From 9449f03e560031c259ef2ff13f719005c02dd99c Mon Sep 17 00:00:00 2001
From: Andrey Fedotov <fedotoff@ispras.ru>
Date: Mon, 27 Mar 2023 06:32:34 +0300
Subject: [PATCH] build: Add AFL++ fuzzing support (#351)

---
 fuzz-afl/Cargo.toml                    | 27 ++++++++++++++++++++++++++
 fuzz-afl/fuzz_targets/afl_parse.rs     |  8 ++++++++
 fuzz-afl/fuzz_targets/afl_parse_elf.rs | 26 +++++++++++++++++++++++++
 fuzz/fuzz_targets/parse_elf.rs         |  2 +-
 4 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 fuzz-afl/Cargo.toml
 create mode 100644 fuzz-afl/fuzz_targets/afl_parse.rs
 create mode 100644 fuzz-afl/fuzz_targets/afl_parse_elf.rs

diff --git a/fuzz-afl/Cargo.toml b/fuzz-afl/Cargo.toml
new file mode 100644
index 000000000..08d23d0d3
--- /dev/null
+++ b/fuzz-afl/Cargo.toml
@@ -0,0 +1,27 @@
+[package]
+name = "goblin-fuzz-afl"
+version = "0.0.1"
+authors = ["Andrey Fedotov <fedotoff@ispras.ru>"]
+edition = "2018"
+publish = false
+
+[dependencies.goblin]
+path = ".."
+
+[dependencies]
+afl = "*"
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[profile.release]
+debug = true
+
+[[bin]]
+name = "afl_parse"
+path = "fuzz_targets/afl_parse.rs"
+
+[[bin]]
+name = "afl_parse_elf"
+path = "fuzz_targets/afl_parse_elf.rs"
diff --git a/fuzz-afl/fuzz_targets/afl_parse.rs b/fuzz-afl/fuzz_targets/afl_parse.rs
new file mode 100644
index 000000000..65e0e4549
--- /dev/null
+++ b/fuzz-afl/fuzz_targets/afl_parse.rs
@@ -0,0 +1,8 @@
+#[macro_use]
+extern crate afl;
+
+fn main() {
+    fuzz!(|data: &[u8]| {
+        let _ = goblin::Object::parse(data);
+    });
+}
diff --git a/fuzz-afl/fuzz_targets/afl_parse_elf.rs b/fuzz-afl/fuzz_targets/afl_parse_elf.rs
new file mode 100644
index 000000000..6e79dd70e
--- /dev/null
+++ b/fuzz-afl/fuzz_targets/afl_parse_elf.rs
@@ -0,0 +1,26 @@
+#[macro_use]
+extern crate afl;
+
+fn main() {
+    fuzz!(|data: &[u8]| {
+        if let Ok(elf) = goblin::elf::Elf::parse(data) {
+            for section_header in &elf.section_headers {
+                let _ = elf.shdr_strtab.get_at(section_header.sh_name);
+            }
+
+            for _relocation in &elf.dynrels {}
+
+            if let Some(mut it) = elf.iter_note_headers(data) {
+                while let Some(Ok(_a)) = it.next() {}
+            }
+
+            if let Some(mut it) = elf.iter_note_sections(data, None) {
+                while let Some(Ok(_a)) = it.next() {}
+            }
+
+            if let Some(mut it) = elf.iter_note_sections(data, Some("x")) {
+                while let Some(Ok(_a)) = it.next() {}
+            }
+        }
+    });
+}
diff --git a/fuzz/fuzz_targets/parse_elf.rs b/fuzz/fuzz_targets/parse_elf.rs
index e6449861f..fc7228d29 100644
--- a/fuzz/fuzz_targets/parse_elf.rs
+++ b/fuzz/fuzz_targets/parse_elf.rs
@@ -4,7 +4,7 @@ use libfuzzer_sys::fuzz_target;
 fuzz_target!(|data: &[u8]| {
     if let Ok(elf) = goblin::elf::Elf::parse(data) {
         for section_header in &elf.section_headers {
-            let _ = elf.shdr_strtab.get(section_header.sh_name);
+            let _ = elf.shdr_strtab.get_at(section_header.sh_name);
         }
 
         for _relocation in &elf.dynrels {}