16cd6a6acSopenharmony_ci#include <stdlib.h> 26cd6a6acSopenharmony_ci#include <stdio.h> 36cd6a6acSopenharmony_ci#include <stdint.h> 46cd6a6acSopenharmony_ci#include <string.h> 56cd6a6acSopenharmony_ci#include <getopt.h> 66cd6a6acSopenharmony_ci#include <sys/stat.h> 76cd6a6acSopenharmony_ci 86cd6a6acSopenharmony_ci#include <sepol/cil/cil.h> 96cd6a6acSopenharmony_ci#include <sepol/policydb.h> 106cd6a6acSopenharmony_ci 116cd6a6acSopenharmony_cistatic void log_handler(__attribute__((unused)) int lvl, __attribute__((unused)) const char *msg) { 126cd6a6acSopenharmony_ci /* be quiet */ 136cd6a6acSopenharmony_ci} 146cd6a6acSopenharmony_ci 156cd6a6acSopenharmony_ciint LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 166cd6a6acSopenharmony_ci enum cil_log_level log_level = CIL_ERR; 176cd6a6acSopenharmony_ci struct sepol_policy_file *pf = NULL; 186cd6a6acSopenharmony_ci FILE *dev_null = NULL; 196cd6a6acSopenharmony_ci int target = SEPOL_TARGET_SELINUX; 206cd6a6acSopenharmony_ci int disable_dontaudit = 0; 216cd6a6acSopenharmony_ci int multiple_decls = 0; 226cd6a6acSopenharmony_ci int disable_neverallow = 0; 236cd6a6acSopenharmony_ci int preserve_tunables = 0; 246cd6a6acSopenharmony_ci int policyvers = POLICYDB_VERSION_MAX; 256cd6a6acSopenharmony_ci int mls = -1; 266cd6a6acSopenharmony_ci int attrs_expand_generated = 0; 276cd6a6acSopenharmony_ci struct cil_db *db = NULL; 286cd6a6acSopenharmony_ci sepol_policydb_t *pdb = NULL; 296cd6a6acSopenharmony_ci 306cd6a6acSopenharmony_ci cil_set_log_level(log_level); 316cd6a6acSopenharmony_ci cil_set_log_handler(log_handler); 326cd6a6acSopenharmony_ci 336cd6a6acSopenharmony_ci cil_db_init(&db); 346cd6a6acSopenharmony_ci cil_set_disable_dontaudit(db, disable_dontaudit); 356cd6a6acSopenharmony_ci cil_set_multiple_decls(db, multiple_decls); 366cd6a6acSopenharmony_ci cil_set_disable_neverallow(db, disable_neverallow); 376cd6a6acSopenharmony_ci cil_set_preserve_tunables(db, preserve_tunables); 386cd6a6acSopenharmony_ci cil_set_mls(db, mls); 396cd6a6acSopenharmony_ci cil_set_target_platform(db, target); 406cd6a6acSopenharmony_ci cil_set_policy_version(db, policyvers); 416cd6a6acSopenharmony_ci cil_set_attrs_expand_generated(db, attrs_expand_generated); 426cd6a6acSopenharmony_ci 436cd6a6acSopenharmony_ci if (cil_add_file(db, "fuzz", (const char *)data, size) != SEPOL_OK) 446cd6a6acSopenharmony_ci goto exit; 456cd6a6acSopenharmony_ci 466cd6a6acSopenharmony_ci if (cil_compile(db) != SEPOL_OK) 476cd6a6acSopenharmony_ci goto exit; 486cd6a6acSopenharmony_ci 496cd6a6acSopenharmony_ci if (cil_build_policydb(db, &pdb) != SEPOL_OK) 506cd6a6acSopenharmony_ci goto exit; 516cd6a6acSopenharmony_ci 526cd6a6acSopenharmony_ci if (sepol_policydb_optimize(pdb) != SEPOL_OK) 536cd6a6acSopenharmony_ci goto exit; 546cd6a6acSopenharmony_ci 556cd6a6acSopenharmony_ci dev_null = fopen("/dev/null", "w"); 566cd6a6acSopenharmony_ci if (dev_null == NULL) 576cd6a6acSopenharmony_ci goto exit; 586cd6a6acSopenharmony_ci 596cd6a6acSopenharmony_ci if (sepol_policy_file_create(&pf) != 0) 606cd6a6acSopenharmony_ci goto exit; 616cd6a6acSopenharmony_ci 626cd6a6acSopenharmony_ci sepol_policy_file_set_fp(pf, dev_null); 636cd6a6acSopenharmony_ci 646cd6a6acSopenharmony_ci if (sepol_policydb_write(pdb, pf) != 0) 656cd6a6acSopenharmony_ci goto exit; 666cd6a6acSopenharmony_ciexit: 676cd6a6acSopenharmony_ci if (dev_null != NULL) 686cd6a6acSopenharmony_ci fclose(dev_null); 696cd6a6acSopenharmony_ci 706cd6a6acSopenharmony_ci cil_db_destroy(&db); 716cd6a6acSopenharmony_ci sepol_policydb_free(pdb); 726cd6a6acSopenharmony_ci sepol_policy_file_free(pf); 736cd6a6acSopenharmony_ci return 0; 746cd6a6acSopenharmony_ci} 75