mollyim/webrtc
1
0
Fork 0
mirror of https://github.com/mollyim/webrtc.git synced 2025-05-17 07:37:51 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
webrtc/net/dcsctp/fuzzers/dcsctp_fuzzers_test.cc
Victor Boivie a30362cc75 dcsctp: Add socket fuzzer helper 
The socket fuzzer is build as a structure-aware fuzzer where the full
public API is exercised as well as receival of SCTP packets with random
sequences of valid chunks.

It begins by putting the socket in a defined starting state and then,
based on the fuzzing data, performs a sequence of operations on the
socket such as receiving packets, sending data, resetting streams or
expiring timers.

This is the first iteration, and when running it a while and analyzing
code coverage, it will be modified to perform better. It could probably
be a little more random.

Bug: webrtc:12614
Change-Id: I50d6ffaecef5722be5cf666fee2f0de7d15cc2e8
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/218500
Commit-Queue: Victor Boivie <boivie@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Florent Castelli <orphis@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#33998}
2021-05-12 15:06:17 +00:00

40 lines
1.3 KiB
C++
Raw Blame History

/*
* Copyright (c) 2021 The WebRTC project authors. All Rights Reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#include "net/dcsctp/fuzzers/dcsctp_fuzzers.h"
#include "api/array_view.h"
#include "net/dcsctp/packet/sctp_packet.h"
#include "net/dcsctp/public/dcsctp_socket.h"
#include "net/dcsctp/socket/dcsctp_socket.h"
#include "net/dcsctp/testing/testing_macros.h"
#include "rtc_base/gunit.h"
#include "rtc_base/logging.h"
#include "test/gmock.h"
namespace dcsctp {
namespace dcsctp_fuzzers {
namespace {
// This is a testbed where fuzzed data that cause issues can be evaluated and
// crashes reproduced. Use `xxd -i ./crash-abc` to generate `data` below.
TEST(DcsctpFuzzersTest, PassesTestbed) {
uint8_t data[] = {0x07, 0x09, 0x00, 0x01, 0x11, 0xff, 0xff};
FuzzerCallbacks cb;
DcSctpOptions options;
options.disable_checksum_verification = true;
DcSctpSocket socket("A", cb, nullptr, options);
FuzzSocket(socket, cb, data);
}
} // namespace
} // namespace dcsctp_fuzzers
} // namespace dcsctp
Reference in a new issue View git blame Copy permalink