vendor: github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24

full diff: 43070de90f...ced1acdcaa Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-18 18:18:49 +02:00 · 2023-09-18 18:18:49 +02:00 · 554036040b
commit 554036040b
parent 6fc3ead321
4 changed files with 136 additions and 121 deletions
--- a/vendor.mod
+++ b/vendor.mod
@ -10,7 +10,7 @@ require (
 	cloud.google.com/go/compute/metadata v0.2.3
 	cloud.google.com/go/logging v1.7.0
 	code.cloudfoundry.org/clock v1.0.0
-	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1
+	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1
 	github.com/Graylog2/go-gelf v0.0.0-20191017102106-1550ee647df0
 	github.com/Microsoft/go-winio v0.6.1
--- a/vendor.sum
+++ b/vendor.sum
@ -57,8 +57,8 @@ contrib.go.opencensus.io/resource v0.1.1/go.mod h1:F361eGI91LCmW1I/Saf+rX0+OFcig
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
 git.apache.org/thrift.git v0.12.0/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
-github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 h1:EKPd1INOIyr5hWOWhvpmQpY6tKjeG0hT1s3AMC/9fic=
-github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
 github.com/AkihiroSuda/containerd-fuse-overlayfs v1.0.0/go.mod h1:0mMDvQFeLbbn1Wy8P2j3hwFhqBq+FKn8OZPno8WLmp8=
 github.com/Azure/azure-amqp-common-go/v2 v2.1.0/go.mod h1:R8rea+gJRuJR6QxTir/XuEd+YuKoUiazDC/N96FiDEU=
 github.com/Azure/azure-pipeline-go v0.2.1/go.mod h1:UGSo8XybXnIGZ3epmeBw7Jdz+HiUVpqIlpz/HKHylF4=
--- a/vendor/github.com/AdaLogics/go-fuzz-headers/consumer.go
+++ b/vendor/github.com/AdaLogics/go-fuzz-headers/consumer.go
@ -25,11 +25,10 @@ import (
 	"os"
 	"path/filepath"
 	"reflect"
+	"strconv"
 	"strings"
 	"time"
 	"unsafe"
-
-	securejoin "github.com/cyphar/filepath-securejoin"
 )

 var (
@ -389,11 +388,11 @@ func (f *ConsumeFuzzer) GetUint16() (uint16, error) {
 }

 func (f *ConsumeFuzzer) GetUint32() (uint32, error) {
-	i, err := f.GetInt()
+	u32, err := f.GetNBytes(4)
 	if err != nil {
-		return uint32(0), err
+		return 0, err
 	}
-	return uint32(i), nil
+	return binary.BigEndian.Uint32(u32), nil
 }

 func (f *ConsumeFuzzer) GetUint64() (uint64, error) {
@ -412,26 +411,27 @@ func (f *ConsumeFuzzer) GetUint64() (uint64, error) {
 }

 func (f *ConsumeFuzzer) GetBytes() ([]byte, error) {
-	if f.position >= f.dataTotal {
-		return nil, errors.New("not enough bytes to create byte array")
-	}
-	length, err := f.GetUint32()
+	var length uint32
+	var err error
+	length, err = f.GetUint32()
 	if err != nil {
 		return nil, errors.New("not enough bytes to create byte array")
 	}
-	if f.position+length > MaxTotalLen {
-		return nil, errors.New("created too large a string")
-	}
-	byteBegin := f.position - 1
-	if byteBegin >= f.dataTotal {
-		return nil, errors.New("not enough bytes to create byte array")
-	}
+
 	if length == 0 {
-		return nil, errors.New("zero-length is not supported")
+		length = 30
 	}
-	if byteBegin+length >= f.dataTotal {
+	bytesLeft := f.dataTotal - f.position
+	if bytesLeft <= 0 {
 		return nil, errors.New("not enough bytes to create byte array")
 	}
+
+	// If the length is the same as bytes left, we will not overflow
+	// the remaining bytes.
+	if length != bytesLeft {
+		length = length % bytesLeft
+	}
+	byteBegin := f.position
 	if byteBegin+length < byteBegin {
 		return nil, errors.New("numbers overflow")
 	}
@ -482,6 +482,7 @@ func (f *ConsumeFuzzer) FuzzMap(m interface{}) error {
 }

 func returnTarBytes(buf []byte) ([]byte, error) {
+	return buf, nil
 	// Count files
 	var fileCounter int
 	tr := tar.NewReader(bytes.NewReader(buf))
@ -504,7 +505,8 @@ func returnTarBytes(buf []byte) ([]byte, error) {
 func setTarHeaderFormat(hdr *tar.Header, f *ConsumeFuzzer) error {
 	ind, err := f.GetInt()
 	if err != nil {
-		return err
+		hdr.Format = tar.FormatGNU
+		//return nil
 	}
 	switch ind % 4 {
 	case 0:
@ -565,71 +567,17 @@ func setTarHeaderTypeflag(hdr *tar.Header, f *ConsumeFuzzer) error {
 	return nil
 }

