From patchwork Fri Dec  9 12:23:19 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Wei Liu <Wei.Liu2@citrix.com>
X-Patchwork-Id: 9468053
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	48926607D8 for <patchwork-xen-devel@patchwork.kernel.org>;
	Fri,  9 Dec 2016 12:26:01 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3C51F2850F
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Fri,  9 Dec 2016 12:26:01 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 313F82861B; Fri,  9 Dec 2016 12:26:01 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id CB35E2850F
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Fri,  9 Dec 2016 12:26:00 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1cFKD5-0007sY-Dg; Fri, 09 Dec 2016 12:23:31 +0000
Received: from mail6.bemta6.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <prvs=1440f41bc=wei.liu2@citrix.com>)
	id 1cFKD4-0007sK-QL
	for xen-devel@lists.xenproject.org; Fri, 09 Dec 2016 12:23:30 +0000
Received: from [193.109.254.147] by server-6.bemta-6.messagelabs.com id
	7D/09-28843-242AA485; Fri, 09 Dec 2016 12:23:30 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprEIsWRWlGSWpSXmKPExsXitHSDva7jIq8
	Ig7mrpCy+b5nM5MDocfjDFZYAxijWzLyk/IoE1oz/b3+yF6yWqJjfvo6tgbFLtIuRk0NCwF/i
	6Zb1jCA2m4CyxM/OXjYQW0RAT6LpwHOgOBcHs8A+JonDrzewgCSEBewlXnZ/AbNZBFQkWlb8A
	GvmFXCSmLj4OwvEUDmJ88d/MoPYnALOEptOXAKrEQKq2dT0kAXCVpDomH6MCaJXUOLkzCdgcW
	YBCYmDL14wT2DknYUkNQtJagEj0ypGjeLUorLUIl1jI72kosz0jJLcxMwcXUMDM73c1OLixPT
	UnMSkYr3k/NxNjMDwYQCCHYyn1wUeYpTkYFIS5S1m8ooQ4kvKT6nMSCzOiC8qzUktPsQow8Gh
	JMHLOQ8oJ1iUmp5akZaZAwxkmLQEB4+SCG/sHKA0b3FBYm5xZjpE6hSjLse0Z4ufMgmx5OXnp
	UqJ87KCzBAAKcoozYMbAYuqS4yyUsK8jEBHCfEUpBblZpagyr9iFOdgVBLmDZ4LNIUnM68Ebt
	MroCOYgI6Yd8Md5IiSRISUVANj36V7b9f9ej3ZjrNYy+yq4IsZXnq3boQZnle48srhz9c2g4v
	X/K84hu9wa1Q4cuV9icMHT52fURWThRu37w9VmXsuOd66Sjn/gf3OM6mdBTOrTjodkrTLLxJ8
	P1dQ2OdTiM8PhcT82FvMSneaHp4u4ix3nCPx1PW/xwuhhSFlUSy/73gc8lqjxFKckWioxVxUn
	AgApOc/faUCAAA=
X-Env-Sender: prvs=1440f41bc=wei.liu2@citrix.com
X-Msg-Ref: server-4.tower-27.messagelabs.com!1481286207!75738173!1
X-Originating-IP: [66.165.176.63]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni42MyA9PiAzMDYwNDg=\n,
	received_headers: No Received headers
X-StarScan-Received: 
X-StarScan-Version: 9.1.1; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 3638 invoked from network); 9 Dec 2016 12:23:29 -0000
Received: from smtp02.citrix.com (HELO SMTP02.CITRIX.COM) (66.165.176.63)
	by server-4.tower-27.messagelabs.com with RC4-SHA encrypted SMTP;
	9 Dec 2016 12:23:29 -0000
X-IronPort-AV: E=Sophos;i="5.33,324,1477958400"; d="scan'208";a="402747491"
From: Wei Liu <wei.liu2@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Date: Fri, 9 Dec 2016 12:23:19 +0000
Message-ID: <1481286205-4373-2-git-send-email-wei.liu2@citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1481286205-4373-1-git-send-email-wei.liu2@citrix.com>
References: <1481286205-4373-1-git-send-email-wei.liu2@citrix.com>
MIME-Version: 1.0
Cc: Stefano Stabellini <sstabellini@kernel.org>,
	Wei Liu <wei.liu2@citrix.com>,
	George Dunlap <George.Dunlap@eu.citrix.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Ian Jackson <ian.jackson@eu.citrix.com>, Tim Deegan <tim@xen.org>,
	Jan Beulich <jbeulich@suse.com>
Subject: [Xen-devel] [PATCH RFC v2 1/7] tools/fuzz: introduce libelf target
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Source code and Makefile to fuzz libelf in Google's oss-fuzz
infrastructure.

