##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

fuzz: new fuzzer for parsers.fm1readmarkers...
Augie Fackler -
r41053:6a951f53 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,60 b''
1 #include <Python.h>
2 #include <assert.h>
3 #include <stdlib.h>
4 #include <unistd.h>
5
6 #include <string>
7
8 #include "pyutil.h"
9
10 extern "C" {
11
12 static PyCodeObject *code;
13
14 extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
15 {
16 contrib::initpy(*argv[0]);
17 code = (PyCodeObject *)Py_CompileString(R"py(
18 from parsers import fm1readmarkers
19 def maybeint(s, default):
20 try:
21 return int(s)
22 except ValueError:
23 return default
24 try:
25 parts = data.split('\0', 2)
26 if len(parts) == 3:
27 offset, stop, data = parts
28 elif len(parts) == 2:
29 stop, data = parts
30 offset = 0
31 else:
32 offset = stop = 0
33 offset, stop = maybeint(offset, 0), maybeint(stop, len(data))
34 fm1readmarkers(data, offset, stop)
35 except Exception as e:
36 pass
37 # uncomment this print if you're editing this Python code
38 # to debug failures.
39 # print e
40 )py",
41 "fuzzer", Py_file_input);
42 return 0;
43 }
44
45 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
46 {
47 PyObject *text =
48 PyBytes_FromStringAndSize((const char *)Data, (Py_ssize_t)Size);
49 PyObject *locals = PyDict_New();
50 PyDict_SetItemString(locals, "data", text);
51 PyObject *res = PyEval_EvalCode(code, contrib::pyglobals(), locals);
52 if (!res) {
53 PyErr_Print();
54 }
55 Py_XDECREF(res);
56 Py_DECREF(locals);
57 Py_DECREF(text);
58 return 0; // Non-zero return values are reserved for future use.
59 }
60 }
Show file before | Show file after | Hide comments
@@ -0,0 +1,37 b''
1 from __future__ import absolute_import, print_function
2
3 import argparse
4 import os
5 import zipfile
6
7 ap = argparse.ArgumentParser()
8 ap.add_argument("out", metavar="some.zip", type=str, nargs=1)
9 args = ap.parse_args()
10
11 with zipfile.ZipFile(args.out[0], "w", zipfile.ZIP_STORED) as zf:
12 zf.writestr(
13 'smallish_obsstore',
14 (
15 # header: fm1readmarkers should start at offset 1, and
16 # read until byte 597.
17 '1\x00597\x00'
18 # body of obsstore file
19 '\x01\x00\x00\x00vA\xd7\x02+C\x1a<)\x01,\x00\x00\x01\x03\x03\xe6'
20 '\x92\xde)x\x16\xd1Xph\xc7\xa7[\xe5\xe2\x1a\xab\x1e6e\xaf\xc2\xae'
21 '\xe7\xbc\x83\xe1\x88\xa5\xda\xce>O\xbd\x04\xe9\x03\xc4o\xeb\x03'
22 '\x01\t\x05\x04\x1fef18operationamenduserAugie Fackler <raf@duri'
23 'n42.com>\x00\x00\x00vA\xd7\x02-\x8aD\xaf-\x01,\x00\x00\x01\x03\x03'
24 '\x17*\xca\x8f\x9e}i\xe0i\xbb\xdf\x9fb\x03\xd2XG?\xd3h\x98\x89\x1a'
25 '=2\xeb\xc3\xc5<\xb3\x9e\xcc\x0e;#\xee\xc3\x10ux\x03\x01\t\x05\x04'
26 '\x1fef18operationamenduserAugie Fackler <raf@durin42.com>\x00\x00'
27 '\x00vA\xd7\x02Mn\xd9%\xea\x01,\x00\x00\x01\x03\x03\x98\x89\x1a='
28 '2\xeb\xc3\xc5<\xb3\x9e\xcc\x0e;#\xee\xc3\x10ux\xe0*\xcaT\x86Z8J'
29 '\x85)\x97\xff7\xcc)\xc1\x7f\x19\x0c\x01\x03\x01\t\x05\x04\x1fef'
30 '18operationamenduserAugie Fackler <raf@durin42.com>\x00\x00\x00'
31 'yA\xd7\x02MtA\xbfj\x01,\x00\x00\x01\x03\x03\xe0*\xcaT\x86Z8J\x85'
32 ')\x97\xff7\xcc)\xc1\x7f\x19\x0c\x01\x00\x94\x01\xa9\n\xf80\x92\xa3'
33 'j\xc5X\xb1\xc9:\xd51\xb8*\xa9\x03\x01\t\x08\x04\x1fef11operatio'
34 'nhistedituserAugie Fackler <raf@durin42.com>\x00\x00\x00yA\xd7\x02'
35 'MtA\xd4\xe1\x01,\x00\x00\x01\x03\x03"\xa5\xcb\x86\xb6\xf4\xbaO\xa0'
36 'sH\xe7?\xcb\x9b\xc2n\xcfI\x9e\x14\xf0D\xf0!\x18DN\xcd\x97\x016\xa5'
37 '\xef\xa06\xcb\x884\x8a\x03\x01\t\x08\x04\x1fef14operationhisted'))
Show file before | Show file after | Hide comments
@@ -1,157 +1,168 b''
1 1 CC = clang