-func tooSmallFileBody(length uint32) bool {
-	if length < 2 {
-		return true
-	}
-	if length < 4 {
-		return true
-	}
-	if length < 10 {
-		return true
-	}
-	if length < 100 {
-		return true
-	}
-	if length < 500 {
-		return true
-	}
-	if length < 1000 {
-		return true
-	}
-	if length < 2000 {
-		return true
-	}
-	if length < 4000 {
-		return true
-	}
-	if length < 8000 {
-		return true
-	}
-	if length < 16000 {
-		return true
-	}
-	if length < 32000 {
-		return true
-	}
-	if length < 64000 {
-		return true
-	}
-	if length < 128000 {
-		return true
-	}
-	if length < 264000 {
-		return true
-	}
-	return false
-}
-
 func (f *ConsumeFuzzer) createTarFileBody() ([]byte, error) {
-	length, err := f.GetUint32()
+	return f.GetBytes()
+	/*length, err := f.GetUint32()
 	if err != nil {
 		return nil, errors.New("not enough bytes to create byte array")
 	}

-	shouldUseLargeFileBody, err := f.GetBool()
-	if err != nil {
-		return nil, errors.New("not enough bytes to check long file body")
-	}
-
-	if shouldUseLargeFileBody && tooSmallFileBody(length) {
-		return nil, errors.New("File body was too small")
-	}
-
 	// A bit of optimization to attempt to create a file body
 	// when we don't have as many bytes left as "length"
 	remainingBytes := f.dataTotal - f.position
-	if remainingBytes == 0 {
+	if remainingBytes <= 0 {
 		return nil, errors.New("created too large a string")
 	}
 	if f.position+length > MaxTotalLen {
@ -649,14 +597,15 @@ func (f *ConsumeFuzzer) createTarFileBody() ([]byte, error) {
 		return nil, errors.New("numbers overflow")
 	}
 	f.position = byteBegin + length
-	return f.data[byteBegin:f.position], nil
+	return f.data[byteBegin:f.position], nil*/
 }

 // getTarFileName is similar to GetString(), but creates string based
 // on the length of f.data to reduce the likelihood of overflowing
 // f.data.
 func (f *ConsumeFuzzer) getTarFilename() (string, error) {
-	length, err := f.GetUint32()
+	return f.GetString()
+	/*length, err := f.GetUint32()
 	if err != nil {
 		return "nil", errors.New("not enough bytes to create string")
 	}
@ -664,14 +613,9 @@ func (f *ConsumeFuzzer) getTarFilename() (string, error) {
 	// A bit of optimization to attempt to create a file name
 	// when we don't have as many bytes left as "length"
 	remainingBytes := f.dataTotal - f.position
-	if remainingBytes == 0 {
+	if remainingBytes <= 0 {
 		return "nil", errors.New("created too large a string")
 	}
-	if remainingBytes < 50 {
-		length = length % remainingBytes
-	} else if f.dataTotal < 500 {
-		length = length % f.dataTotal
-	}
 	if f.position > MaxTotalLen {
 		return "nil", errors.New("created too large a string")
 	}
@ -686,7 +630,12 @@ func (f *ConsumeFuzzer) getTarFilename() (string, error) {
 		return "nil", errors.New("numbers overflow")
 	}
 	f.position = byteBegin + length
-	return string(f.data[byteBegin:f.position]), nil
+	return string(f.data[byteBegin:f.position]), nil*/
+}
+
+type TarFile struct {
+	Hdr  *tar.Header
+	Body []byte
 }

 // TarBytes returns valid bytes for a tar archive
@ -695,28 +644,38 @@ func (f *ConsumeFuzzer) TarBytes() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
+	var tarFiles []*TarFile
+	tarFiles = make([]*TarFile, 0)

-	var buf bytes.Buffer
-	tw := tar.NewWriter(&buf)
-	defer tw.Close()
-
-	const maxNoOfFiles = 1000
+	const maxNoOfFiles = 100
 	for i := 0; i < numberOfFiles%maxNoOfFiles; i++ {
-		filename, err := f.getTarFilename()
+		var filename string
+		var filebody []byte
+		var sec, nsec int
+		var err error
+
+		filename, err = f.getTarFilename()
 		if err != nil {
-			return returnTarBytes(buf.Bytes())
+			var sb strings.Builder
+			sb.WriteString("file-")
+			sb.WriteString(strconv.Itoa(i))
+			filename = sb.String()
 		}
-		filebody, err := f.createTarFileBody()
+		filebody, err = f.createTarFileBody()
 		if err != nil {
-			return returnTarBytes(buf.Bytes())
+			var sb strings.Builder
+			sb.WriteString("filebody-")
+			sb.WriteString(strconv.Itoa(i))
+			filebody = []byte(sb.String())
 		}
-		sec, err := f.GetInt()
+
+		sec, err = f.GetInt()
 		if err != nil {
-			return returnTarBytes(buf.Bytes())
+			sec = 1672531200 // beginning of 2023
 		}
-		nsec, err := f.GetInt()
+		nsec, err = f.GetInt()
 		if err != nil {
-			return returnTarBytes(buf.Bytes())
+			nsec = 1703980800 // end of 2023
 		}

