intercept network, crypto and time

This fuzzing harness must be as deterministic as possible for the fuzzer
to detect additional coverage reliably.

Author: sudden6

CMakeLists.txt

@@ -543,15 +543,15 @@ if (BUILD_FUZZ_TESTS)
     # For coverage tests
     target_compile_definitions(toxcore_static PUBLIC "FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION")
 
-    # Override network functions
-    add_library(network_adapter testing/fuzzing/network_adapter.c)
+    # Override network and random functions
+    add_library(fuzz_adapter testing/fuzzing/fuzz_adapter.c)
 
     # Fuzzes the toxsave API
     add_executable(toxsave_fuzzer testing/fuzzing/toxsave_harness.cc)
-    target_link_libraries(toxsave_fuzzer toxcore_static network_adapter -fsanitize=fuzzer)
+    target_link_libraries(toxsave_fuzzer toxcore_static fuzz_adapter -fsanitize=fuzzer)
 
     # Fuzzes the bootstrap process
     add_executable(bootstrap_fuzzer testing/fuzzing/bootstrap_harness.cc)
-    target_link_libraries(bootstrap_fuzzer toxcore_static network_adapter -fsanitize=fuzzer)
+    target_link_libraries(bootstrap_fuzzer toxcore_static fuzz_adapter -fsanitize=fuzzer)
 endif()
 

testing/fuzzing/bootstrap_harness.cc

@@ -1,9 +1,8 @@
-#include "../../toxcore/tox.h"
-#include "network_adapter.h"
-
-#include <cstring>
 #include <cassert>
+#include <cstring>
 
+#include "../../toxcore/tox.h"
+#include "fuzz_adapter.h"
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   network_adapter_init(data, size);

testing/fuzzing/fuzz_adapter.c

@@ -0,0 +1,97 @@
+#include "fuzz_adapter.h"
+
+struct fuzz_buf {
+    /* Monotonic counter for time replacement */
+    uint64_t counter;
+    /* Fuzz data buffer */
+    const uint8_t *cur;
+    const uint8_t *end;
+};
+
+static struct fuzz_buf data;
+
+#include <string.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+
+
+void network_adapter_init(const uint8_t *buf, size_t length)
+{
+    data.counter = 0;
+    data.cur = buf;
+    data.end = buf + length;
+}
+
+ssize_t fuzz_sendto(int sockfd, const void *buf, size_t len,
+                    int flags, const struct sockaddr *addr,
+                    socklen_t addrlen)
+{
+    return len;
+}
+
+ssize_t fuzz_send(int sockfd, const void *buf, size_t len, int flags)
+{
+    return len;
+}
+
+static ssize_t recv_common(void *buf, size_t buf_len)
+{
+    if (data.cur + 2 >= data.end) {
+        return -1;
+    }
+
+    uint16_t fuzz_len = (data.cur[0] << 8) | data.cur[1];
+    data.cur += 2;
+
+    size_t available = data.end - data.cur;
+
+    size_t res = fuzz_len > available ? available : fuzz_len;
+    res = buf_len > res ? res : buf_len;
+
+    memcpy(buf, data.cur, res);
+    data.cur += res;
+
+    return res;
+}
+
+ssize_t fuzz_recvfrom(int sockfd, void *buf, size_t len,
+                      int flags, struct sockaddr *src_addr,
+                      socklen_t *addr_len)
+{
+    if (src_addr && addr_len && (sizeof(struct sockaddr) <= *addr_len)) {
+        *src_addr  = (struct sockaddr) {
+            0
+        };
+        // Dummy Addr
+        src_addr->sa_family = AF_INET;
+
+        // We want an AF_INET address with dummy values
+        struct sockaddr_in *addr_in = (struct sockaddr_in *) src_addr;
+        addr_in->sin_port = 12356;
+        addr_in->sin_addr.s_addr = INADDR_LOOPBACK + 1;
+        *addr_len = sizeof(struct sockaddr);
+    }
+
+    return recv_common(buf, len);
+}
+
+ssize_t fuzz_recv(int sockfd, void *buf, size_t len, int flags)
+{
+    return recv_common(buf, len);
+}
+
+void fuzz_random_bytes(uint8_t *rnd, size_t length)
+{
+    // Amount of data is limited
+    size_t available = data.end - data.cur;
+    size_t bytes_read = length > available ? available : length;
+    // Initialize everything to make MSAN and others happy
+    memset(rnd, 0, length);
+    memcpy(rnd, data.cur, bytes_read);
+    data.cur += bytes_read;
+}
+
+uint64_t fuzz_get_count(void)
+{
+    return data.counter++;
+}