2 2 CXX = clang++
3 3
4 4 all: bdiff mpatch xdiff
5 5
6 6 fuzzutil.o: fuzzutil.cc fuzzutil.h
7 7 $(CXX) $(CXXFLAGS) -g -O1 \
8 8 -std=c++17 \
9 9 -I../../mercurial -c -o fuzzutil.o fuzzutil.cc
10 10
11 11 fuzzutil-oss-fuzz.o: fuzzutil.cc fuzzutil.h
12 12 $(CXX) $(CXXFLAGS) -std=c++17 \
13 13 -I../../mercurial -c -o fuzzutil-oss-fuzz.o fuzzutil.cc
14 14
15 15 pyutil.o: pyutil.cc pyutil.h
16 16 $(CXX) $(CXXFLAGS) -g -O1 \
17 17 `$$OUT/sanpy/bin/python-config --cflags` \
18 18 -I../../mercurial -c -o pyutil.o pyutil.cc
19 19
20 20 bdiff.o: ../../mercurial/bdiff.c
21 21 $(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \
22 22 ../../mercurial/bdiff.c
23 23
24 24 bdiff: bdiff.cc bdiff.o fuzzutil.o
25 25 $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
26 26 -std=c++17 \
27 27 -I../../mercurial bdiff.cc bdiff.o fuzzutil.o -o bdiff
28 28
29 29 bdiff-oss-fuzz.o: ../../mercurial/bdiff.c
30 30 $(CC) $(CFLAGS) -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c
31 31
32 32 bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o
33 33 $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial bdiff.cc \
34 34 bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \
35 35 $$OUT/bdiff_fuzzer
36 36
37 37 mpatch.o: ../../mercurial/mpatch.c
38 38 $(CC) -g -O1 -fsanitize=fuzzer-no-link,address -c -o mpatch.o \
39 39 ../../mercurial/mpatch.c
40 40
41 41 mpatch: CXXFLAGS += -std=c++17
42 42 mpatch: mpatch.cc mpatch.o fuzzutil.o
43 43 $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
44 44 -I../../mercurial mpatch.cc mpatch.o fuzzutil.o -o mpatch
45 45
46 46 mpatch-oss-fuzz.o: ../../mercurial/mpatch.c
47 47 $(CC) $(CFLAGS) -c -o mpatch-oss-fuzz.o ../../mercurial/mpatch.c
48 48
49 49 mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o
50 50 $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial mpatch.cc \
51 51 mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \
52 52 $$OUT/mpatch_fuzzer
53 53
54 54 mpatch_corpus.zip:
55 55 python mpatch_corpus.py $$OUT/mpatch_fuzzer_seed_corpus.zip
56 56
57 57 x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
58 58 $(CC) -g -O1 -fsanitize=fuzzer-no-link,address -c \
59 59 -o $@ \
60 60 $<
61 61
62 62 xdiff: CXXFLAGS += -std=c++17
63 63 xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o fuzzutil.o
64 64 $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
65 65 -I../../mercurial xdiff.cc \
66 66 xdiffi.o xprepare.o xutils.o fuzzutil.o -o xdiff
67 67
68 68 fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
69 69 $(CC) $(CFLAGS) -c \
70 70 -o $@ \
71 71 $<
72 72
73 73 xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o
74 74 $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial xdiff.cc \
75 75 fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o \
76 76 -lFuzzingEngine -o $$OUT/xdiff_fuzzer
77 77
78 78 # TODO use the $OUT env var instead of hardcoding /out
79 79 /out/sanpy/bin/python:
80 80 cd /Python-2.7.15/ ; ASAN_OPTIONS=detect_leaks=0 ./configure --without-pymalloc --prefix=$$OUT/sanpy CFLAGS="$(CFLAGS)" LINKCC="$($CXX)" LDFLAGS="$(CXXFLAGS)"
81 81 cd /Python-2.7.15/ ; grep -v HAVE_GETC_UNLOCKED < pyconfig.h > tmp && mv tmp pyconfig.h
82 82 cd /Python-2.7.15/ ; ASAN_OPTIONS=detect_leaks=0 make && make install
83 83
84 84 sanpy: /out/sanpy/bin/python
85 85
86 86 manifest.o: sanpy ../../mercurial/cext/manifest.c
87 87 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
88 88 -I../../mercurial \
89 89 -c -o manifest.o ../../mercurial/cext/manifest.c
90 90
91 91 charencode.o: sanpy ../../mercurial/cext/charencode.c
92 92 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
