isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Stub out getaddrinfo() and freeaddrinfo().

Browse Source 
We may not be able have access to DNS in the fuzzing environment.
This commit is contained in:
Todd C. Miller
2023-04-25 13:06:24 -06:00
parent 8c85fefaee
commit 64f6d6fdbc
1 changed files with 64 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
logsrvd/regress/fuzz/fuzz_logsrvd_conf.c
View File

@@ -65,6 +65,70 @@ sudo_regex_compile_v1(void *v, const char *pattern, const char **errstr)
return true;
}
/*
* The fuzzing environment may not have DNS available, this may result
* in long delays that cause a timeout when fuzzing. This getaddrinfo()
* can look up "localhost" and returns an error for anything else.
*/
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
/* Avoid compilation errors if getaddrinfo() or freeaddrinfo() are macros. */
# undef getaddrinfo
# undef freeaddrinfo
int
# ifdef HAVE_GETADDRINFO
getaddrinfo(
# else
sudo_getaddrinfo(
# endif
const char *nodename, const char *servname,
const struct addrinfo *hints, struct addrinfo **res)
{
struct addrinfo *ai;
struct in_addr addr;
/* Stub getaddrinfo(3) to avoid a DNS timeout in CIfuzz. */
if (strcmp(nodename, "localhost") != 0 || servname != NULL)
return EAI_FAIL;
/* Hard-code localhost. */
ai = calloc(1, sizeof(*ai) + sizeof(struct sockaddr_in));
if (ai == NULL)
return EAI_MEMORY;
ai->ai_canonname = strdup("localhost");
if (ai == NULL) {
free(ai);
return EAI_MEMORY;
}
ai->ai_family = AF_INET;
ai->ai_protocol = IPPROTO_TCP;
ai->ai_addrlen = sizeof(struct sockaddr_in);
ai->ai_addr = (struct sockaddr *)(ai + 1);
inet_pton(AF_INET, "127.0.0.1", &addr);
((struct sockaddr_in *)ai->ai_addr)->sin_family = AF_INET;
((struct sockaddr_in *)ai->ai_addr)->sin_addr = addr;
*res = ai;
return 0;
}
void
# ifdef HAVE_GETADDRINFO
freeaddrinfo(struct addrinfo *ai)
# else
sudo_freeaddrinfo(struct addrinfo *ai)
# endif
{
struct addrinfo *next;
while (ai != NULL) {
next = ai->ai_next;
free(ai->ai_canonname);
free(ai);
ai = next;
}
}
#endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)