From 0aa3b4ee81fc2039a409e98f503ae2437183804b Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 8 Nov 2021 19:40:35 +0100
Subject: [PATCH] tests: Introduce bind configuration fuzzer

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 tests/fuzz/CMakeLists.txt             |  1 +
 tests/fuzz/ssh_bind_config_fuzzer.cpp | 56 +++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 tests/fuzz/ssh_bind_config_fuzzer.cpp

diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt
index dcdfd808..2d0e8fa0 100644
--- a/tests/fuzz/CMakeLists.txt
+++ b/tests/fuzz/CMakeLists.txt
@@ -22,3 +22,4 @@ endmacro()
 fuzzer(ssh_client_fuzzer)
 fuzzer(ssh_server_fuzzer)
 fuzzer(ssh_client_config_fuzzer)
+fuzzer(ssh_bind_config_fuzzer)
diff --git a/tests/fuzz/ssh_bind_config_fuzzer.cpp b/tests/fuzz/ssh_bind_config_fuzzer.cpp
new file mode 100644
index 00000000..3fbecbd0
--- /dev/null
+++ b/tests/fuzz/ssh_bind_config_fuzzer.cpp
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2021 Jakub Jelen <jjelen@redhat.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+extern "C" {
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define LIBSSH_STATIC 1
+#include "libssh/libssh.h"
+#include "libssh/server.h"
+#include "libssh/bind_config.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    ssh_bind bind = NULL;
+    char *input = NULL;
+
+    input = (char *)malloc(size + 1);
+    if (!input) {
+        return 1;
+    }
+    strncpy(input, (const char *)data, size);
+    input[size] = '\0';
+
+    ssh_init();
+
+    bind = ssh_bind_new();
+    assert(bind != NULL);
+
+    ssh_bind_config_parse_string(bind, input);
+
+    ssh_bind_free(bind);
+    ssh_finalize();
+
+    free(input);
+
+    return 0;
+}
+
+}