From ffca1825e674f3b09fb888b30fbe2765b9b8ecaa Mon Sep 17 00:00:00 2001 From: David Cermak Date: Fri, 28 Jun 2019 14:12:10 +0200 Subject: [PATCH] lwip fuzzer: supplied dummy dns server entry to work with internal packet processing functionwhich is exercised in fuzzer tests, disable CTYPE as recent newlib is not compatible with AFL --- components/lwip/test_afl_host/Makefile | 2 +- components/lwip/test_afl_host/network_mock.c | 2 +- components/lwip/test_afl_host/test_dns.c | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/components/lwip/test_afl_host/Makefile b/components/lwip/test_afl_host/Makefile index 7c5cf49f3a..b236b327a8 100644 --- a/components/lwip/test_afl_host/Makefile +++ b/components/lwip/test_afl_host/Makefile @@ -1,6 +1,6 @@ COMPONENTS_DIR=../.. CFLAGS=-std=gnu99 -Og -ggdb -ffunction-sections -fdata-sections -nostdlib -Wall -Werror=all -Wno-int-to-pointer-cast -Wno-error=unused-function -Wno-error=unused-variable -Wno-error=deprecated-declarations -Wextra \ --Wno-unused-parameter -Wno-sign-compare -Wno-address -Wno-unused-variable -DESP_PLATFORM -D IDF_VER=\"v3.1\" -MMD -MP -DWITH_POSIX +-Wno-unused-parameter -Wno-sign-compare -Wno-address -Wno-unused-variable -DESP_PLATFORM -D IDF_VER=\"v3.1\" -MMD -MP -DWITH_POSIX -DLWIP_NO_CTYPE_H=1 INC_DIRS=-I . -I ./build/config -I $(COMPONENTS_DIR)/newlib/platform_include -I $(COMPONENTS_DIR)/newlib/include -I $(COMPONENTS_DIR)/driver/include -I $(COMPONENTS_DIR)/esp32/include -I $(COMPONENTS_DIR)/ethernet/include -I $(COMPONENTS_DIR)/freertos/include -I $(COMPONENTS_DIR)/heap/include -I $(COMPONENTS_DIR)/lwip/lwip/src/include -I $(COMPONENTS_DIR)/lwip/include/apps -I $(COMPONENTS_DIR)/lwip/lwip/src/include/netif -I $(COMPONENTS_DIR)/lwip/lwip/src/include/posix -I $(COMPONENTS_DIR)/lwip/port/esp32/include -I $(COMPONENTS_DIR)/lwip/lwip/src/include/posix -I $(COMPONENTS_DIR)/lwip/include/apps/ping -I $(COMPONENTS_DIR)/lwip/include/apps/sntp -I $(COMPONENTS_DIR)/soc/esp32/include -I $(COMPONENTS_DIR)/soc/include -I $(COMPONENTS_DIR)/tcpip_adapter/include -I $(COMPONENTS_DIR)/esp_rom/include -I $(COMPONENTS_DIR)/esp_common/include -I $(COMPONENTS_DIR)/xtensa/include -I $(COMPONENTS_DIR)/xtensa/esp32/include -I $(COMPONENTS_DIR)/esp_wifi/include -I $(COMPONENTS_DIR)/esp_event/include TEST_NAME=test FUZZ=afl-fuzz diff --git a/components/lwip/test_afl_host/network_mock.c b/components/lwip/test_afl_host/network_mock.c index 947b6b22b2..aeaad72d32 100644 --- a/components/lwip/test_afl_host/network_mock.c +++ b/components/lwip/test_afl_host/network_mock.c @@ -94,7 +94,7 @@ struct pbuf * pbuf_alloc(pbuf_layer layer, u16_t length, pbuf_type type) p = (struct pbuf *)malloc(MEMP_PBUF_POOL); p->tot_len = length; p->next = NULL; - p->type = PBUF_POOL; + p->type_internal = PBUF_POOL; p->len = length; p->payload = malloc(length); return p; diff --git a/components/lwip/test_afl_host/test_dns.c b/components/lwip/test_afl_host/test_dns.c index 131a8b3ed7..1e9a588150 100644 --- a/components/lwip/test_afl_host/test_dns.c +++ b/components/lwip/test_afl_host/test_dns.c @@ -66,6 +66,8 @@ int main(int argc, char** argv) p->next = NULL; // Pretend that the response is from our pending querries + IP4_ADDR(&server_ip, 8, 8, 8, 8); + dns_setserver(0, &server_ip); dns_test_inject_port_and_txid(1024, (buf[0]<<8) + buf[1]); dns_test_dns_enqueue("test", 4, NULL, NULL, 0);