proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-02 20:27:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #6989 from xThaid/remove_fuzzing

Browse Source 
zebra: remove fuzzing stuff
This commit is contained in:
Quentin Young 2020-08-27 17:33:43 -04:00 committed by GitHub
commit 3d9d84e42e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 0 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
configure.ac
View File

@ -610,10 +610,6 @@ AC_ARG_ENABLE([cumulus],
AS_HELP_STRING([--enable-cumulus], [enable Cumulus Switch Special Extensions]))
AC_ARG_ENABLE([datacenter],
AS_HELP_STRING([--enable-datacenter], [enable Compilation for Data Center Extensions]))
AC_ARG_ENABLE([fuzzing],
AS_HELP_STRING([--enable-fuzzing], [enable ability to fuzz various parts of FRR]))
AC_ARG_ENABLE([netlink_fuzzing],
AS_HELP_STRING([--enable-netlink-fuzzing], [enable ability to fuzz netlink listening socket in zebra]))
AC_ARG_ENABLE([rr-semantics],
AS_HELP_STRING([--disable-rr-semantics], [disable the v6 Route Replace semantics]))
AC_ARG_ENABLE([protobuf],
@ -718,14 +714,6 @@ else
DFLT_NAME="traditional"
fi
if test "$enable_fuzzing" = "yes" ; then
AC_DEFINE([HANDLE_ZAPI_FUZZING], [1], [Compile extensions to use with a fuzzer])
fi
if test "$enable_netlink_fuzzing" = "yes" ; then
AC_DEFINE([HANDLE_NETLINK_FUZZING], [1], [Compile extensions to use with a fuzzer for netlink])
fi
if test "$enable_cumulus" = "yes" ; then
AC_DEFINE([HAVE_CUMULUS], [1], [Compile Special Cumulus Code in])
fi

6
doc/user/installation.rst
View File

@ -255,12 +255,6 @@ options from the list below.
mind. Specifically turn on -g3 -O0 for compiling options and add inclusion
of grammar sandbox.
.. option:: --enable-fuzzing
Turn on some compile options to allow you to run fuzzing tools against the
system. This flag is intended as a developer only tool and should not be
used for normal operations.
.. option:: --disable-snmp
Build without SNMP support.

