dovecot · sirainen · Mar 25, 2020 · Mar 23, 2020 · Mar 23, 2020 · Mar 23, 2020
diff --git a/configure.ac b/configure.ac
@@ -323,6 +323,7 @@ AC_CHECK_HEADERS(strings.h stdint.h unistd.h dirent.h malloc.h \
 CC_CLANG
 AC_LD_WHOLE_ARCHIVE
 DC_DOVECOT_HARDENING
+DC_DOVECOT_FUZZER
 DC_DOVECOT_CFLAGS
 
 DOVECOT_NSL

diff --git a/m4/dovecot.m4 b/m4/dovecot.m4
@@ -6,7 +6,7 @@ dnl This file is free software; the authors give
 dnl unlimited permission to copy and/or distribute it, with or without
 dnl modifications, as long as this notice is preserved.
 
-# serial 31
+# serial 32
 
 dnl
 dnl Check for support for D_FORTIFY_SOURCE=2
@@ -342,6 +342,27 @@ AC_DEFUN([DC_DOVECOT_HARDENING],[
 	AC_LD_RELRO
 ])
 
+AC_DEFUN([DC_DOVECOT_FUZZER],[
+        AC_ARG_WITH(fuzzer,
+        AS_HELP_STRING([--with-fuzzer=clang], [Build with clang fuzzer (default: no)]),
+                with_fuzzer=$withval,
+                with_fuzzer=no)
+	AS_IF([test x$with_fuzzer = xclang], [
+		CFLAGS="$CFLAGS -fsanitize=fuzzer-no-link"
+		# use $LIB_FUZZING_ENGINE for linking if it exists
+		FUZZER_LDFLAGS=${LIB_FUZZING_ENGINE--fsanitize=fuzzer}
+		# May need to use CXXLINK for linking, which wants sources to
+		# be compiled with -fPIE
+		FUZZER_CPPFLAGS='$(AM_CPPFLAGS) -fPIE -DPIE'
+	], [test x$with_fuzzer != xno], [
+		AC_MSG_ERROR([Unknown fuzzer $with_fuzzer])
+	])
+	AC_SUBST([FUZZER_CPPFLAGS])
+	AC_SUBST([FUZZER_LDFLAGS])
+	AM_CONDITIONAL([USE_FUZZER], [test "x$with_fuzzer" != "xno"])
+
+])
+
 AC_DEFUN([DC_DOVECOT],[
 	AC_ARG_WITH(dovecot,
 	  [  --with-dovecot=DIR      Dovecot base directory],

diff --git a/src/lib-imap/Makefile.am b/src/lib-imap/Makefile.am
@@ -96,3 +96,16 @@ check-local:
 	for bin in $(test_programs); do \
 	  if ! $(RUN_TEST) ./$$bin; then exit 1; fi; \
 	done
+
+if USE_FUZZER
+noinst_PROGRAMS += \
+	fuzz-imap-utf7
+
+nodist_EXTRA_fuzz_imap_utf7_SOURCES = force-cxx-linking.cxx
+fuzz_imap_utf7_SOURCES = fuzz-imap-utf7.c
+fuzz_imap_utf7_CPPFLAGS = $(FUZZER_CPPFLAGS)
+fuzz_imap_utf7_LDFLAGS = $(FUZZER_LDFLAGS)
+fuzz_imap_utf7_LDADD = libimap.la $(test_libs)
+fuzz_imap_utf7_DEPENDENCIES = libimap.la $(test_deps)
+
+endif
diff --git a/src/lib-imap/fuzz-imap-utf7.c b/src/lib-imap/fuzz-imap-utf7.c
@@ -0,0 +1,15 @@
+/* Copyright (c) 2020 Dovecot authors, see the included COPYING file */
+
+#include "lib.h"
+#include "str.h"
+#include "fuzzer.h"
+#include "imap-utf7.h"
+
+FUZZ_BEGIN_STR(const char *str)
+{
+	string_t *dest = t_str_new(32);
+
+	imap_utf8_to_utf7(str, dest);
+	imap_utf7_to_utf8(str, dest);
+}
+FUZZ_END
diff --git a/src/lib-test/Makefile.am b/src/lib-test/Makefile.am
@@ -10,6 +10,7 @@ libtest_la_SOURCES = \
 	test-ostream.c
 
 headers = \
+	fuzzer.h \
 	test-common.h
 
 pkginc_libdir=$(pkgincludedir)

diff --git a/src/lib-test/fuzzer.h b/src/lib-test/fuzzer.h
@@ -0,0 +1,16 @@
+#ifndef FUZZER_H
+#define FUZZER_H
+
+#define FUZZ_BEGIN_DATA(args) \
+	int LLVMFuzzerTestOneInput(args); \
+	int LLVMFuzzerTestOneInput(args) {
+
+#define FUZZ_BEGIN_STR(str_arg) \
+	int LLVMFuzzerTestOneInput(const uint8_t *_param_data, size_t _param_size); \
+	int LLVMFuzzerTestOneInput(const uint8_t *_param_data, size_t _param_size) { \
+		T_BEGIN { str_arg = t_strndup(_param_data, _param_size);
+
+#define FUZZ_END \
+	} T_END; return 0; }
+
+#endif