-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathafl-mojodds.c
122 lines (98 loc) · 2.78 KB
/
afl-mojodds.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
/**
* MojoDDS; tools for dealing with DDS files.
*
* Please see the file LICENSE.txt in the source's root directory.
*/
#include <assert.h>
#include <errno.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "mojodds.h"
// helper for fuzzing with AFL
// if you don't know what this is you don't need it
void __afl_manual_init(void);
int main(int argc, char *argv[]) {
if (argc != 2) {
return 0;
}
#ifdef __AFL_HAVE_MANUAL_INIT
__afl_manual_init();
#endif // __AFL_HAVE_MANUAL_INIT
const char *filename = argv[1];
FILE *f = fopen(filename, "rb");
if (!f) {
return 1;
}
fseek(f, 0, SEEK_END);
long size = ftell(f);
fseek(f, 0, SEEK_SET);
char *contents = malloc(size);
size_t readbytes = fread(contents, 1, size, f);
if (readbytes != size) {
free(contents);
fclose(f);
return 2;
}
fclose(f);
int isDDS = MOJODDS_isDDS(contents, size);
if (!isDDS) {
return 3;
}
const void *tex = NULL;
unsigned long texlen = 0;
unsigned int glfmt = 0, w = 0, h = 0, miplevels = 0;
unsigned int cubemapfacelen = 0;
MOJODDS_textureType textureType = 0;
int retval = MOJODDS_getTexture(contents, size, &tex, &texlen, &glfmt, &w, &h, &miplevels, &cubemapfacelen, &textureType);
if (!retval) {
free(contents);
return 4;
}
uint32_t hash = 0x12345678;
switch (textureType) {
case MOJODDS_TEXTURE_2D:
for (unsigned int miplevel = 0; miplevel < miplevels; miplevel++) {
const void *miptex = NULL;
unsigned long miptexlen = 0;
unsigned int mipW = 0, mipH = 0;
retval = MOJODDS_getMipMapTexture(miplevel, glfmt, tex, w, h, &miptex, &miptexlen, &mipW, &mipH);
if (!retval) {
continue;
}
// read every byte to make sure any buffer overflows actually overflow
const char *miptex_ = (const char *) miptex;
for (unsigned int i = 0; i < miptexlen; i++) {
hash = (hash * 65537) ^ miptex_[i];
}
}
break;
case MOJODDS_TEXTURE_CUBE:
for (MOJODDS_cubeFace cubeFace = MOJODDS_CUBEFACE_POSITIVE_X; cubeFace <= MOJODDS_CUBEFACE_NEGATIVE_Z; cubeFace++) {
for (unsigned int miplevel = 0; miplevel < miplevels; miplevel++) {
const void *miptex = NULL;
unsigned long miptexlen = 0;
unsigned int mipW = 0, mipH = 0;
retval = MOJODDS_getCubeFace(cubeFace, miplevel, glfmt, tex, cubemapfacelen, w, h, &miptex, &miptexlen, &mipW, &mipH);
if (!retval) {
continue;
}
// read every byte to make sure any buffer overflows actually overflow
const char *miptex_ = (const char *) miptex;
for (unsigned int i = 0; i < miptexlen; i++) {
hash = (hash * 65537) ^ miptex_[i];
}
}
}
break;
case MOJODDS_TEXTURE_VOLUME:
// TODO: do something with the data
break;
}
// do something the optimizer is not allowed to remove
printf("0x%08x\n", hash);
free(contents);
return 0;
}