fuzzing: Add generic input reader

fuzzing/Makefile.fuzzing_common

@@ -14,6 +14,7 @@ CFLAGS += -ggdb                # Make ASAN output more useful error messages
 CFLAGS += -D_FORTIFY_SOURCE=2  # Compiler hardening
 
 # Various utilitiy modules
+USEMODULE += gnrc_ipv6
 USEMODULE += fuzzing
 USEMODULE += ssp
 

fuzzing/gcoap/Makefile

@@ -1,6 +1,5 @@
 include ../Makefile.fuzzing_common
 
-USEMODULE += gnrc_ipv6
 USEMODULE += gcoap
 
 include $(RIOTBASE)/Makefile.include

fuzzing/gnrc_tcp/Makefile

@@ -8,7 +8,6 @@ CFLAGS += -DSERVER_ADDR=\"$(TCP_SERVER_ADDR)\"
 CFLAGS += -DSERVER_ADDR_PREFIX=$(TCP_SERVER_ADDR_PREFIX)
 CFLAGS += -DSERVER_PORT=$(TCP_SERVER_PORT)
 
-USEMODULE += gnrc_ipv6
 USEMODULE += gnrc_tcp
 
 include $(RIOTBASE)/Makefile.include

makefiles/vars.inc.mk

@@ -128,7 +128,7 @@ export UNZIP_HERE            # Use `cd $(SOME_FOLDER) && $(UNZIP_HERE) $(SOME_FI
 export LAZYSPONGE            # Command saving stdin to a file only on content update.
 export LAZYSPONGE_FLAGS      # Parameters supplied to LAZYSPONGE.
 
-export FLAGS_FOR_AFL             # Additional command-line flags passed to afl during fuzzing.
+export FLAGS_FOR_AFL         # Additional command-line flags passed to afl during fuzzing.
 
 # LOG_LEVEL                  # Logging level as integer (NONE: 0, ERROR: 1, WARNING: 2, INFO: 3, DEBUG: 4, default: 3)
 # KCONFIG_ADD_CONFIG         # List of .config files to be merged used by Boards and CPUs. See kconfig.mk

sys/fuzzing/fuzzing.c

@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2019 Sören Tempel <tempel@uni-bremen.de>
+ * Copyright (C) 2022 Bennet Blischke <bennet.blischke@haw-hamburg.de>
  *
  * This file is subject to the terms and conditions of the GNU Lesser
  * General Public License v2.1. See the file LICENSE in the top level
@@ -8,6 +9,7 @@
 
 #include <errno.h>
 #include <unistd.h>
+#include <stdlib.h>
 #include <sys/types.h>
 
 #include "assert.h"
@@ -24,10 +26,6 @@ extern void fuzzing_netdev_wait(void);
 /* used by gnrc_pktbuf_malloc to exit on free */
 gnrc_pktsnip_t *gnrc_pktbuf_fuzzptr = NULL;
 
-/* buffer sizes for reading from an fd */
-#define FUZZING_BSIZE 1024
-#define FUZZING_BSTEP 128
-
 int
 fuzzing_init(ipv6_addr_t *addr, unsigned pfx_len)
 {
@@ -69,10 +67,10 @@ fuzzing_read_packet(int fd, gnrc_pktsnip_t *pkt)
         rsiz -= r;
 
         if (rsiz == 0) {
-             if (gnrc_pktbuf_realloc_data(pkt, csiz + FUZZING_BSTEP)) {
+            if (gnrc_pktbuf_realloc_data(pkt, csiz + FUZZING_BSTEP)) {
-                 return -ENOMEM;
+                return -ENOMEM;
-             }
+            }
-             rsiz += FUZZING_BSTEP;
+            rsiz += FUZZING_BSTEP;
         }
     }
     if (r == -1) {
@@ -87,3 +85,42 @@ fuzzing_read_packet(int fd, gnrc_pktsnip_t *pkt)
     gnrc_pktbuf_fuzzptr = pkt;
     return 0;
 }
+
+uint8_t *
+fuzzing_read_bytes(int fd, size_t *size)
+{
+    uint8_t *buffer = NULL;
+    ssize_t r;
+    size_t csiz, rsiz;
+
+    csiz = 0;
+    rsiz = FUZZING_BSIZE;
+    if ((buffer = realloc(buffer, rsiz)) == NULL) {
+        return NULL;
+    }
+
+    while ((r = read(fd, &(buffer[csiz]), rsiz)) > 0) {
+        assert((size_t)r <= rsiz);
+
+        csiz += r;
+        rsiz -= r;
+
+        if (rsiz == 0) {
+            if ((buffer = realloc(buffer, csiz + FUZZING_BSTEP)) == NULL) {
+                return NULL;
+            }
+            rsiz += FUZZING_BSTEP;
+        }
+    }
+    if (r == -1) {
+        return NULL;
+    }
+
+    /* shrink packet to actual size */
+    if ((buffer = realloc(buffer, csiz)) == NULL) {
+        return NULL;
+    }
+
+    *size = csiz;
+    return buffer;
+}

sys/include/fuzzing.h

@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2019 Sören Tempel <tempel@uni-bremen.de>
+ * Copyright (C) 2022 Bennet Blischke <bennet.blischke@haw-hamburg.de>
  *
  * This file is subject to the terms and conditions of the GNU Lesser
  * General Public License v2.1. See the file LICENSE in the top level
@@ -25,9 +26,17 @@
 extern "C" {
 #endif
 
+
+#include <stdint.h>
+
 #include "net/ipv6/addr.h"
 #include "net/gnrc/pkt.h"
 
+
+/* buffer sizes for reading from an fd */
+#define FUZZING_BSIZE 1024
+#define FUZZING_BSTEP 128
+
 /**
  * @brief Initialize dummy network interface with given address.
  *
@@ -49,6 +58,16 @@ int fuzzing_init(ipv6_addr_t *addr, unsigned pfx_len);
  */
 int fuzzing_read_packet(int fd, gnrc_pktsnip_t *pkt);
 
+/**
+ * @brief Read data from the given file descriptor.
+ *
+ * @param fd File descriptor to read data from.
+ * @param size Byte count of the data read.
+ *            
+ * @return pointer to the data on success, NULL otherwise.
+ */
+uint8_t *fuzzing_read_bytes(int fd, size_t *size);
+
 #ifdef __cplusplus
 }
 #endif