104
zebra/kernel_netlink.c
View File

@ -20,12 +20,6 @@
#include <zebra.h>
#if defined(HANDLE_NETLINK_FUZZING)
#include <stdio.h>
#include <string.h>
#include "libfrr.h"
#endif /* HANDLE_NETLINK_FUZZING */
#ifdef HAVE_NETLINK
#include "linklist.h"
@ -404,86 +398,6 @@ static int netlink_information_fetch(struct nlmsghdr *h, ns_id_t ns_id,
return 0;
}
#if defined(HANDLE_NETLINK_FUZZING)
/* Using globals here to avoid adding function parameters */
/* Keep distinct filenames for netlink fuzzy collection */
static unsigned int netlink_file_counter = 1;
/* File name to read fuzzed netlink from */
static char netlink_fuzz_file[MAXPATHLEN] = "";
/* Flag for whether to read from file or not */
bool netlink_read;
/**
* netlink_read_init() - Starts the message parser
* @fname: Filename to read.
*/
void netlink_read_init(const char *fname)
{
struct zebra_dplane_info dp_info;
snprintf(netlink_fuzz_file, MAXPATHLEN, "%s", fname);
/* Creating this fake socket for testing purposes */
struct zebra_ns *zns = zebra_ns_lookup(NS_DEFAULT);
/* Capture key info from zns struct */
zebra_dplane_info_from_zns(&dp_info, zns, false);
netlink_parse_info(netlink_information_fetch, &zns->netlink,
&dp_info, 1, 0);
}
/**
* netlink_write_incoming() - Writes all data received from netlink to a file
* @buf: Data from netlink.
* @size: Size of data.
* @counter: Counter for keeping filenames distinct.
*/
static void netlink_write_incoming(const char *buf, const unsigned int size,
unsigned int counter)
{
char fname[MAXPATHLEN];
FILE *f;
snprintf(fname, MAXPATHLEN, "%s/%s_%u", frr_vtydir, "netlink", counter);
frr_with_privs(&zserv_privs) {
f = fopen(fname, "w");
}
if (f) {
fwrite(buf, 1, size, f);
fclose(f);
}
}
/**
* netlink_read_file() - Reads netlink data from file
* @buf: Netlink buffer being overwritten.
* @fname: File name to read from.
*
* Return: Size of file.
*/
static long netlink_read_file(char *buf, const char *fname)
{
FILE *f;
long file_bytes = -1;
frr_with_privs(&zserv_privs) {
f = fopen(fname, "r");
}
if (f) {
fseek(f, 0, SEEK_END);
file_bytes = ftell(f);
rewind(f);
fread(buf, NL_RCV_PKT_BUF_SIZE, 1, f);
fclose(f);
}
return file_bytes;
}
#endif /* HANDLE_NETLINK_FUZZING */
static int kernel_read(struct thread *thread)
{
struct zebra_ns *zns = (struct zebra_ns *)THREAD_ARG(thread);
@ -834,18 +748,7 @@ static int netlink_recv_msg(const struct nlsock *nl, struct msghdr msg,
msg.msg_iovlen = 1;
do {
#if defined(HANDLE_NETLINK_FUZZING)
/* Check if reading and filename is set */
if (netlink_read && '\0' != netlink_fuzz_file[0]) {
zlog_debug("Reading netlink fuzz file");
status = netlink_read_file(buf, netlink_fuzz_file);
((struct sockaddr_nl *)msg.msg_name)->nl_pid = 0;
} else {
status = recvmsg(nl->sock, &msg, 0);
}
#else
status = recvmsg(nl->sock, &msg, 0);
#endif /* HANDLE_NETLINK_FUZZING */
} while (status == -1 && errno == EINTR);
if (status == -1) {
@ -877,13 +780,6 @@ static int netlink_recv_msg(const struct nlsock *nl, struct msghdr msg,
zlog_hexdump(buf, status);
}
#if defined(HANDLE_NETLINK_FUZZING)
if (!netlink_read) {
zlog_debug("Writing incoming netlink message");
netlink_write_incoming(buf, status, netlink_file_counter++);
}
#endif /* HANDLE_NETLINK_FUZZING */
return status;
}

4
zebra/kernel_netlink.h
View File

@ -86,10 +86,6 @@ extern const char *nl_rtproto_to_str(uint8_t rtproto);
extern const char *nl_family_to_str(uint8_t family);
extern const char *nl_rttype_to_str(uint8_t rttype);
#if defined(HANDLE_NETLINK_FUZZING)
extern bool netlink_read;
extern void netlink_read_init(const char *fname);
#endif /* HANDLE_NETLINK_FUZZING */
extern int netlink_parse_info(int (*filter)(struct nlmsghdr *, ns_id_t, int),
const struct nlsock *nl,
const struct zebra_dplane_info *dp_info,

