 {0, fileset5},
437                 {0, fileset6}, /* Exercise xz decompressor. */
438                 {0, fileset7},
439                 {0, fileset8},
440 #if HAVE_LIBLZO2 && HAVE_LZO_LZO1X_H && HAVE_LZO_LZOCONF_H
441                 {0, fileset9}, /* Exercise lzo decompressor. */
442 #endif
443 #if HAVE_ZSTD_H && HAVE_LIBZSTD
444                 {0, fileset10}, /* Excercise zstd decompressor. */
445 #endif
446                 {1, NULL}
447         };
448         test_fuzz(filesets);
449 }
450
451 DEFINE_TEST(test_fuzz_zip)
452 {
453         static const char *fileset1[] = {
454                 "test_compat_zip_1.zip",
455                 NULL
456         };
457         static const char *fileset2[] = {
458                 "test_compat_zip_2.zip",
459                 NULL
460         };
461         static const char *fileset3[] = {
462                 "test_compat_zip_3.zip",
463                 NULL
464         };
465         static const char *fileset4[] = {
466                 "test_compat_zip_4.zip",
467                 NULL
468         };
469         static const char *fileset5[] = {
470                 "test_compat_zip_5.zip",
471                 NULL
472         };
473         static const char *fileset6[] = {
474                 "test_compat_zip_6.zip",
475                 NULL
476         };
477         static const char *fileset7[] = {
478                 "test_read_format_zip.zip",
479                 NULL
480         };
481         static const char *fileset8[] = {
482                 "test_read_format_zip_comment_stored_1.zip",
483                 NULL
484         };
485         static const char *fileset9[] = {
486                 "test_read_format_zip_comment_stored_2.zip",
487                 NULL
488         };
489         static const char *fileset10[] = {
490                 "test_read_format_zip_encryption_data.zip",
491                 NULL
492         };
493         static const char *fileset11[] = {
494                 "test_read_format_zip_encryption_header.zip",
495                 NULL
496         };
497         static const char *fileset12[] = {
498                 "test_read_format_zip_encryption_partially.zip",
499                 NULL
500         };
501         static const char *fileset13[] = {
502                 "test_read_format_zip_filename_cp866.zip",
503                 NULL
504         };
505         static const char *fileset14[] = {
506                 "test_read_format_zip_filename_cp932.zip",
507                 NULL
508         };
509         static const char *fileset15[] = {
510                 "test_read_format_zip_filename_koi8r.zip",
511                 NULL
512         };
513         static const char *fileset16[] = {
514                 "test_read_format_zip_filename_utf8_jp.zip",
515                 NULL
516         };
517         static const char *fileset17[] = {
518                 "test_read_format_zip_filename_utf8_ru.zip",
519                 NULL
520         };
521         static const char *fileset18[] = {
522                 "test_read_format_zip_filename_utf8_ru2.zip",
523                 NULL
524         };
525         static const char *fileset19[] = {
526                 "test_read_format_zip_length_at_end.zip",
527                 NULL
528         };
529         static const char *fileset20[] = {
530                 "test_read_format_zip_mac_metadata.zip",
531                 NULL
532         };
533         static const char *fileset21[] = {
534                 "test_read_format_zip_malformed1.zip",
535                 NULL
536         };
537         static const char *fileset22[] = {
538                 "test_read_format_zip_msdos.zip",
539                 NULL
540         };
541         static const char *fileset23[] = {
542                 "test_read_format_zip_nested.zip",
543                 NULL
544         };
545         static const char *fileset24[] = {
546                 "test_read_format_zip_nofiletype.zip",
547                 NULL
548         };
549         static const char *fileset25[] = {
550                 "test_read_format_zip_padded1.zip",
551                 NULL
552         };
553         static const char *fileset26[] = {
554                 "test_read_format_zip_padded2.zip",
555                 NULL
556         };
557         static const char *fileset27[] = {
558                 "test_read_format_zip_padded3.zip",
559                 NULL
560         };
561         static const char *fileset28[] = {
562                 "test_read_format_zip_symlink.zip",
563                 NULL
564         };
565         static const char *fileset29[] = {
566                 "test_read_format_zip_traditional_encryption_data.zip",
567                 NULL
568         };
569         static const char *fileset30[] = {
570                 "test_read_format_zip_ux.zip",
571                 NULL
572         };
573         static const char *fileset31[] = {
574                 "test_read_format_zip_winzip_aes128.zip",
575                 NULL
576         };
577         static const char *fileset32[] = {
578                 "test_read_format_zip_winzip_aes256.zip",
579                 NULL
580         };
581         static const char *fileset33[] = {
582                 "test_read_format_zip_winzip_aes256_large.zip",
583                 NULL
584         };
585         static const char *fileset34[] = {
586                 "test_read_format_zip_winzip_aes256_stored.zip",
587                 NULL
588         };
589         static const char *fileset35[] = {
590                 "test_read_format_zip_zip64a.zip",
591                 NULL
592         };
593         static const char *fileset36[] = {
594                 "test_read_format_zip_zip64b.zip",
595                 NULL
596         };
597
598         static const struct files filesets[] = {
599                 {0, fileset1},
600                 {0, fileset2},
601                 {0, fileset3},
602                 {0, fileset4},
603                 {0, fileset5},
604                 {0, fileset6},
605                 {0, fileset7},
606                 {0, fileset8},
607                 {0, fileset9},
608                 {0, fileset10},
609                 {0, fileset11},
610                 {0, fileset12},
611                 {0, fileset13},
612                 {0, fileset14},
613                 {0, fileset15},
614                 {0, fileset16},
615                 {0, fileset17},
616                 {0, fileset18},
617                 {0, fileset19},
618                 {0, fileset20},
619                 {0, fileset21},
620                 {0, fileset22},
621                 {0, fileset23},
622                 {0, fileset24},
623                 {0, fileset25},
624                 {0, fileset26},
625                 {0, fileset27},
626                 {0, fileset28},
627                 {0, fileset29},
628                 {0, fileset30},
629                 {0, fileset31},
630                 {0, fileset32},
631                 {0, fileset33},
632                 {0, fileset34},
633                 {0, fileset35},
634                 {0, fileset36},
635                 {1, NULL}
636         };
637         test_fuzz(filesets);
638 }
639
10-STABLE