testing/fuzzing/fuzz_adapter.h

@@ -0,0 +1,48 @@
+/* SPDX-License-Identifier: GPL-3.0-or-later
+ * Copyright © 2021 The TokTok team.
+ */
+
+#ifndef C_TOXCORE_TESTING_FUZZING_FUZZ_ADAPTER_H
+#define C_TOXCORE_TESTING_FUZZING_FUZZ_ADAPTER_H
+
+#include <stdint.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Init function for the fuzzing harness
+ * @param buf Begin of fuzz data
+ * @param length Length of buf
+ */
+void network_adapter_init(const uint8_t *buf, size_t length);
+
+/* The following functions intercept calls to standard network functions for fuzzing purposes and return data from the fuzz buffer. */
+
+ssize_t fuzz_sendto(int sockfd, const void *buf, size_t len,
+                    int flags, const struct sockaddr *addr,
+                    socklen_t addrlen);
+
+ssize_t fuzz_send(int sockfd, const void *buf, size_t len, int flags);
+
+ssize_t fuzz_recvfrom(int sockfd, void *buf, size_t len,
+                      int flags, struct sockaddr *src_addr,
+                      socklen_t *addr_len);
+
+ssize_t fuzz_recv(int sockfd, void *buf, size_t len, int flags);
+
+/* The following functions intercept generation of random data */
+void fuzz_random_bytes(uint8_t *rnd, size_t length);
+
+/* The following function replaces all time bases with a monotonic counter */
+
+uint64_t fuzz_get_count(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // C_TOXCORE_TESTING_FUZZING_FUZZ_ADAPTER_H

testing/fuzzing/toxsave_harness.cc

@@ -1,3 +1,5 @@
+#include <cassert>
+
 #include "../../toxcore/tox.h"
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {

toxcore/LAN_discovery.c

@@ -120,7 +120,7 @@ static void fetch_broadcast_info(uint16_t port)
     }
 }
 
-#elif defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
+#elif !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) && (defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__))
 
 static void fetch_broadcast_info(uint16_t port)
 {

toxcore/crypto_core.c

@@ -29,6 +29,12 @@
 #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
 #endif
 
+//!TOKSTYLE-
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+#include "../testing/fuzzing/fuzz_adapter.h"
+#endif
+//!TOKSTYLE+
+
 static_assert(CRYPTO_PUBLIC_KEY_SIZE == crypto_box_PUBLICKEYBYTES,
               "CRYPTO_PUBLIC_KEY_SIZE should be equal to crypto_box_PUBLICKEYBYTES");
 static_assert(CRYPTO_SECRET_KEY_SIZE == crypto_box_SECRETKEYBYTES,
@@ -48,6 +54,7 @@ static_assert(CRYPTO_SHA512_SIZE == crypto_hash_sha512_BYTES,
 static_assert(CRYPTO_PUBLIC_KEY_SIZE == 32,
               "CRYPTO_PUBLIC_KEY_SIZE is required to be 32 bytes for public_key_cmp to work");
 
+#if !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
 static uint8_t *crypto_malloc(size_t bytes)
 {
     return (uint8_t *)malloc(bytes);
@@ -61,10 +68,16 @@ static void crypto_free(uint8_t *ptr, size_t bytes)
 
     free(ptr);
 }
+#endif // !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
 
 int32_t public_key_cmp(const uint8_t *pk1, const uint8_t *pk2)
 {
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    // Hope that this is better for the fuzzer
+    return memcmp(pk1, pk2, CRYPTO_PUBLIC_KEY_SIZE) == 0 ? 0 : -1;
+#else
     return crypto_verify_32(pk1, pk2);
+#endif
 }
 
 int32_t crypto_sha512_cmp(const uint8_t *cksum1, const uint8_t *cksum2)
@@ -131,6 +144,11 @@ int32_t encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce,
         return -1;
     }
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    memcpy(encrypted, plain, length); // Don't encrypt anything
+    memset(encrypted + length, 0, crypto_box_MACBYTES); // Zero MAC to avoid false alarms of uninitialized memory
+#else
+
     const size_t size_temp_plain = length + crypto_box_ZEROBYTES;
     const size_t size_temp_encrypted = length + crypto_box_MACBYTES + crypto_box_BOXZEROBYTES;
 
