VirtualBox

source: vbox/trunk/src/libs/libtpms-0.9.6/tests/fuzz.cc@ 102278

最後變更 在這個檔案從102278是 91612,由 vboxsync 提交於 3 年 前

src/libs: Export libtpms-0.9.0, bugref:10078

檔案大小: 4.5 KB
 
1#include <stdlib.h>
2#include <stdio.h>
3#include <string.h>
4#include <unistd.h>
5#include <assert.h>
6
7#include <libtpms/tpm_types.h>
8#include <libtpms/tpm_library.h>
9#include <libtpms/tpm_error.h>
10#include <libtpms/tpm_memory.h>
11#include <libtpms/tpm_nvfilename.h>
12
13
14static void die(const char *msg)
15{
16 fprintf(stderr, "%s", msg);
17 assert(false);
18}
19
20static TPM_RESULT mytpm_io_init(void)
21{
22 return TPM_SUCCESS;
23}
24
25static TPM_RESULT mytpm_io_getlocality(TPM_MODIFIER_INDICATOR *locModif,
26 uint32_t tpm_number)
27{
28 *locModif = 0;
29
30 return TPM_SUCCESS;
31}
32
33static TPM_RESULT mytpm_io_getphysicalpresence(TPM_BOOL *phyPres,
34 uint32_t tpm_number)
35{
36 *phyPres = FALSE;
37
38 return TPM_SUCCESS;
39}
40
41static unsigned char *permall;
42static uint32_t permall_length;
43
44static TPM_RESULT mytpm_nvram_loaddata(unsigned char **data,
45 uint32_t *length,
46 uint32_t tpm_number,
47 const char *name)
48{
49 if (!strcmp(name, TPM_PERMANENT_ALL_NAME)) {
50 if (permall) {
51 *data = NULL;
52 assert(TPM_Malloc(data, permall_length) == TPM_SUCCESS);
53 memcpy(*data, permall, permall_length);
54 *length = permall_length;
55 return TPM_SUCCESS;
56 }
57 }
58 return TPM_RETRY;
59}
60
61static TPM_RESULT mytpm_nvram_storedata(const unsigned char *data,
62 uint32_t length,
63 uint32_t tpm_number,
64 const char *name)
65{
66 if (!strcmp(name, TPM_PERMANENT_ALL_NAME)) {
67 free(permall);
68 permall = NULL;
69 assert(TPM_Malloc(&permall, length) == TPM_SUCCESS);
70 memcpy(permall, data, length);
71 permall_length = length;
72 }
73 return TPM_SUCCESS;
74}
75
76extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
77{
78 unsigned char *rbuffer = NULL;
79 uint32_t rlength;
80 uint32_t rtotal = 0;
81 TPM_RESULT res;
82 unsigned char *vol_buffer = NULL;
83 uint32_t vol_buffer_len;
84 unsigned char *perm_buffer = NULL;
85 uint32_t perm_buffer_len;
86 unsigned char startup[] = {
87 0x80, 0x01, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x00, 0x01, 0x44, 0x00, 0x00
88 };
89 struct libtpms_callbacks cbs = {
90 .sizeOfStruct = sizeof(struct libtpms_callbacks),
91 .tpm_nvram_init = NULL,
92 .tpm_nvram_loaddata = mytpm_nvram_loaddata,
93 .tpm_nvram_storedata = mytpm_nvram_storedata,
94 .tpm_nvram_deletename = NULL,
95 .tpm_io_init = mytpm_io_init,
96 .tpm_io_getlocality = mytpm_io_getlocality,
97 .tpm_io_getphysicalpresence = mytpm_io_getphysicalpresence,
98 };
99 res = TPMLIB_RegisterCallbacks(&cbs);
100 if (res != TPM_SUCCESS)
101 die("Could not register callbacks\n");
102
103 res = TPMLIB_ChooseTPMVersion(TPMLIB_TPM_VERSION_2);
104 if (res != TPM_SUCCESS)
105 die("Could not choose the TPM version\n");
106
107 res = TPMLIB_MainInit();
108 if (res != TPM_SUCCESS)
109 die("Error: TPMLIB_MainInit() failed\n");
110
111 res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, startup, sizeof(startup));
112 if (res != TPM_SUCCESS)
113 die("Error: TPMLIB_Process(Startup) failed\n");
114
115 res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, (unsigned char*)data, size);
116 if (res != TPM_SUCCESS)
117 die("Error: TPMLIB_Process(fuzz-command) failed\n");
118
119 /* state suspend */
120 res = TPMLIB_GetState(TPMLIB_STATE_VOLATILE, &vol_buffer, &vol_buffer_len);
121 if (res != TPM_SUCCESS)
122 die("Error: TPMLIB_GetState(TPMLIB_STATE_VOLATILE) failed\n");
123
124 res = TPMLIB_GetState(TPMLIB_STATE_PERMANENT, &perm_buffer, &perm_buffer_len);
125 if (res != TPM_SUCCESS)
126 die("Error: TPMLIB_GetState(TPMLIB_STATE_PERMANENT) failed\n");
127
128 TPMLIB_Terminate();
129
130 /* state resume */
131 res = TPMLIB_SetState(TPMLIB_STATE_PERMANENT, perm_buffer, perm_buffer_len);
132 if (res != TPM_SUCCESS)
133 die("Error: TPMLIB_SetState(TPMLIB_STATE_PERMANENT) failed\n");
134
135 res = TPMLIB_SetState(TPMLIB_STATE_VOLATILE, vol_buffer, vol_buffer_len);
136 if (res != TPM_SUCCESS)
137 die("Error: TPMLIB_SetState(TPMLIB_STATE_VOLATILE) failed\n");
138
139 res = TPMLIB_MainInit();
140 if (res != TPM_SUCCESS)
141 die("Error: TPMLIB_MainInit() to resume with the state failed\n");
142
143 TPMLIB_Terminate();
144 TPM_Free(rbuffer);
145 TPM_Free(vol_buffer);
146 TPM_Free(perm_buffer);
147 TPM_Free(permall);
148 permall = NULL;
149
150 return 0;
151}
注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette