| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <algorithm> | |
| 6 #include <sstream> | |
| 7 #include <string> | |
| 8 #include <vector> | |
| 9 | |
| 10 #include "base/basictypes.h" | |
| 11 #include "base/files/file_path.h" | |
| 12 #include "base/files/file_util.h" | |
| 13 #include "base/json/json_reader.h" | |
| 14 #include "base/memory/scoped_ptr.h" | |
| 15 #include "base/time/time.h" | |
| 16 #include "base/values.h" | |
| 17 #include "net/base/address_list.h" | |
| 18 #include "net/base/dns_util.h" | |
| 19 #include "net/base/io_buffer.h" | |
| 20 #include "net/base/ip_endpoint.h" | |
| 21 #include "net/dns/dns_protocol.h" | |
| 22 #include "net/dns/dns_query.h" | |
| 23 #include "net/dns/dns_response.h" | |
| 24 | |
| 25 namespace { | |
| 26 | |
| 27 void CrashDoubleFree(void) { | |
| 28 // Cause ASAN to detect a double-free | |
| 29 void *p = malloc(1); | |
| 30 LOG(INFO) << "Allocated p=" << p << ". Double-freeing..."; | |
| 31 free(p); | |
| 32 free(p); | |
| 33 } | |
| 34 | |
| 35 void CrashNullPointerDereference(void) { | |
| 36 // Cause the program to segfault with a NULL pointer dereference | |
| 37 int *p = NULL; | |
| 38 *p = 0; | |
| 39 } | |
| 40 | |
| 41 bool FitsUint8(int num) { | |
| 42 return (num >= 0) && (num <= kuint8max); | |
| 43 } | |
| 44 | |
| 45 bool FitsUint16(int num) { | |
| 46 return (num >= 0) && (num <= kuint16max); | |
| 47 } | |
| 48 | |
| 49 bool ReadTestCase(const char* filename, | |
| 50 uint16* id, std::string* qname, uint16* qtype, | |
| 51 std::vector<char>* resp_buf, | |
| 52 bool* crash_test) { | |
| 53 base::FilePath filepath = base::FilePath::FromUTF8Unsafe(filename); | |
| 54 | |
| 55 std::string json; | |
| 56 if (!base::ReadFileToString(filepath, &json)) { | |
| 57 LOG(ERROR) << filename << ": couldn't read file."; | |
| 58 return false; | |
| 59 } | |
| 60 | |
| 61 scoped_ptr<base::Value> value(base::JSONReader::Read(json)); | |
| 62 if (!value.get()) { | |
| 63 LOG(ERROR) << filename << ": couldn't parse JSON."; | |
| 64 return false; | |
| 65 } | |
| 66 | |
| 67 base::DictionaryValue* dict; | |
| 68 if (!value->GetAsDictionary(&dict)) { | |
| 69 LOG(ERROR) << filename << ": test case is not a dictionary."; | |
| 70 return false; | |
| 71 } | |
| 72 | |
| 73 *crash_test = dict->HasKey("crash_test"); | |
| 74 if (*crash_test) { | |
| 75 LOG(INFO) << filename << ": crash_test is set!"; | |
| 76 return true; | |
| 77 } | |
| 78 | |
| 79 int id_int; | |
| 80 if (!dict->GetInteger("id", &id_int)) { | |
| 81 LOG(ERROR) << filename << ": id is missing or not an integer."; | |
| 82 return false; | |
| 83 } | |
| 84 if (!FitsUint16(id_int)) { | |
| 85 LOG(ERROR) << filename << ": id is out of range."; | |
| 86 return false; | |
| 87 } | |
| 88 *id = static_cast<uint16>(id_int); | |
| 89 | |
| 90 if (!dict->GetStringASCII("qname", qname)) { | |
| 91 LOG(ERROR) << filename << ": qname is missing or not a string."; | |
| 92 return false; | |
| 93 } | |
| 94 | |
| 95 int qtype_int; | |
| 96 if (!dict->GetInteger("qtype", &qtype_int)) { | |
| 97 LOG(ERROR) << filename << ": qtype is missing or not an integer."; | |
| 98 return false; | |
| 99 } | |
| 100 if (!FitsUint16(qtype_int)) { | |
| 101 LOG(ERROR) << filename << ": qtype is out of range."; | |
| 102 return false; | |
| 103 } | |
| 104 *qtype = static_cast<uint16>(qtype_int); | |
| 105 | |
| 106 base::ListValue* resp_list; | |
| 107 if (!dict->GetList("response", &resp_list)) { | |
| 108 LOG(ERROR) << filename << ": response is missing or not a list."; | |
| 109 return false; | |
| 110 } | |
| 111 | |
| 112 size_t resp_size = resp_list->GetSize(); | |
