From 762956f1a8602f3dfeba522afe9218276353bb25 Mon Sep 17 00:00:00 2001 From: Emil Mikulic Date: Sun, 2 Oct 2022 12:08:57 +1100 Subject: [PATCH] Set running = 1 before entering the main loop. This is so the fuzzer can wait for it. --- darkhttpd.c | 3 ++- devel/fuzz_socket.cc | 3 ++- devel/fuzz_socket.sh | 3 +-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/darkhttpd.c b/darkhttpd.c index afa2220..24ccc31 100644 --- a/darkhttpd.c +++ b/darkhttpd.c @@ -308,7 +308,7 @@ static char *auth_key = NULL; static uint64_t num_requests = 0, total_in = 0, total_out = 0; static int accepting = 1; /* set to 0 to stop accept()ing */ static int syslog_enabled = 0; -static volatile int running = 1; /* signal handler sets this to false */ +volatile int running = 0; /* signal handler sets this to false */ #define INVALID_UID ((uid_t) -1) #define INVALID_GID ((gid_t) -1) @@ -2847,6 +2847,7 @@ int main(int argc, char **argv) { if (want_daemon) daemonize_finish(); /* main loop */ + running = 1; while (running) httpd_poll(); /* clean exit */ diff --git a/devel/fuzz_socket.cc b/devel/fuzz_socket.cc index bc7e9cd..211822c 100644 --- a/devel/fuzz_socket.cc +++ b/devel/fuzz_socket.cc @@ -9,6 +9,7 @@ #include extern "C" int darkhttpd(int argc, const char** argv); +extern "C" volatile int running; namespace { int argc = 4; @@ -26,8 +27,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { addrin.sin_family = AF_INET; addrin.sin_port = htons(port); if (inet_aton(host, &addrin.sin_addr) == 0) err(1, "inet_aton"); + while (!running) { std::this_thread::yield(); } inited = true; - sleep(1); } char buf[4096]; diff --git a/devel/fuzz_socket.sh b/devel/fuzz_socket.sh index e71a151..bec9efb 100755 --- a/devel/fuzz_socket.sh +++ b/devel/fuzz_socket.sh @@ -1,7 +1,6 @@ #!/bin/bash -e set -x -mkdir -p tmp.fuzz -echo hi > tmp.fuzz/hello.txt +mkdir -p fuzz_socket_testcases clang -c -Dmain=darkhttpd -g -O2 -fsanitize=fuzzer,address ../darkhttpd.c -o fuzz_darkhttpd.o clang++ -g -O2 -fsanitize=fuzzer,address fuzz_socket.cc fuzz_darkhttpd.o -o fuzz_socket ./fuzz_socket fuzz_socket_testcases -detect_leaks=0 -only_ascii=1