Set running = 1 before entering the main loop.

This is so the fuzzer can wait for it.
emikulic · Oct 2, 2022 · 762956f · 762956f
1 parent 4792091
commit 762956f
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/darkhttpd.c b/darkhttpd.c
@@ -308,7 +308,7 @@ static char *auth_key = NULL;
 static uint64_t num_requests = 0, total_in = 0, total_out = 0;
 static int accepting = 1;           /* set to 0 to stop accept()ing */
 static int syslog_enabled = 0;
-static volatile int running = 1; /* signal handler sets this to false */
+volatile int running = 0; /* signal handler sets this to false */
 
 #define INVALID_UID ((uid_t) -1)
 #define INVALID_GID ((gid_t) -1)
@@ -2847,6 +2847,7 @@ int main(int argc, char **argv) {
     if (want_daemon) daemonize_finish();
 
     /* main loop */
+    running = 1;
     while (running) httpd_poll();
 
     /* clean exit */

diff --git a/devel/fuzz_socket.cc b/devel/fuzz_socket.cc
@@ -9,6 +9,7 @@
 #include <thread>
 
 extern "C" int darkhttpd(int argc, const char** argv);
+extern "C" volatile int running;
 
 namespace {
 int argc = 4;
@@ -26,8 +27,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
     addrin.sin_family = AF_INET;
     addrin.sin_port = htons(port);
     if (inet_aton(host, &addrin.sin_addr) == 0) err(1, "inet_aton");
+    while (!running) { std::this_thread::yield(); }
     inited = true;
-    sleep(1);
   }
 
   char buf[4096];

diff --git a/devel/fuzz_socket.sh b/devel/fuzz_socket.sh
@@ -1,7 +1,6 @@
 #!/bin/bash -e
 set -x
-mkdir -p tmp.fuzz
-echo hi > tmp.fuzz/hello.txt
+mkdir -p fuzz_socket_testcases
 clang -c -Dmain=darkhttpd -g -O2 -fsanitize=fuzzer,address ../darkhttpd.c -o fuzz_darkhttpd.o
 clang++ -g -O2 -fsanitize=fuzzer,address fuzz_socket.cc fuzz_darkhttpd.o -o fuzz_socket
 ./fuzz_socket fuzz_socket_testcases -detect_leaks=0 -only_ascii=1