 		hdr := &tar.Header{
@ -726,21 +685,83 @@ func (f *ConsumeFuzzer) TarBytes() ([]byte, error) {
 			ModTime: time.Unix(int64(sec), int64(nsec)),
 		}
 		if err := setTarHeaderTypeflag(hdr, f); err != nil {
-			return returnTarBytes(buf.Bytes())
+			return []byte(""), err
 		}
 		if err := setTarHeaderFormat(hdr, f); err != nil {
-			return returnTarBytes(buf.Bytes())
+			return []byte(""), err
 		}
-		if err := tw.WriteHeader(hdr); err != nil {
-			return returnTarBytes(buf.Bytes())
-		}
-		if _, err := tw.Write(filebody); err != nil {
-			return returnTarBytes(buf.Bytes())
+		tf := &TarFile{
+			Hdr:  hdr,
+			Body: filebody,
 		}
+		tarFiles = append(tarFiles, tf)
+	}
+
+	var buf bytes.Buffer
+	tw := tar.NewWriter(&buf)
+	defer tw.Close()
+
+	for _, tf := range tarFiles {
+		tw.WriteHeader(tf.Hdr)
+		tw.Write(tf.Body)
 	}
 	return buf.Bytes(), nil
 }

+// This is similar to TarBytes, but it returns a series of
+// files instead of raw tar bytes. The advantage of this
+// api is that it is cheaper in terms of cpu power to
+// modify or check the files in the fuzzer with TarFiles()
+// because it avoids creating a tar reader.
+func (f *ConsumeFuzzer) TarFiles() ([]*TarFile, error) {
+	numberOfFiles, err := f.GetInt()
+	if err != nil {
+		return nil, err
+	}
+	var tarFiles []*TarFile
+	tarFiles = make([]*TarFile, 0)
+
+	const maxNoOfFiles = 100
+	for i := 0; i < numberOfFiles%maxNoOfFiles; i++ {
+		filename, err := f.getTarFilename()
+		if err != nil {
+			return tarFiles, err
+		}
+		filebody, err := f.createTarFileBody()
+		if err != nil {
+			return tarFiles, err
+		}
+
+		sec, err := f.GetInt()
+		if err != nil {
+			return tarFiles, err
+		}
+		nsec, err := f.GetInt()
+		if err != nil {
+			return tarFiles, err
+		}
+
+		hdr := &tar.Header{
+			Name:    filename,
+			Size:    int64(len(filebody)),
+			Mode:    0o600,
+			ModTime: time.Unix(int64(sec), int64(nsec)),
+		}
+		if err := setTarHeaderTypeflag(hdr, f); err != nil {
+			hdr.Typeflag = tar.TypeReg
+		}
+		if err := setTarHeaderFormat(hdr, f); err != nil {
+			return tarFiles, err // should not happend
+		}
+		tf := &TarFile{
+			Hdr:  hdr,
+			Body: filebody,
+		}
+		tarFiles = append(tarFiles, tf)
+	}
+	return tarFiles, nil
+}
+
 // CreateFiles creates pseudo-random files in rootDir.
 // It creates subdirs and places the files there.
 // It is the callers responsibility to ensure that
@ -767,10 +788,10 @@ func (f *ConsumeFuzzer) CreateFiles(rootDir string) error {
 				return errors.New("could not get fileName")
 			}
 		}
-		fullFilePath, err := securejoin.SecureJoin(rootDir, fileName)
-		if err != nil {
-			return err
+		if strings.Contains(fileName, "..") || (len(fileName) > 0 && fileName[0] == 47) || strings.Contains(fileName, "\\") {
+			continue
 		}
+		fullFilePath := filepath.Join(rootDir, fileName)

 		// Find the subdirectory of the file
 		if subDir := filepath.Dir(fileName); subDir != "" && subDir != "." {
@ -778,20 +799,14 @@ func (f *ConsumeFuzzer) CreateFiles(rootDir string) error {
 			if strings.Contains(subDir, "../") || (len(subDir) > 0 && subDir[0] == 47) || strings.Contains(subDir, "\\") {
 				continue
 			}
-			dirPath, err := securejoin.SecureJoin(rootDir, subDir)
-			if err != nil {
-				continue
-			}
+			dirPath := filepath.Join(rootDir, subDir)
 			if _, err := os.Stat(dirPath); os.IsNotExist(err) {
 				err2 := os.MkdirAll(dirPath, 0o777)
 				if err2 != nil {
 					continue
 				}
 			}
-			fullFilePath, err = securejoin.SecureJoin(dirPath, fileName)
-			if err != nil {
-				continue
-			}
+			fullFilePath = filepath.Join(dirPath, fileName)
 		} else {
 			// Create symlink
 			createSymlink, err := f.GetBool()
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -21,8 +21,8 @@ cloud.google.com/go/longrunning/autogen/longrunningpb
 # code.cloudfoundry.org/clock v1.0.0
 ## explicit
 code.cloudfoundry.org/clock
-# github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1
-## explicit; go 1.18
+# github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24
+## explicit; go 1.20
 github.com/AdaLogics/go-fuzz-headers
 # github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1
 ## explicit; go 1.16