51
zebra/main.c
View File

@ -59,10 +59,6 @@
#include "zebra/zebra_opaque.h"
#include "zebra/zebra_srte.h"
#if defined(HANDLE_NETLINK_FUZZING)
#include "zebra/kernel_netlink.h"
#endif /* HANDLE_NETLINK_FUZZING */
#define ZEBRA_PTM_SUPPORT
/* process id. */
@ -284,12 +280,6 @@ int main(int argc, char **argv)
char *vrf_default_name_configured = NULL;
struct sockaddr_storage dummy;
socklen_t dummylen;
#if defined(HANDLE_ZAPI_FUZZING)
char *zapi_fuzzing = NULL;
#endif /* HANDLE_ZAPI_FUZZING */
#if defined(HANDLE_NETLINK_FUZZING)
char *netlink_fuzzing = NULL;
#endif /* HANDLE_NETLINK_FUZZING */
graceful_restart = 0;
vrf_configure_backend(VRF_BACKEND_VRF_LITE);
@ -301,12 +291,6 @@ int main(int argc, char **argv)
#ifdef HAVE_NETLINK
"s:n"
#endif
#if defined(HANDLE_ZAPI_FUZZING)
"c:"
#endif /* HANDLE_ZAPI_FUZZING */
#if defined(HANDLE_NETLINK_FUZZING)
"w:"
#endif /* HANDLE_NETLINK_FUZZING */
,
longopts,
" -b, --batch Runs in batch mode\n"
@ -321,12 +305,6 @@ int main(int argc, char **argv)
" -s, --nl-bufsize Set netlink receive buffer size\n"
" --v6-rr-semantics Use v6 RR semantics\n"
#endif /* HAVE_NETLINK */
#if defined(HANDLE_ZAPI_FUZZING)
" -c <file> Bypass normal startup and use this file for testing of zapi\n"
#endif /* HANDLE_ZAPI_FUZZING */
#if defined(HANDLE_NETLINK_FUZZING)
" -w <file> Bypass normal startup and use this file for testing of netlink input\n"
#endif /* HANDLE_NETLINK_FUZZING */
);
while (1) {
@ -388,21 +366,6 @@ int main(int argc, char **argv)
v6_rr_semantics = true;
break;
#endif /* HAVE_NETLINK */
#if defined(HANDLE_ZAPI_FUZZING)
case 'c':
zapi_fuzzing = optarg;
break;
#endif /* HANDLE_ZAPI_FUZZING */
#if defined(HANDLE_NETLINK_FUZZING)
case 'w':
netlink_fuzzing = optarg;
/* This ensures we are aren't writing any of the
* startup netlink messages that happen when we
* just want to read.
*/
netlink_read = true;
break;
#endif /* HANDLE_NETLINK_FUZZING */
default:
frr_help_exit(1);
break;
@ -489,20 +452,6 @@ int main(int argc, char **argv)
/* Error init */
zebra_error_init();
#if defined(HANDLE_ZAPI_FUZZING)
if (zapi_fuzzing) {
zserv_read_file(zapi_fuzzing);
exit(0);
}
#endif /* HANDLE_ZAPI_FUZZING */
#if defined(HANDLE_NETLINK_FUZZING)
if (netlink_fuzzing) {
netlink_read_init(netlink_fuzzing);
exit(0);
}
#endif /* HANDLE_NETLINK_FUZZING */
frr_run(zrouter.master);
/* Not reached... */

27
zebra/zapi_msg.c
View File

@ -3116,29 +3116,6 @@ void (*const zserv_handlers[])(ZAPI_HANDLER_ARGS) = {
[ZEBRA_CLIENT_CAPABILITIES] = zread_client_capabilities,
[ZEBRA_NEIGH_DISCOVER] = zread_neigh_discover};
#if defined(HANDLE_ZAPI_FUZZING)
extern struct zebra_privs_t zserv_privs;
static void zserv_write_incoming(struct stream *orig, uint16_t command)
{
char fname[MAXPATHLEN];
struct stream *copy;
int fd = -1;
copy = stream_dup(orig);
stream_set_getp(copy, 0);
snprintf(fname, MAXPATHLEN, "%s/%u", frr_vtydir, command);
frr_with_privs(&zserv_privs) {
fd = open(fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
}
stream_flush(copy, fd);
close(fd);
stream_free(copy);
}
#endif
/*
* Process a batch of zapi messages.
*/
@ -3169,10 +3146,6 @@ void zserv_handle_commands(struct zserv *client, struct stream_fifo *fifo)
&& IS_ZEBRA_DEBUG_DETAIL)
zserv_log_message(NULL, msg, &hdr);
#if defined(HANDLE_ZAPI_FUZZING)
zserv_write_incoming(msg, hdr.command);
#endif
hdr.length -= ZEBRA_HEADER_SIZE;
/* Before checking for a handler function, check for

11
zebra/zserv.c
View File

@ -1294,17 +1294,6 @@ DEFUN (show_zebra_client_summary,
return CMD_SUCCESS;
}
#if defined(HANDLE_ZAPI_FUZZING)
void zserv_read_file(char *input)
{
int fd;
fd = open(input, O_RDONLY | O_NONBLOCK);
zserv_client_create(fd);
}
#endif
void zserv_init(void)
{
/* Client list init. */

4
zebra/zserv.h
View File

@ -375,10 +375,6 @@ extern void zserv_close_client(struct zserv *client);
void zserv_log_message(const char *errmsg, struct stream *msg,
struct zmsghdr *hdr);
#if defined(HANDLE_ZAPI_FUZZING)
extern void zserv_read_file(char *input);
#endif
/* TODO */
__attribute__((__noreturn__)) int zebra_finalize(struct thread *event);