| 113 resp_buf->clear(); | |
| 114 resp_buf->reserve(resp_size); | |
| 115 for (size_t i = 0; i < resp_size; i++) { | |
| 116 int resp_byte_int; | |
| 117 if ((!resp_list->GetInteger(i, &resp_byte_int))) { | |
| 118 LOG(ERROR) << filename << ": response[" << i << "] is not an integer."; | |
| 119 return false; | |
| 120 } | |
| 121 if (!FitsUint8(resp_byte_int)) { | |
| 122 LOG(ERROR) << filename << ": response[" << i << "] is out of range."; | |
| 123 return false; | |
| 124 } | |
| 125 resp_buf->push_back(static_cast<char>(resp_byte_int)); | |
| 126 } | |
| 127 DCHECK(resp_buf->size() == resp_size); | |
| 128 | |
| 129 LOG(INFO) << "Query: id=" << id_int << ", " | |
| 130 << "qname=" << *qname << ", " | |
| 131 << "qtype=" << qtype_int << ", " | |
| 132 << "resp_size=" << resp_size; | |
| 133 | |
| 134 return true; | |
| 135 } | |
| 136 | |
| 137 void RunTestCase(uint16 id, std::string& qname, uint16 qtype, | |
| 138 std::vector<char>& resp_buf) { | |
| 139 net::DnsQuery query(id, qname, qtype); | |
| 140 net::DnsResponse response; | |
| 141 std::copy(resp_buf.begin(), resp_buf.end(), response.io_buffer()->data()); | |
| 142 | |
| 143 if (!response.InitParse(resp_buf.size(), query)) { | |
| 144 LOG(INFO) << "InitParse failed."; | |
| 145 return; | |
| 146 } | |
| 147 | |
| 148 net::AddressList address_list; | |
| 149 base::TimeDelta ttl; | |
| 150 net::DnsResponse::Result result = response.ParseToAddressList( | |
| 151 &address_list, &ttl); | |
| 152 if (result != net::DnsResponse::DNS_PARSE_OK) { | |
| 153 LOG(INFO) << "ParseToAddressList failed: " << result; | |
| 154 return; | |
| 155 } | |
| 156 | |
| 157 // Print the response in one compact line. | |
| 158 std::stringstream result_line; | |
| 159 result_line << "Response: address_list={ "; | |
| 160 for (unsigned int i = 0; i < address_list.size(); i++) | |
| 161 result_line << address_list[i].ToString() << " "; | |
| 162 result_line << "}, ttl=" << ttl.InSeconds() << "s"; | |
| 163 | |
| 164 LOG(INFO) << result_line.str(); | |
| 165 } | |
| 166 | |
| 167 bool ReadAndRunTestCase(const char* filename) { | |
| 168 uint16 id = 0; | |
| 169 std::string qname; | |
| 170 uint16 qtype = 0; | |
| 171 std::vector<char> resp_buf; | |
| 172 bool crash_test = false; | |
| 173 | |
| 174 LOG(INFO) << "Test case: " << filename; | |
| 175 | |
| 176 // ReadTestCase will print a useful error message if it fails. | |
| 177 if (!ReadTestCase(filename, &id, &qname, &qtype, &resp_buf, &crash_test)) | |
| 178 return false; | |
| 179 | |
| 180 if (crash_test) { | |
| 181 LOG(INFO) << "Crashing."; | |
| 182 CrashDoubleFree(); | |
| 183 // if we're not running under ASAN, that might not have worked | |
| 184 CrashNullPointerDereference(); | |
| 185 NOTREACHED(); | |
| 186 return true; | |
| 187 } | |
| 188 | |
| 189 std::string qname_dns; | |
| 190 if (!net::DNSDomainFromDot(qname, &qname_dns)) { | |
| 191 LOG(ERROR) << filename << ": DNSDomainFromDot(" << qname << ") failed."; | |
| 192 return false; | |
| 193 } | |
| 194 | |
| 195 RunTestCase(id, qname_dns, qtype, resp_buf); | |
| 196 | |
| 197 return true; | |
| 198 } | |
| 199 | |
| 200 } | |
| 201 | |
| 202 int main(int argc, char** argv) { | |
| 203 int ret = 0; | |
| 204 | |
| 205 for (int i = 1; i < argc; i++) | |
| 206 if (!ReadAndRunTestCase(argv[i])) | |
| 207 ret = 2; | |
| 208 | |
| 209 // Cluster-Fuzz likes "#EOF" as the last line of output to help distinguish | |
| 210 // successful runs from crashes. | |
| 211 printf("#EOF\n"); | |
| 212 | |
| 213 return ret; | |
| 214 } | |
| 215 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master