Introduce FUZZ_NO_LIBXC in libelf-private.h. That macro will be set when
compiling libelf fuzzer target because libxc is not required in libelf
fuzzing.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
---
Cc: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: George Dunlap <George.Dunlap@eu.citrix.com>
Cc: Ian Jackson <ian.jackson@eu.citrix.com>
Cc: Jan Beulich <jbeulich@suse.com>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Stefano Stabellini <sstabellini@kernel.org>
Cc: Tim Deegan <tim@xen.org>
Cc: Wei Liu <wei.liu2@citrix.com>
---
 tools/fuzz/libelf/Makefile         | 31 +++++++++++++++++++++++++++++++
 tools/fuzz/libelf/libelf-fuzzer.c  | 32 ++++++++++++++++++++++++++++++++
 xen/common/libelf/libelf-private.h |  2 ++
 3 files changed, 65 insertions(+)
 create mode 100644 tools/fuzz/libelf/Makefile
 create mode 100644 tools/fuzz/libelf/libelf-fuzzer.c

diff --git a/tools/fuzz/libelf/Makefile b/tools/fuzz/libelf/Makefile
new file mode 100644
index 0000000..0e9d40a
--- /dev/null
+++ b/tools/fuzz/libelf/Makefile
@@ -0,0 +1,31 @@
+XEN_ROOT = $(CURDIR)/../../..
+include $(XEN_ROOT)/tools/Rules.mk
+
+# libelf fuzz target
+vpath %.c ../../../xen/common/libelf
+CFLAGS += -I../../../xen/common/libelf
+ELF_SRCS-y += libelf-tools.c libelf-loader.c libelf-dominfo.c
+ELF_LIB_OBJS := $(patsubst %.c,%.o,$(ELF_SRCS-y))
+
+$(patsubst %.c,%.o,$(ELF_SRCS-y)): CFLAGS += -Wno-pointer-sign
+
+$(ELF_LIB_OBJS): CFLAGS += -DFUZZ_NO_LIBXC $(CFLAGS_xeninclude)
+
+libelf-fuzzer.o: CFLAGS += $(CFLAGS_xeninclude)
+
+libelf.a: $(ELF_LIB_OBJS)
+	$(AR) rc $@ $^
+
+.PHONY: libelf-fuzzer-all
+libelf-fuzzer-all: libelf.a libelf-fuzzer.o
+
+# Common targets
+.PHONY: all
+all: libelf-fuzzer-all
+
+.PHONY: distclean
+distclean: clean
+
+.PHONY: clean
+clean:
+	rm -f *.o *.a
diff --git a/tools/fuzz/libelf/libelf-fuzzer.c b/tools/fuzz/libelf/libelf-fuzzer.c
new file mode 100644
index 0000000..71561d3
--- /dev/null
+++ b/tools/fuzz/libelf/libelf-fuzzer.c
@@ -0,0 +1,32 @@
+#include <inttypes.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <xen/libelf/libelf.h>
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    struct elf_binary elf_buf, *elf;
+    struct elf_dom_parms parms;
+
+    elf = &elf_buf;
+
+    memset(elf, 0, sizeof(*elf));
+    elf_init(elf, (const char *)data, size);
+    elf_parse_binary(elf);
+    elf_xen_parse(elf, &parms);
+
+    return 0;
+}
+
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/common/libelf/libelf-private.h b/xen/common/libelf/libelf-private.h
index 388c3da..47db679 100644
--- a/xen/common/libelf/libelf-private.h
+++ b/xen/common/libelf/libelf-private.h
@@ -72,8 +72,10 @@
 #include <xen/elfnote.h>
 #include <xen/libelf/libelf.h>
 
+#ifndef FUZZ_NO_LIBXC
 #include "xenctrl.h"
 #include "xc_private.h"
+#endif
 
 #define elf_msg(elf, fmt, args ... )                    \
     elf_call_log_callback(elf, 0, fmt , ## args );