Skip to content

Commit c9b1b2f

Browse files
AdamKorczAdamKorcz
committed
Fuzzing: Add fuzzer
Signed-off-by: AdamKorcz <[email protected]>
1 parent d0be7b9 commit c9b1b2f

2 files changed

Lines changed: 102 additions & 1 deletion

File tree

contrib/fuzz/containerd_import_fuzzer.go

Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
// +build gofuzz
2+
3+
/*
4+
Copyright The containerd Authors.
5+
Licensed under the Apache License, Version 2.0 (the "License");
6+
you may not use this file except in compliance with the License.
7+
You may obtain a copy of the License at
8+
http://www.apache.org/licenses/LICENSE-2.0
9+
Unless required by applicable law or agreed to in writing, software
10+
distributed under the License is distributed on an "AS IS" BASIS,
11+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
See the License for the specific language governing permissions and
13+
limitations under the License.
14+
*/
15+
16+
package fuzz
17+
18+
import (
19+
"bytes"
20+
"context"
21+
22+
fuzz "github.com/AdaLogics/go-fuzz-headers"
23+
24+
"github.com/containerd/containerd"
25+
_ "github.com/containerd/containerd/cmd/containerd"
26+
"github.com/containerd/containerd/cmd/containerd/command"
27+
"github.com/containerd/containerd/namespaces"
28+
)
29+
30+
const (
31+
defaultRoot = "/var/lib/containerd"
32+
defaultState = "/tmp/containerd"
33+
defaultAddress = "/tmp/containerd/containerd.sock"
34+
)
35+
36+
func init() {
37+
args := []string{"--log-level", "debug"}
38+
go func() {
39+
// This is similar to invoking the
40+
// containerd binary.
41+
// See contrib/fuzz/oss_fuzz_build.sh
42+
// for more info.
43+
command.StartDaemonForFuzzing(args)
44+
}()
45+
}
46+
47+
func fuzzContext() (context.Context, context.CancelFunc) {
48+
ctx, cancel := context.WithCancel(context.Background())
49+
ctx = namespaces.WithNamespace(ctx, "fuzzing-namespace")
50+
return ctx, cancel
51+
}
52+
53+
func FuzzContainerdImport(data []byte) int {
54+
client, err := containerd.New(defaultAddress)
55+
if err != nil {
56+
return 0
57+
}
58+
defer client.Close()
59+
60+
f := fuzz.NewConsumer(data)
61+
62+
noOfImports, err := f.GetInt()
63+
if err != nil {
64+
return 0
65+
}
66+
maxImports := 20
67+
ctx, cancel := fuzzContext()
68+
defer cancel()
69+
for i := 0; i < noOfImports%maxImports; i++ {
70+
tarBytes, err := f.GetBytes()
71+
if err != nil {
72+
return 0
73+
}
74+
_, _ = client.Import(ctx, bytes.NewReader(tarBytes))
75+
}
76+
return 1
77+
}

contrib/fuzz/oss_fuzz_build.sh

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,30 @@ mv contrib/fuzz/docker_fuzzer.go remotes/docker/
2727
mv contrib/fuzz/container_fuzzer.go integration/client/
2828

2929

30+
# Change path of socket since OSS-fuzz does not grant access to /run
31+
sed -i 's/\/run\/containerd/\/tmp\/containerd/g' $SRC/containerd/defaults/defaults_unix.go
32+
33+
# To build FuzzContainer2 we need to prepare a few things:
34+
# We change the name of the cmd/containerd package
35+
# so that we can import it.
36+
# We furthermore add an exported function that is similar
37+
# to cmd/containerd.main and call that instead of calling
38+
# the containerd binary.
39+
#
40+
# In the fuzzer we import cmd/containerd as a low-maintenance
41+
# way of initializing all the plugins.
42+
# Make backup of cmd/containerd:
43+
cp -r $SRC/containerd/cmd/containerd $SRC/cmd-containerd-backup
44+
# Rename package:
45+
find $SRC/containerd/cmd/containerd -type f -exec sed -i 's/package main/package mainfuzz/g' {} \;
46+
# Add an exported function
47+
sed -i -e '$afunc StartDaemonForFuzzing(arguments []string) {\n\tapp := App()\n\t_ = app.Run(arguments)\n}' $SRC/containerd/cmd/containerd/command/main.go
48+
# Build fuzzer:
49+
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzContainerdImport fuzz_containerd_import
50+
# Reinstante backup of cmd/containerd:
51+
mv $SRC/cmd-containerd-backup $SRC/containerd/cmd/containerd
52+
53+
# Compile more fuzzers
3054
compile_go_fuzzer github.com/containerd/containerd/remotes/docker FuzzFetcher fuzz_fetcher
3155
compile_go_fuzzer github.com/containerd/containerd/remotes/docker FuzzParseDockerRef fuzz_parse_docker_ref
3256
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzFiltersParse fuzz_filters_parse
@@ -38,7 +62,7 @@ compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzArchiveExpor
3862
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzParseAuth fuzz_parse_auth
3963
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzParseProcPIDStatus fuzz_parse_proc_pid_status
4064

41-
# FuzzCreateContainer requires more setup than the fuzzers above.
65+
# The below fuzzers require more setup than the fuzzers above.
4266
# We need the binaries from "make".
4367
wget -c https://github.com/protocolbuffers/protobuf/releases/download/v3.11.4/protoc-3.11.4-linux-x86_64.zip
4468
unzip protoc-3.11.4-linux-x86_64.zip -d /usr/local

0 commit comments

Comments
 (0)