Home Explore Help
Sign In
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
php-8.1.12
/
sapi
/
fuzzer
/
fuzzer-exif.c

fuzzer-exif.c 2.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. /*
    2. 

  2.    +----------------------------------------------------------------------+
    3. 

  3.    | Copyright (c) The PHP Group                                          |
    4. 

  4.    +----------------------------------------------------------------------+
    5. 

  5.    | This source file is subject to version 3.01 of the PHP license,      |
    6. 

  6.    | that is bundled with this package in the file LICENSE, and is        |
    7. 

  7.    | available through the world-wide-web at the following url:           |
    8. 

  8.    | https://www.php.net/license/3_01.txt                                 |
    9. 

  9.    | If you did not receive a copy of the PHP license and are unable to   |
    10. 

  10.    | obtain it through the world-wide-web, please send a note to          |
    11. 

  11.    | license@php.net so we can mail you a copy immediately.               |
    12. 

  12.    +----------------------------------------------------------------------+
    13. 

  13.    | Authors: Stanislav Malyshev <stas@php.net>                           |
    14. 

  14.    +----------------------------------------------------------------------+
    15. 

  15.  */
    16. 

  16. 

  17. #include "fuzzer.h"
    18. 

  18. 

  19. #include "Zend/zend.h"
    20. 

  20. #include "main/php_config.h"
    21. 

  21. #include "main/php_main.h"
    22. 

  22. #include "ext/standard/php_var.h"
    23. 

  23. 

  24. #include <stdio.h>
    25. 

  25. #include <stdint.h>
    26. 

  26. #include <stdlib.h>
    27. 

  27. #include <sys/types.h>
    28. 

  28. #include <sys/stat.h>
    29. 

  29. #include <fcntl.h>
    30. 

  30. 

  31. #include "fuzzer-sapi.h"
    32. 

  32. 

  33. int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
    34. 

  34. #if HAVE_EXIF
    35. 

  35. 	php_stream *stream;
    36. 

  36. 	zval stream_zv;
    37. 

  37. 

  38. 	if (Size > 256 * 1024) {
    39. 

  39. 		/* Large inputs have a large impact on fuzzer performance,
    40. 

  40. 		 * but are unlikely to be necessary to reach new codepaths. */
    41. 

  41. 		return 0;
    42. 

  42. 	}
    43. 

  43. 

  44. 	if (fuzzer_request_startup() == FAILURE) {
    45. 

  45. 		return 0;
    46. 

  46. 	}
    47. 

  47. 

  48. 	stream = php_stream_memory_create(TEMP_STREAM_DEFAULT);
    49. 

  49. 	php_stream_write(stream, (const char *) Data, Size);
    50. 

  50. 	php_stream_to_zval(stream, &stream_zv);
    51. 

  51. 

  52. 	fuzzer_call_php_func_zval("exif_read_data", 1, &stream_zv);
    53. 

  53. 

  54. 	zval_ptr_dtor(&stream_zv);
    55. 

  55. 

  56. 	/* cleanup */
    57. 

  57. 	php_request_shutdown(NULL);
    58. 

  58. 

  59. 	return 0;
    60. 

  60. #else
    61. 

  61. 	fprintf(stderr, "\n\nERROR:\nPHP built without EXIF, recompile with --enable-exif to use this fuzzer\n");
    62. 

  62. 	exit(1);
    63. 

  63. #endif
    64. 

  64. }
    65. 

  65. 

  66. int LLVMFuzzerInitialize(int *argc, char ***argv) {
    67. 

  67. 	fuzzer_init_php();
    68. 

  68. 

  69. 	/* fuzzer_shutdown_php(); */
    70. 

  70. 	return 0;
    71. 

  71. }
    72. 

  72.