DO NOT MERGE [WIP]

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
cgzones · Jun 15, 2022 · 725559a · 725559a
1 parent 17b9687
commit 725559a
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -25,3 +25,8 @@ cscope.*
 .*.swp
 # Failsafes
 !.gitignore
+
+corpus_dir/
+out/
+DESTDIR/
+fuzz-*.log
diff --git a/checkpolicy/fuzz/checkpolicy-fuzzer.c b/checkpolicy/fuzz/checkpolicy-fuzzer.c
@@ -119,6 +119,19 @@ static int read_source_policy(policydb_t *p, const uint8_t *data, size_t size)
 	return 0;
 }
 
+static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg __attribute__ ((unused)))
+{
+	level_datum_t *levdatum = (level_datum_t *) datum;
+
+	if (!levdatum->isalias && !levdatum->defined) {
+		fprintf(stderr,
+			"Error:  sensitivity %s was not used in a level definition!\n",
+			key);
+		abort();
+	}
+	return 0;
+}
+
 static int write_binary_policy(policydb_t *p, FILE *outfp)
 {
 	struct policy_file pf;
@@ -149,6 +162,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	if (read_source_policy(&parsepolicydb, data, size))
 		goto exit;
 
+	(void) hashtab_map(parsepolicydb.p_levels.table, check_level, NULL);
+
 	if (hierarchy_check_constraints(NULL, &parsepolicydb))
 		goto exit;