aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/unittest/api_fuzz_test.c
AgeCommit message (Collapse)AuthorFilesLines
2022-03-23api: better segregate client and server codeBenoît Ganne1-4/+4
- move memory and server specific vl_msg_api_handler_with_vm_node() to memory server code only - keep api_global_main static Apart from being cleaner, this also helps avoiding symbols conflict when both client and server libs are loaded in the same process, as is done by the prom plugin. Those symbols conflict confuse ASan and can be nasty to debug. Type: improvement Change-Id: Iaf58596cc753ad8d3fedd8d65c4bf480ac129c2c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-05-04misc: binary api fuzz test fixesDave Barach1-0/+187
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API messages, e.g. by xoring random data into them before processing. We specifically exempt client connection messages, and inband debug CLI messages. We step over msg_id, client index, client context, and sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn anything. The goal is to reduce the number of crashes caused to zero. We're fairly close with this patch. Add vl_msg_api_max_length(void *mp), which returns the maximum plausible length for a binary API message. Use it to hardern vl_api_from_api_to_new_vec(...) which takes an additional argument - message pointer - so it can verify that astr->length is sane. If it's not sane, return a u8 *vector of the form "insane astr->length nnnn\0". Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...) and vl_api_dhcp6_pd_send_client_message_t_handler(...). Add a fairly effective binary API fuzz hook to the unittest plugin, and modify the "make test" framework.py to pass "api-fuzz { on|off }" to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I0157267652a163c01553d5267620f719cc6c3bde