Show More
| @@ -0,0 +1,57 b'' | |||
|
|
1 | #include <Python.h> | |
|
|
2 | #include <assert.h> | |
|
|
3 | #include <stdlib.h> | |
|
|
4 | #include <unistd.h> | |
|
|
5 | ||
|
|
6 | #include "pyutil.h" | |
|
|
7 | ||
|
|
8 | #include <fuzzer/FuzzedDataProvider.h> | |
|
|
9 | #include <iostream> | |
|
|
10 | #include <string> | |
|
|
11 | ||
|
|
12 | extern "C" { | |
|
|
13 | ||
|
|
14 | static PyCodeObject *code; | |
|
|
15 | ||
|
|
16 | extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) | |
|
|
17 | { | |
|
|
18 | contrib::initpy(*argv[0]); | |
|
|
19 | code = (PyCodeObject *)Py_CompileString(R"py( | |
|
|
20 | from parsers import jsonescapeu8fast | |
|
|
21 | ||
|
|
22 | try: | |
|
|
23 | jsonescapeu8fast(data, paranoid) | |
|
|
24 | except Exception as e: | |
|
|
25 | pass | |
|
|
26 | # uncomment this print if you're editing this Python code | |
|
|
27 | # to debug failures. | |
|
|
28 | # print(e) | |
|
|
29 | )py", | |
|
|
30 | "fuzzer", Py_file_input); | |
|
|
31 | if (!code) { | |
|
|
32 | std::cerr << "failed to compile Python code!" << std::endl; | |
|
|
33 | } | |
|
|
34 | return 0; | |
|
|
35 | } | |
|
|
36 | ||
|
|
37 | int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) | |
|
|
38 | { | |
|
|
39 | FuzzedDataProvider provider(Data, Size); | |
|
|
40 | bool paranoid = provider.ConsumeBool(); | |
|
|
41 | std::string remainder = provider.ConsumeRemainingBytesAsString(); | |
|
|
42 | ||
|
|
43 | PyObject *mtext = PyBytes_FromStringAndSize( | |
|
|
44 | (const char *)remainder.c_str(), remainder.size()); | |
|
|
45 | PyObject *locals = PyDict_New(); | |
|
|
46 | PyDict_SetItemString(locals, "data", mtext); | |
|
|
47 | PyDict_SetItemString(locals, "paranoid", paranoid ? Py_True : Py_False); | |
|
|
48 | PyObject *res = PyEval_EvalCode(code, contrib::pyglobals(), locals); | |
|
|
49 | if (!res) { | |
|
|
50 | PyErr_Print(); | |
|
|
51 | } | |
|
|
52 | Py_XDECREF(res); | |
|
|
53 | Py_DECREF(locals); | |
|
|
54 | Py_DECREF(mtext); | |
|
|
55 | return 0; // Non-zero return values are reserved for future use. | |
|
|
56 | } | |
|
|
57 | } | |
| @@ -121,6 +121,14 b' fncache_fuzzer: fncache.cc manifest.o ch' | |||
|
|
121 | 121 | -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \ |
|
|
122 | 122 | -o $$OUT/fncache_fuzzer |
|
|
123 | 123 | |
|
|
124 | jsonescapeu8fast_fuzzer: jsonescapeu8fast.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o | |
|
|
125 | $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \ | |
|
|
126 | -Wno-register -Wno-macro-redefined \ | |
|
|
127 | -I../../mercurial jsonescapeu8fast.cc \ | |
|
|
128 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ | |
|
|
129 | -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \ | |
|
|
130 | -o $$OUT/jsonescapeu8fast_fuzzer | |
|
|
131 | ||
|
|
124 | 132 | manifest_corpus.zip: |
|
|
125 | 133 | python manifest_corpus.py $$OUT/manifest_fuzzer_seed_corpus.zip |
|
|
126 | 134 | |
| @@ -171,6 +179,6 b' clean:' | |||
|
|
171 | 179 | mpatch \ |
|
|
172 | 180 | xdiff |
|
|
173 | 181 | |
|
|
174 | oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer dirs_fuzzer fncache_fuzzer manifest_fuzzer manifest_corpus.zip revlog_fuzzer revlog_corpus.zip dirstate_fuzzer dirstate_corpus.zip fm1readmarkers_fuzzer fm1readmarkers_corpus.zip | |
|
|
182 | oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer dirs_fuzzer fncache_fuzzer jsonescapeu8fast_fuzzer manifest_fuzzer manifest_corpus.zip revlog_fuzzer revlog_corpus.zip dirstate_fuzzer dirstate_corpus.zip fm1readmarkers_fuzzer fm1readmarkers_corpus.zip | |
|
|
175 | 183 | |
|
|
176 | 184 | .PHONY: all clean oss-fuzz |
General Comments 0
You need to be logged in to leave comments.
Login now