Skip to content

Commit

Permalink
fuzzer_loadfile_direct: exclude paths also for file://
Browse files Browse the repository at this point in the history 
Loading external files makes little sense. Might disable this completely
later, but let see how it works, The idea is the same as for direct
load. Exclude paths starting with `file://.` and `file:///`. But still
fuzz any processing that other input might have. It shouldn't be a huge
problem if we do `file://mpv` for example. Not great, but also not
terrible.
  • Loading branch information
@kasper93
kasper93 committed May 9, 2024
1 parent d6803c4 commit bf6d49c
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 6 deletions.
19 changes: 14 additions & 5 deletions fuzzers/fuzzer_loadfile_direct.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,18 +34,27 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
return -1;

#ifdef MPV_PROTO
if (!str_startswith(data, size - 1, MPV_STRINGIFY(MPV_PROTO) "://", strlen(MPV_STRINGIFY(MPV_PROTO) "://")))
if (!str_startswith(data, size - 1, MPV_STRINGIFY(MPV_PROTO) "://", sizeof(MPV_STRINGIFY(MPV_PROTO) "://") - 1))
return -1;
#else
#endif

#if !defined(MPV_PROTO) || defined(MPV_PROTO_FILE)
const uint8_t *data_check = data;
size_t size_check = size;
size_t prefix_size = sizeof("file://") - 1;
if (str_startswith(data, size - 1, "file://", prefix_size)) {
data_check += prefix_size;
size_check -= prefix_size;
}
// Exclude some common paths that are not useful for testing.
// Exclude -
if (size == 2 && !strncmp(data, "-", 1))
if (size_check == 2 && !strncmp(data_check, "-", 1))
return -1;
// Exclude relative paths
if (str_startswith(data, size - 1, ".", 1))
if (str_startswith(data_check, size_check - 1, ".", 1))
return -1;
// Exclude absolute paths
if (str_startswith(data, size - 1, "/", 1))
if (str_startswith(data_check, size_check - 1, "/", 1))
return -1;
#endif

Expand Down
2 changes: 1 addition & 1 deletion fuzzers/meson.build
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ foreach p : ['bd', 'cdda', 'dvb', 'dvd', 'edl', 'file', 'hex', 'lavf', 'memory',
'mf', 'slice', 'smb']
executable('fuzzer_protocol_' + p,
'fuzzer_loadfile_direct.c',
c_args: ['-DMPV_PROTO=' + p],
c_args: ['-DMPV_PROTO=' + p, '-DMPV_PROTO_' + p.to_upper()],
include_directories: incdir,
link_with: libmpv)
endforeach
Expand Down

0 comments on commit bf6d49c

Please sign in to comment.