mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-01-27 12:35:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

fuzz: add debug output to help debugging fuzz crashes

Browse Source
This commit is contained in:
Simon Goldschmidt 2020-03-05 20:49:41 +01:00
parent 0192fe773e
commit a9052caf10
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
test/fuzz/fuzz_common.c
View File

@ -58,6 +58,10 @@ static u8_t pktbuf[200000];
static const u8_t *remfuzz_ptr; /* remaining fuzz pointer */ static const u8_t *remfuzz_ptr; /* remaining fuzz pointer */
static size_t remfuzz_len; /* remaining fuzz length */ static size_t remfuzz_len; /* remaining fuzz length */
#ifndef FUZZ_DEBUG
#define FUZZ_DEBUG LWIP_DBG_OFF
#endif
#ifdef LWIP_FUZZ_SYS_NOW #ifdef LWIP_FUZZ_SYS_NOW
/* This offset should be added to the time 'sys_now()' returns */ /* This offset should be added to the time 'sys_now()' returns */
u32_t sys_now_offset; u32_t sys_now_offset;
@ -155,6 +159,7 @@ static void input_pkts(enum lwip_fuzz_type type, struct netif *netif, const u8_t
#ifdef LWIP_FUZZ_SYS_NOW #ifdef LWIP_FUZZ_SYS_NOW
/* Update total external delay time, and check timeouts */ /* Update total external delay time, and check timeouts */
sys_now_offset += external_delay; sys_now_offset += external_delay;
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: sys_now_offset += %u -> %u\n", external_delay, sys_now_offset));
#endif #endif
sys_check_timeouts(); sys_check_timeouts();
} }
@ -198,9 +203,11 @@ tcp_app_fuzz_input(struct altcp_pcb *pcb)
} }
if (data_len != 0) { if (data_len != 0) {
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: tcp: write %u bytes\n", data_len));
altcp_write(pcb, remfuzz_ptr, data_len, TCP_WRITE_FLAG_COPY); altcp_write(pcb, remfuzz_ptr, data_len, TCP_WRITE_FLAG_COPY);
altcp_output(pcb); altcp_output(pcb);
} else { } else {
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: tcp: close\n"));
altcp_close(pcb); altcp_close(pcb);
} }
@ -219,6 +226,7 @@ tcp_client_connected(void *arg, struct altcp_pcb *pcb, err_t err)
LWIP_UNUSED_ARG(arg); LWIP_UNUSED_ARG(arg);
LWIP_UNUSED_ARG(err); LWIP_UNUSED_ARG(err);
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: tcp: tcp_client_connected\n"));
tcp_app_fuzz_input(pcb); tcp_app_fuzz_input(pcb);
return ERR_OK; return ERR_OK;
@ -238,6 +246,7 @@ tcp_client_recv(void *arg, struct altcp_pcb *pcb, struct pbuf *p, err_t err)
altcp_close(pcb); altcp_close(pcb);
} else { } else {
altcp_recved(pcb, p->tot_len); altcp_recved(pcb, p->tot_len);
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: tcp: tcp_client_recv: %d\n", p->tot_len));
tcp_app_fuzz_input(pcb); tcp_app_fuzz_input(pcb);
pbuf_free(p); pbuf_free(p);
} }
@ -295,6 +304,7 @@ tcp_server_recv(void *arg, struct altcp_pcb *pcb, struct pbuf *p, err_t err)
altcp_close(pcb); altcp_close(pcb);
} else { } else {
altcp_recved(pcb, p->tot_len); altcp_recved(pcb, p->tot_len);
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: tcp: tcp_server_recv: %d\n", p->tot_len));
tcp_app_fuzz_input(pcb); tcp_app_fuzz_input(pcb);
pbuf_free(p); pbuf_free(p);
} }
@ -351,6 +361,7 @@ tcp_server_accept(void *arg, struct altcp_pcb *pcb, err_t err)
if ((err != ERR_OK) || (pcb == NULL)) { if ((err != ERR_OK) || (pcb == NULL)) {
return ERR_VAL; return ERR_VAL;
} }
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: accept from remote\n"));
altcp_setprio(pcb, TCP_PRIO_MIN); altcp_setprio(pcb, TCP_PRIO_MIN);
@ -394,6 +405,7 @@ udp_app_fuzz_input(struct udp_pcb *pcb, const ip_addr_t *addr, u16_t port)
data_len = (u16_t)remfuzz_len; data_len = (u16_t)remfuzz_len;
} }
LWIP_DEBUGF(FUZZ_DEBUG, ("fuzz: udp: send %u bytes\n", data_len));
if (data_len != 0) { if (data_len != 0) {
struct pbuf *p, *q; struct pbuf *p, *q;