Chiebot-Mirror
/
c-ares
mirror of https://github.com/c-ares/c-ares.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

fuzzer: call parser directly for enhanced iterations per second

Browse Source 
The legacy c-ares parsers such as ares_parse_txt_reply() and
ares_parse_srv_reply() historically all used different logic and
parsing.

As of c-ares 1.21.0 these are simply wrappers around a single parser, and
simply convert the parsed DNS response into the data structures the legacy
parsers used which is a small amount of code and not likely going to vary
based on the input data.

Instead, these days, it makes more sense to test the new parser directly
instead of calling it 10 or 11 times with the same input data to speed up
the number of iterations per second the fuzzer can perform.

We are keeping this legacy fuzzer test for historic reasons or if someone
finds them of use hidden behind a define of USE_LEGACY_PARSERS.

Authored-By: Brad House (@bradh352)
pull/871/head
Brad House 6 months ago
parent a95ddb9426
commit 7fb17cbe64
1 changed files with 38 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 39
      test/ares-test-fuzz.c

39
test/ares-test-fuzz.c vendored
Unescape View File

@ -29,7 +29,22 @@
int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size);
/* Entrypoint for Clang's libfuzzer */
#ifdef USE_LEGACY_PARSERS
/* This implementation calls the legacy c-ares parsers, which historically
* all used different logic and parsing. As of c-ares 1.21.0 these are
* simply wrappers around a single parser, and simply convert the parsed
* DNS response into the data structures the legacy parsers used which is a
* small amount of code and not likely going to vary based on the input data.
*
* Instead, these days, it makes more sense to test the new parser directly
* instead of calling it 10 or 11 times with the same input data to speed up
* the number of iterations per second the fuzzer can perform.
*
* We are keeping this legacy fuzzer test for historic reasons or if someone
* finds them of use.
*/
int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size)
{
/* Feed the data into each of the ares_parse_*_reply functions. */
@ -106,3 +121,25 @@ int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size)
return 0;
}
#else
int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size)
{
ares_dns_record_t *dnsrec = NULL;
/* There is never a reason to have a size > 65535, it is immediately
* rejected by the parser */
if (size > 65535) {
return -1;
}
ares_dns_parse(data, size, 0, &dnsrec);
if (dnsrec) {
ares_dns_record_destroy(dnsrec);
}
return 0;
}
#endif

Write Preview
Loading…
Cancel
Save