93 93 -I../../mercurial \
94 94 -c -o charencode.o ../../mercurial/cext/charencode.c
95 95
96 96 parsers.o: sanpy ../../mercurial/cext/parsers.c
97 97 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
98 98 -I../../mercurial \
99 99 -c -o parsers.o ../../mercurial/cext/parsers.c
100 100
101 101 dirs.o: sanpy ../../mercurial/cext/dirs.c
102 102 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
103 103 -I../../mercurial \
104 104 -c -o dirs.o ../../mercurial/cext/dirs.c
105 105
106 106 pathencode.o: sanpy ../../mercurial/cext/pathencode.c
107 107 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
108 108 -I../../mercurial \
109 109 -c -o pathencode.o ../../mercurial/cext/pathencode.c
110 110
111 111 revlog.o: sanpy ../../mercurial/cext/revlog.c
112 112 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
113 113 -I../../mercurial \
114 114 -c -o revlog.o ../../mercurial/cext/revlog.c
115 115
116 116 manifest_fuzzer: sanpy manifest.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o
117 117 $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
118 118 -Wno-register -Wno-macro-redefined \
119 119 -I../../mercurial manifest.cc \
120 120 manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \
121 121 -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \
122 122 -o $$OUT/manifest_fuzzer
123 123
124 124 manifest_corpus.zip:
125 125 python manifest_corpus.py $$OUT/manifest_fuzzer_seed_corpus.zip
126 126
127 127 revlog_fuzzer: sanpy revlog.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o
128 128 $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
129 129 -Wno-register -Wno-macro-redefined \
130 130 -I../../mercurial revlog.cc \
131 131 manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \
132 132 -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \
133 133 -o $$OUT/revlog_fuzzer
134 134
135 135 revlog_corpus.zip:
136 136 python revlog_corpus.py $$OUT/revlog_fuzzer_seed_corpus.zip
137 137
138 138 dirstate_fuzzer: sanpy dirstate.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o
139 139 $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
140 140 -Wno-register -Wno-macro-redefined \
141 141 -I../../mercurial dirstate.cc \
142 142 manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \
143 143 -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \
144 144 -o $$OUT/dirstate_fuzzer
145 145
146 146 dirstate_corpus.zip:
147 147 python dirstate_corpus.py $$OUT/dirstate_fuzzer_seed_corpus.zip
148 148
149 fm1readmarkers_fuzzer: sanpy fm1readmarkers.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o
150 $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
151 -Wno-register -Wno-macro-redefined \
152 -I../../mercurial fm1readmarkers.cc \
153 manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \
154 -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \
155 -o $$OUT/fm1readmarkers_fuzzer
156
157 fm1readmarkers_corpus.zip:
158 python fm1readmarkers_corpus.py $$OUT/fm1readmarkers_fuzzer_seed_corpus.zip
159
149 160 clean:
150 161 $(RM) *.o *_fuzzer \
151 162 bdiff \
152 163 mpatch \
153 164 xdiff
154 165
155 oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer manifest_fuzzer manifest_corpus.zip revlog_fuzzer revlog_corpus.zip dirstate_fuzzer dirstate_corpus.zip
166 oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer manifest_fuzzer manifest_corpus.zip revlog_fuzzer revlog_corpus.zip dirstate_fuzzer dirstate_corpus.zip fm1readmarkers_fuzzer fm1readmarkers_corpus.zip
156 167
157 168 .PHONY: all clean oss-fuzz sanpy
General Comments 0
You need to be logged in to leave comments. Login now