1 files changed, 104 insertions, 0 deletions
diff --git a/fuzz/preload-fuzz.c b/fuzz/preload-fuzz.c
new file mode 100644
index 0000000..efcb8c6
--- /dev/null
+++ b/fuzz/preload-fuzz.c
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2019 Yubico AB. All rights reserved.
+ * Use of this source code is governed by a BSD-style
+ * license that can be found in the LICENSE file.
+ */
+/*
+ * cc -fPIC -D_GNU_SOURCE -shared -o preload-fuzz.so preload-fuzz.c
+ * LD_PRELOAD=$(realpath preload-fuzz.so)
+ */
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <dlfcn.h>
+#include <err.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#define FUZZ_DEV_PREFIX "nodev"
+static int               fd_fuzz = -1;
+static int              (*open_f)(const char *, int, mode_t);
+static int              (*close_f)(int);
+static ssize_t          (*write_f)(int, const void *, size_t);
+int
+open(const char *path, int flags, ...)
+{
+        va_list ap;
+        mode_t  mode;
+        va_start(ap, flags);
+        mode = va_arg(ap, mode_t);
+        va_end(ap);
+        if (open_f == NULL) {
+                open_f = dlsym(RTLD_NEXT, "open");
+                if (open_f == NULL) {
+                        warnx("%s: dlsym", __func__);
+                        errno = EACCES;
+                        return (-1);
+                }
+        }
+        if (strncmp(path, FUZZ_DEV_PREFIX, strlen(FUZZ_DEV_PREFIX)) != 0)
+                return (open_f(path, flags, mode));
+        if (fd_fuzz != -1) {
+                warnx("%s: fd_fuzz != -1", __func__);
+                errno = EACCES;
+                return (-1);
+        }
+        if ((fd_fuzz = dup(STDIN_FILENO)) < 0) {
+                warn("%s: dup", __func__);
+                errno = EACCES;
+                return (-1);
+        }
+        return (fd_fuzz);
+}
+int
+close(int fd)
+{
+        if (close_f == NULL) {
+                close_f = dlsym(RTLD_NEXT, "close");
+                if (close_f == NULL) {
+                        warnx("%s: dlsym", __func__);
+                        errno = EACCES;
+                        return (-1);
+                }
+        }
+        if (fd == fd_fuzz)
+                fd_fuzz = -1;
+        return (close_f(fd));
+}
+ssize_t
+write(int fd, const void *buf, size_t nbytes)
+{
+        if (write_f == NULL) {
+                write_f = dlsym(RTLD_NEXT, "write");
+                if (write_f == NULL) {
+                        warnx("%s: dlsym", __func__);
+                        errno = EBADF;
+                        return (-1);
+                }
+        }
+        if (fd != fd_fuzz)
+                return (write_f(fd, buf, nbytes));
+        return (nbytes);
+}

diff --git a/fuzz/preload-fuzz.c b/fuzz/preload-fuzz.c new file mode 100644 index 0000000..efcb8c6 --- /dev/null +++ b/fuzz/preload-fuzz.c
@@ -0,0 +1,104 @@
	1	/*
	2	* Copyright (c) 2019 Yubico AB. All rights reserved.
	3	* Use of this source code is governed by a BSD-style
	4	* license that can be found in the LICENSE file.
	5	*/
	6
	7	/*
	8	* cc -fPIC -D_GNU_SOURCE -shared -o preload-fuzz.so preload-fuzz.c
	9	* LD_PRELOAD=$(realpath preload-fuzz.so)
	10	*/
	11
	12	#include <sys/types.h>
	13	#include <sys/stat.h>
	14
	15	#include <dlfcn.h>
	16	#include <err.h>
	17	#include <errno.h>
	18	#include <fcntl.h>
	19	#include <limits.h>
	20	#include <stdarg.h>
	21	#include <stdio.h>
	22	#include <stdlib.h>
	23	#include <string.h>
	24	#include <unistd.h>
	25
	26	#define FUZZ_DEV_PREFIX "nodev"
	27
	28	static int fd_fuzz = -1;
	29	static int (open_f)(const char , int, mode_t);
	30	static int (*close_f)(int);
	31	static ssize_t (write_f)(int, const void , size_t);
	32
	33	int
	34	open(const char *path, int flags, ...)
	35	{
	36	va_list ap;
	37	mode_t mode;
	38
	39	va_start(ap, flags);
	40	mode = va_arg(ap, mode_t);
	41	va_end(ap);
	42
	43	if (open_f == NULL) {
	44	open_f = dlsym(RTLD_NEXT, "open");
	45	if (open_f == NULL) {
	46	warnx("%s: dlsym", __func__);
	47	errno = EACCES;
	48	return (-1);
	49	}
	50	}
	51
	52	if (strncmp(path, FUZZ_DEV_PREFIX, strlen(FUZZ_DEV_PREFIX)) != 0)
	53	return (open_f(path, flags, mode));
	54
	55	if (fd_fuzz != -1) {
	56	warnx("%s: fd_fuzz != -1", __func__);
	57	errno = EACCES;
	58	return (-1);
	59	}
	60
	61	if ((fd_fuzz = dup(STDIN_FILENO)) < 0) {
	62	warn("%s: dup", __func__);
	63	errno = EACCES;
	64	return (-1);
	65	}
	66
	67	return (fd_fuzz);
	68	}
	69
	70	int
	71	close(int fd)
	72	{
	73	if (close_f == NULL) {
	74	close_f = dlsym(RTLD_NEXT, "close");
	75	if (close_f == NULL) {
	76	warnx("%s: dlsym", __func__);
	77	errno = EACCES;
	78	return (-1);
	79	}
	80	}
	81
	82	if (fd == fd_fuzz)
	83	fd_fuzz = -1;
	84
	85	return (close_f(fd));
	86	}
	87
	88	ssize_t
	89	write(int fd, const void *buf, size_t nbytes)
	90	{
	91	if (write_f == NULL) {
	92	write_f = dlsym(RTLD_NEXT, "write");
	93	if (write_f == NULL) {
	94	warnx("%s: dlsym", __func__);
	95	errno = EBADF;
	96	return (-1);
	97	}
	98	}
	99
	100	if (fd != fd_fuzz)
	101	return (write_f(fd, buf, nbytes));
	102
	103	return (nbytes);
	104	}