libziparchive: add trivial fuzzer.

Didn't find anything when I ran it, but it did get me to fix the const/non-const void* in the API. Test: treehugger Change-Id: If3849d974965e3e5ffcbdaf5e47921316d717410
2019-10-22 11:44:50 -07:00 · 2019-10-22 11:44:50 -07:00 · f66460b92a
commit f66460b92a
parent d76932ffa5
5 changed files with 33 additions and 12 deletions
--- a/libziparchive/Android.bp
+++ b/libziparchive/Android.bp
@ -184,3 +184,10 @@ cc_binary {
    ],
    recovery_available: true,
 }
+
+cc_fuzz {
+    name: "libziparchive_fuzzer",
+    srcs: ["libziparchive_fuzzer.cpp"],
+    static_libs: ["libziparchive", "libbase", "libz", "liblog"],
+    host_supported: true,
+}
--- a/libziparchive/include/ziparchive/zip_archive.h
+++ b/libziparchive/include/ziparchive/zip_archive.h
@ -114,7 +114,7 @@ int32_t OpenArchive(const char* fileName, ZipArchiveHandle* handle);
 int32_t OpenArchiveFd(const int fd, const char* debugFileName, ZipArchiveHandle* handle,
                      bool assume_ownership = true);

-int32_t OpenArchiveFromMemory(void* address, size_t length, const char* debugFileName,
+int32_t OpenArchiveFromMemory(const void* address, size_t length, const char* debugFileName,
                              ZipArchiveHandle* handle);
 /*
 * Close archive, releasing resources associated with it. This will
--- a/libziparchive/libziparchive_fuzzer.cpp
+++ b/libziparchive/libziparchive_fuzzer.cpp
@ -0,0 +1,13 @@
+// SPDX-License-Identifier: Apache-2.0
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include <ziparchive/zip_archive.h>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  ZipArchiveHandle handle = nullptr;
+  OpenArchiveFromMemory(data, size, "fuzz", &handle);
+  CloseArchive(handle);
+  return 0;
+}
--- a/libziparchive/zip_archive.cc
+++ b/libziparchive/zip_archive.cc
@ -178,7 +178,7 @@ ZipArchive::ZipArchive(const int fd, bool assume_ownership)
 #endif
 }

-ZipArchive::ZipArchive(void* address, size_t length)
+ZipArchive::ZipArchive(const void* address, size_t length)
    : mapped_zip(address, length),
      close_file(false),
      directory_offset(0),
@ -471,7 +471,7 @@ int32_t OpenArchive(const char* fileName, ZipArchiveHandle* handle) {
  return OpenArchiveInternal(archive, fileName);
 }

-int32_t OpenArchiveFromMemory(void* address, size_t length, const char* debug_file_name,
+int32_t OpenArchiveFromMemory(const void* address, size_t length, const char* debug_file_name,
                              ZipArchiveHandle* handle) {
  ZipArchive* archive = new ZipArchive(address, length);
  *handle = archive;
@ -1152,7 +1152,7 @@ int MappedZipFile::GetFileDescriptor() const {
  return fd_;
 }

-void* MappedZipFile::GetBasePtr() const {
+const void* MappedZipFile::GetBasePtr() const {
  if (has_fd_) {
    ALOGW("Zip: MappedZipFile doesn't have a base pointer.");
    return nullptr;
@ -1188,13 +1188,14 @@ bool MappedZipFile::ReadAtOffset(uint8_t* buf, size_t len, off64_t off) const {
      ALOGE("Zip: invalid offset: %" PRId64 ", data length: %" PRId64 "\n", off, data_length_);
      return false;
    }
-    memcpy(buf, static_cast<uint8_t*>(base_ptr_) + off, len);
+    memcpy(buf, static_cast<const uint8_t*>(base_ptr_) + off, len);
  }
  return true;
 }

-void CentralDirectory::Initialize(void* map_base_ptr, off64_t cd_start_offset, size_t cd_size) {
-  base_ptr_ = static_cast<uint8_t*>(map_base_ptr) + cd_start_offset;
+void CentralDirectory::Initialize(const void* map_base_ptr, off64_t cd_start_offset,
+                                  size_t cd_size) {
+  base_ptr_ = static_cast<const uint8_t*>(map_base_ptr) + cd_start_offset;
  length_ = cd_size;
 }

--- a/libziparchive/zip_archive_private.h
+++ b/libziparchive/zip_archive_private.h
@ -95,14 +95,14 @@ class MappedZipFile {
  explicit MappedZipFile(const int fd)
      : has_fd_(true), fd_(fd), base_ptr_(nullptr), data_length_(0) {}

-  explicit MappedZipFile(void* address, size_t length)
+  explicit MappedZipFile(const void* address, size_t length)
      : has_fd_(false), fd_(-1), base_ptr_(address), data_length_(static_cast<off64_t>(length)) {}

  bool HasFd() const { return has_fd_; }

  int GetFileDescriptor() const;

-  void* GetBasePtr() const;
+  const void* GetBasePtr() const;

  off64_t GetFileLength() const;

@ -117,7 +117,7 @@ class MappedZipFile {

  const int fd_;

-  void* const base_ptr_;
+  const void* const base_ptr_;
  const off64_t data_length_;
 };

@ -129,7 +129,7 @@ class CentralDirectory {

  size_t GetMapLength() const { return length_; }

-  void Initialize(void* map_base_ptr, off64_t cd_start_offset, size_t cd_size);
+  void Initialize(const void* map_base_ptr, off64_t cd_start_offset, size_t cd_size);

 private:
  const uint8_t* base_ptr_;
@ -177,7 +177,7 @@ struct ZipArchive {
  ZipStringOffset* hash_table;

  ZipArchive(const int fd, bool assume_ownership);
-  ZipArchive(void* address, size_t length);
+  ZipArchive(const void* address, size_t length);
  ~ZipArchive();

  bool InitializeCentralDirectory(off64_t cd_start_offset, size_t cd_size);