mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 18:08:53 +00:00
c7355b19aa
Summary: Pull Request resolved: https://github.com/facebook/osquery/pull/5452 As suggested in another diff, this diff updates the language we use to describe the osquery licensing terms. We are changing all instances of //This source code is licensed as defined on the LICENSE file found in the root directory of this source tree.// to //This source code is licensed in accordance with the terms specified in the LICENSE file found in the root directory of this source tree.// We accomplish this with a codemod: $ codemod -md xplat/osquery/oss --extensions cpp,h,in,py,sh,mm,ps1 "(.\s+)This source code is licensed as defined on the LICENSE file found in the(.*)root directory of this source tree\." "\1This source code is licensed in accordance with the terms specified in\2the LICENSE file found in the root directory of this source tree." Reviewed By: fmanco Differential Revision: D14131290 fbshipit-source-id: 52c90da342263e2a80f5a678ecd760c19cf7513e
126 lines
3.1 KiB
C++
126 lines
3.1 KiB
C++
/**
|
|
* Copyright (c) 2014-present, Facebook, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* This source code is licensed in accordance with the terms specified in
|
|
* the LICENSE file found in the root directory of this source tree.
|
|
*/
|
|
|
|
#include <osquery/config/config.h>
|
|
#include <osquery/database.h>
|
|
#include <osquery/registry.h>
|
|
#include <osquery/sql.h>
|
|
|
|
/* Use these defines to flip the fuzzing harnesses. */
|
|
// #define OSQUERY_FUZZ_SQL
|
|
// #define OSQUERY_FUZZ_SMBIOS
|
|
#define OSQUERY_FUZZ_CONFIG
|
|
|
|
void init() {
|
|
osquery::registryAndPluginInit();
|
|
osquery::DatabasePlugin::setAllowOpen(true);
|
|
osquery::Registry::get().setActive("database", "ephemeral");
|
|
osquery::DatabasePlugin::initPlugin().ok();
|
|
|
|
osquery::PluginRequest r;
|
|
r["action"] = "detach";
|
|
r["table"] = "file";
|
|
|
|
osquery::PluginResponse rsp;
|
|
osquery::Registry::get().call("sql", r, rsp);
|
|
}
|
|
|
|
/**
|
|
* Example: This will fuzz SMBIOS content, which is not user-controllable.
|
|
*/
|
|
#ifdef OSQUERY_FUZZ_SMBIOS
|
|
|
|
#include "osquery/tables/system/smbios_utils.h"
|
|
|
|
class FuzzSMBIOSParser : public osquery::tables::SMBIOSParser {
|
|
public:
|
|
FuzzSMBIOSParser(const uint8_t* data, size_t size) {
|
|
table_data_ = (uint8_t*)malloc(size);
|
|
table_size_ = size;
|
|
memcpy(table_data_, data, size);
|
|
}
|
|
|
|
public:
|
|
virtual ~FuzzSMBIOSParser() {
|
|
if (table_data_ != nullptr) {
|
|
free(table_data_);
|
|
table_data_ = nullptr;
|
|
}
|
|
}
|
|
};
|
|
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
|
static bool setup = false;
|
|
if (!setup) {
|
|
init();
|
|
setup = true;
|
|
}
|
|
|
|
FuzzSMBIOSParser parser(data, size);
|
|
osquery::QueryData results;
|
|
|
|
parser.tables(([&results](size_t index,
|
|
const osquery::tables::SMBStructHeader* hdr,
|
|
uint8_t* address,
|
|
uint8_t* textAddrs,
|
|
size_t size) {
|
|
genSMBIOSTable(index, hdr, address, size, results);
|
|
genSMBIOSMemoryDevices(index, hdr, address, textAddrs, size, results);
|
|
genSMBIOSMemoryArrays(index, hdr, address, size, results);
|
|
genSMBIOSMemoryArrayMappedAddresses(index, hdr, address, size, results);
|
|
genSMBIOSMemoryErrorInfo(index, hdr, address, size, results);
|
|
genSMBIOSMemoryDeviceMappedAddresses(index, hdr, address, size, results);
|
|
}));
|
|
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
/**
|
|
* Example: This will mostly fuzz SQLites internals.
|
|
*/
|
|
#ifdef OSQUERY_FUZZ_SQL
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
|
static bool setup = false;
|
|
if (!setup) {
|
|
init();
|
|
setup = true;
|
|
}
|
|
|
|
std::string q((const char*)data, size);
|
|
std::transform(q.begin(), q.end(), q.begin(), ::tolower);
|
|
|
|
// Short circuit the file table.
|
|
if (q.find("from file") != std::string::npos) {
|
|
return 0;
|
|
}
|
|
|
|
osquery::QueryData r;
|
|
osquery::query(q, r);
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
/**
|
|
* Example: This will fuzz configuration handling and the config parsers.
|
|
*/
|
|
#ifdef OSQUERY_FUZZ_CONFIG
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
|
static bool setup = false;
|
|
if (!setup) {
|
|
init();
|
|
setup = true;
|
|
}
|
|
|
|
std::string q((const char*)data, size);
|
|
osquery::Config::get().update({{"fuzz", q}});
|
|
|
|
return 0;
|
|
}
|
|
#endif
|