2 Fuzz sddl decoding and encoding
3 Copyright (C) Catalyst IT 2023
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "libcli/security/security.h"
21 #include "fuzzing/fuzzing.h"
23 #define MAX_LENGTH (100 * 1024 - 1)
24 static char sddl_string
[MAX_LENGTH
+ 1] = {0};
25 static struct dom_sid dom_sid
= {0};
27 int LLVMFuzzerInitialize(int *argc
, char ***argv
)
29 string_to_sid(&dom_sid
,
30 "S-1-5-21-2470180966-3899876309-2637894779");
35 int LLVMFuzzerTestOneInput(const uint8_t *input
, size_t len
)
37 TALLOC_CTX
*mem_ctx
= NULL
;
38 struct security_descriptor
*sd1
= NULL
;
39 struct security_descriptor
*sd2
= NULL
;
43 if (len
> MAX_LENGTH
) {
47 memcpy(sddl_string
, input
, len
);
48 sddl_string
[len
] = '\0';
50 mem_ctx
= talloc_new(NULL
);
52 sd1
= sddl_decode(mem_ctx
, sddl_string
, &dom_sid
);
56 result
= sddl_encode(mem_ctx
, sd1
, &dom_sid
);
57 sd2
= sddl_decode(mem_ctx
, result
, &dom_sid
);
58 ok
= security_descriptor_equal(sd1
, sd2
);