@@ -159,7 +177,7 @@ int32_t encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce,
 
     crypto_free(temp_plain, size_temp_plain);
     crypto_free(temp_encrypted, size_temp_encrypted);
-
+#endif
     return length + crypto_box_MACBYTES;
 }
 
@@ -170,6 +188,10 @@ int32_t decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce,
         return -1;
     }
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    memcpy(plain, encrypted, length - crypto_box_MACBYTES); // Don't encrypt anything
+#else
+
     const size_t size_temp_plain = length + crypto_box_ZEROBYTES;
     const size_t size_temp_encrypted = length + crypto_box_BOXZEROBYTES;
 
@@ -197,6 +219,7 @@ int32_t decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce,
 
     crypto_free(temp_plain, size_temp_plain);
     crypto_free(temp_encrypted, size_temp_encrypted);
+#endif
     return length - crypto_box_MACBYTES;
 }
 
@@ -295,7 +318,14 @@ void new_symmetric_key(uint8_t *key)
 
 int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key)
 {
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    random_bytes(secret_key, CRYPTO_SECRET_KEY_SIZE);
+    memset(public_key, 0, CRYPTO_PUBLIC_KEY_SIZE); // Make MSAN happy
+    crypto_scalarmult_curve25519_base(public_key, secret_key);
+    return 0;
+#else
     return crypto_box_keypair(public_key, secret_key);
+#endif
 }
 
 void crypto_derive_public_key(uint8_t *public_key, const uint8_t *secret_key)
@@ -315,5 +345,9 @@ void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length)
 
 void random_bytes(uint8_t *data, size_t length)
 {
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    fuzz_random_bytes(data, length);
+#else
     randombytes(data, length);
+#endif
 }

toxcore/mono_time.c

@@ -32,6 +32,12 @@
 
 #include "ccompat.h"
 
+//!TOKSTYLE-
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+#include "../testing/fuzzing/fuzz_adapter.h"
+#endif
+//!TOKSTYLE+
+
 /* don't call into system billions of times for no reason */
 struct Mono_Time {
     uint64_t time;
@@ -98,6 +104,14 @@ static uint64_t current_time_monotonic_default(Mono_Time *mono_time, void *user_
     return time;
 }
 
+
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+static uint64_t current_time_monotonic_dummy(Mono_Time *mono_time, void *user_data)
+{
+    return fuzz_get_count();
+}
+#endif
+
 Mono_Time *mono_time_new(void)
 {
     Mono_Time *mono_time = (Mono_Time *)calloc(1, sizeof(Mono_Time));
@@ -119,7 +133,11 @@ Mono_Time *mono_time_new(void)
         return nullptr;
     }
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    mono_time->current_time_callback = current_time_monotonic_dummy;
+#else
     mono_time->current_time_callback = current_time_monotonic_default;
+#endif
     mono_time->user_data = nullptr;
 
 #ifdef OS_WIN32
@@ -136,7 +154,11 @@ Mono_Time *mono_time_new(void)
 #endif
 
     mono_time->time = 0;
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    mono_time->base_time = 0; // Maximum reproducibility
+#else
     mono_time->base_time = (uint64_t)time(nullptr) - (current_time_monotonic(mono_time) / 1000ULL);
+#endif
 
     mono_time_update(mono_time);
 
@@ -174,11 +196,16 @@ void mono_time_update(Mono_Time *mono_time)
 
 uint64_t mono_time_get(const Mono_Time *mono_time)
 {
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    // Fuzzing is only single thread for now, no locking needed */
+    return mono_time->time;
+#else
     uint64_t time = 0;
     pthread_rwlock_rdlock(mono_time->time_update_lock);
     time = mono_time->time;
     pthread_rwlock_unlock(mono_time->time_update_lock);
     return time;
+#endif
 }
 
 bool mono_time_is_timeout(const Mono_Time *mono_time, uint64_t timestamp, uint64_t timeout)