1 #include <iostream>
2 #include <fstream>
3 #include <string.h>
4 #include <string>
5 #include <iostream>
6 #include <sstream>
7 #include <errno.h>
8 #include "gptcl.h"
9 #include <fcntl.h>
10 #include <unistd.h>
11 
fuzz_gpt(char * partition_file)12 static int fuzz_gpt(char* partition_file) {
13     BasicMBRData mbrData;
14     GPTData gptData;
15     GPTPart partData;
16     int numParts = 0;
17     stringstream res;
18 
19     gptData.JustLooking();
20     gptData.LoadPartitions((string) partition_file);
21     gptData.LoadMainTable();
22     gptData.GetDiskGUID();
23     numParts = gptData.GetNumParts();
24 
25     //Extracted from the android_dump function in sgdisk.cc, hits more code
26     for (int i = 0; i < numParts; i++) {
27         partData = gptData[i];
28         if (partData.GetFirstLBA() > 0) {
29             partData.GetType();
30             partData.GetUniqueGUID();
31             partData.GetDescription();;
32         }
33     }
34     return 0;
35 }
36 
37 #ifdef GPTFDISK_FUZZER_DEVICE
38 #define TMPFILE_TEMPLATE "/data/local/tmp/gptfuzzXXXXXXXX\x00"
39 #else
40 #define TMPFILE_TEMPLATE "/dev/shm/gptfuzzXXXXXXXX\x00"
41 #endif
42 
43 size_t TMPFILE_LEN = sizeof(TMPFILE_TEMPLATE);
44 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)45 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
46     char partition_tmp_file[TMPFILE_LEN];
47     int tmpfd;
48 
49     memcpy(partition_tmp_file, TMPFILE_TEMPLATE, TMPFILE_LEN);
50     tmpfd = mkstemp(partition_tmp_file);
51     if(tmpfd < 0)
52         return -1;
53     write(tmpfd, data, size);
54     close(tmpfd);
55     fuzz_gpt(partition_tmp_file);
56     remove(partition_tmp_file);
57     return 0;
58 }
59