fuzz-afl: Add info target

dbrgn · dbrgn · commit ba34197e5929 · 2020-02-12T17:54:40.000+01:00
Decoding will parse the header as well, but it might still be
interesting to fuzz the header parsing separately.
diff --git a/fuzz-afl/.gitignore b/fuzz-afl/.gitignore
@@ -1 +1,2 @@
 out/
+out-*/
diff --git a/fuzz-afl/Cargo.toml b/fuzz-afl/Cargo.toml
@@ -12,6 +12,14 @@ path = "src/fuzz_decode.rs"
 name = "reproduce_decode"
 path = "src/reproduce_decode.rs"
 
+[[bin]]
+name = "fuzz_info"
+path = "src/fuzz_info.rs"
+
+[[bin]]
+name = "reproduce_info"
+path = "src/reproduce_info.rs"
+
 [dependencies]
 afl = "0.4"
 jpeg-decoder = { path = "../" }
diff --git a/fuzz-afl/src/fuzz_info.rs b/fuzz-afl/src/fuzz_info.rs
@@ -0,0 +1,15 @@
+use afl::fuzz;
+
+use jpeg_decoder::{Decoder, ImageInfo};
+
+#[inline(always)]
+fn get_info(data: &[u8]) -> Option<ImageInfo> {
+    let mut decoder = Decoder::new(data);
+    decoder.read_info().ok().and_then(|_| decoder.info())
+}
+
+fn main() {
+    fuzz!(|data: &[u8]| {
+        let _ = get_info(data);
+    });
+}
diff --git a/fuzz-afl/src/reproduce_decode.rs b/fuzz-afl/src/reproduce_decode.rs
@@ -1,19 +1,15 @@
 use jpeg_decoder::{Decoder, Error};
 
+mod utils;
+
 #[inline(always)]
 fn decode(data: &[u8]) -> Result<Vec<u8>, Error> {
     let mut decoder = Decoder::new(data);
     decoder.decode()
 }
 
 fn main() {
-    let args: Vec<String> = std::env::args().collect();
-    if args.len() != 2 {
-        println!("Usage: {} <path-to-crash>", args[0]);
-        std::process::exit(1);
-    }
-
-    let data = std::fs::read(&args[1]).expect(&format!("Could not open file {}", args[1]));
+    let data = utils::read_file_from_args();
     match decode(&data) {
         Ok(bytes) => println!("Decoded {} bytes", bytes.len()),
         Err(e) => println!("Decoder returned an error: {:?}\nNote: Not a panic, this is fine.", e),
diff --git a/fuzz-afl/src/reproduce_info.rs b/fuzz-afl/src/reproduce_info.rs
@@ -0,0 +1,17 @@
+use jpeg_decoder::{Decoder, ImageInfo};
+
+mod utils;
+
+#[inline(always)]
+fn get_info(data: &[u8]) -> Option<ImageInfo> {
+    let mut decoder = Decoder::new(data);
+    decoder.read_info().ok().and_then(|_| decoder.info())
+}
+
+fn main() {
+    let data = utils::read_file_from_args();
+    match get_info(&data) {
+        Some(info) => println!("Info: {:?}", info),
+        None => println!("Found no info in file"),
+    };
+}
diff --git a/fuzz-afl/src/utils.rs b/fuzz-afl/src/utils.rs
@@ -0,0 +1,10 @@
+pub fn read_file_from_args() -> Vec<u8> {
+    let args: Vec<String> = std::env::args().collect();
+    if args.len() != 2 {
+        println!("Usage: {} <path-to-crash>", args[0]);
+        std::process::exit(1);
+    }
+    let data = std::fs::read(&args[1])
+        .expect(&format!("Could not open file {}", args[1]));
+    data
+}
