##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

fuzz: new fuzzer for revlog's parse_index2 method...
Augie Fackler -
r41050:c06f0ef9 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,47
1 #include <Python.h>
2 #include <assert.h>
3 #include <stdlib.h>
4 #include <unistd.h>
5
6 #include <string>
7
8 #include "pyutil.h"
9
10 extern "C" {
11
12 static PyCodeObject *code;
13
14 extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
15 {
16 contrib::initpy(*argv[0]);
17 code = (PyCodeObject *)Py_CompileString(R"py(
18 from parsers import parse_index2
19 for inline in (True, False):
20 try:
21 index, cache = parse_index2(data, inline)
22 except Exception as e:
23 pass
24 # uncomment this print if you're editing this Python code
25 # to debug failures.
26 # print e
27 )py",
28 "fuzzer", Py_file_input);
29 return 0;
30 }
31
32 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
33 {
34 PyObject *text =
35 PyBytes_FromStringAndSize((const char *)Data, (Py_ssize_t)Size);
36 PyObject *locals = PyDict_New();
37 PyDict_SetItemString(locals, "data", text);
38 PyObject *res = PyEval_EvalCode(code, contrib::pyglobals(), locals);
39 if (!res) {
40 PyErr_Print();
41 }
42 Py_XDECREF(res);
43 Py_DECREF(locals);
44 Py_DECREF(text);
45 return 0; // Non-zero return values are reserved for future use.
46 }
47 }
Show file before | Show file after | Hide comments
@@ -0,0 +1,28
1 from __future__ import absolute_import, print_function
2
3 import argparse
4 import os
5 import zipfile
6
7 ap = argparse.ArgumentParser()
8 ap.add_argument("out", metavar="some.zip", type=str, nargs=1)
9 args = ap.parse_args()
10
11 reporoot = os.path.normpath(os.path.join(os.path.dirname(__file__),
12 '..', '..'))
13 # typically a standalone index
14 changelog = os.path.join(reporoot, '.hg', 'store', '00changelog.i')
15 # an inline revlog with only a few revisions
16 contributing = os.path.join(
17 reporoot, '.hg', 'store', 'data', 'contrib', 'fuzz', 'mpatch.cc.i')
18
19 print(changelog, os.path.exists(changelog))
20 print(contributing, os.path.exists(contributing))
21
22 with zipfile.ZipFile(args.out[0], "w", zipfile.ZIP_STORED) as zf:
23 if os.path.exists(changelog):
24 with open(changelog) as f:
25 zf.writestr("00changelog.i", f.read())
26 if os.path.exists(contributing):
27 with open(contributing) as f:
28 zf.writestr("contributing.i", f.read())
Show file before | Show file after | Hide comments
@@ -1,135 +1,146
1 1 CC = clang
2 2 CXX = clang++
3 3
4 4 all: bdiff mpatch xdiff
5 5
6 6 fuzzutil.o: fuzzutil.cc fuzzutil.h
7 7 $(CXX) $(CXXFLAGS) -g -O1 \
8 8 -std=c++17 \
9 9 -I../../mercurial -c -o fuzzutil.o fuzzutil.cc
10 10
11 11 fuzzutil-oss-fuzz.o: fuzzutil.cc fuzzutil.h
12 12 $(CXX) $(CXXFLAGS) -std=c++17 \
13 13 -I../../mercurial -c -o fuzzutil-oss-fuzz.o fuzzutil.cc
14 14
15 15 pyutil.o: pyutil.cc pyutil.h
16 16 $(CXX) $(CXXFLAGS) -g -O1 \
17 17 `$$OUT/sanpy/bin/python-config --cflags` \
18 18 -I../../mercurial -c -o pyutil.o pyutil.cc
19 19
20 20 bdiff.o: ../../mercurial/bdiff.c
21 21 $(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \
22 22 ../../mercurial/bdiff.c
23 23
24 24 bdiff: bdiff.cc bdiff.o fuzzutil.o
25 25 $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
26 26 -std=c++17 \
27 27 -I../../mercurial bdiff.cc bdiff.o fuzzutil.o -o bdiff
28 28
29 29 bdiff-oss-fuzz.o: ../../mercurial/bdiff.c
30 30 $(CC) $(CFLAGS) -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c
31 31
32 32 bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o
33 33 $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial bdiff.cc \
34 34 bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \
35 35 $$OUT/bdiff_fuzzer
36 36
37 37 mpatch.o: ../../mercurial/mpatch.c
38 38 $(CC) -g -O1 -fsanitize=fuzzer-no-link,address -c -o mpatch.o \
39 39 ../../mercurial/mpatch.c
40 40
41 41 mpatch: CXXFLAGS += -std=c++17
42 42 mpatch: mpatch.cc mpatch.o fuzzutil.o
43 43 $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
44 44 -I../../mercurial mpatch.cc mpatch.o fuzzutil.o -o mpatch
45 45
46 46 mpatch-oss-fuzz.o: ../../mercurial/mpatch.c
47 47 $(CC) $(CFLAGS) -c -o mpatch-oss-fuzz.o ../../mercurial/mpatch.c
48 48
49 49 mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o
50 50 $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial mpatch.cc \
51 51 mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \
52 52 $$OUT/mpatch_fuzzer
53 53
54 54 mpatch_corpus.zip:
55 55 python mpatch_corpus.py $$OUT/mpatch_fuzzer_seed_corpus.zip
56 56
57 57 x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
58 58 $(CC) -g -O1 -fsanitize=fuzzer-no-link,address -c \
59 59 -o $@ \
60 60 $<
61 61
62 62 xdiff: CXXFLAGS += -std=c++17
63 63 xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o fuzzutil.o
64 64 $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
65 65 -I../../mercurial xdiff.cc \
66 66 xdiffi.o xprepare.o xutils.o fuzzutil.o -o xdiff
67 67
68 68 fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
69 69 $(CC) $(CFLAGS) -c \
70 70 -o $@ \
71 71 $<
72 72
73 73 xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o
74 74 $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial xdiff.cc \
75 75 fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o \
76 76 -lFuzzingEngine -o $$OUT/xdiff_fuzzer
77 77
78 78 # TODO use the $OUT env var instead of hardcoding /out
79 79 /out/sanpy/bin/python:
80 80 cd /Python-2.7.15/ ; ASAN_OPTIONS=detect_leaks=0 ./configure --without-pymalloc --prefix=$$OUT/sanpy CFLAGS="$(CFLAGS)" LINKCC="$($CXX)" LDFLAGS="$(CXXFLAGS)"
81 81 cd /Python-2.7.15/ ; grep -v HAVE_GETC_UNLOCKED < pyconfig.h > tmp && mv tmp pyconfig.h
82 82 cd /Python-2.7.15/ ; ASAN_OPTIONS=detect_leaks=0 make && make install
83 83
84 84 sanpy: /out/sanpy/bin/python
85 85
86 86 manifest.o: sanpy ../../mercurial/cext/manifest.c
87 87 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
88 88 -I../../mercurial \
89 89 -c -o manifest.o ../../mercurial/cext/manifest.c
90 90
91 91 charencode.o: sanpy ../../mercurial/cext/charencode.c
92 92 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
93 93 -I../../mercurial \
94 94 -c -o charencode.o ../../mercurial/cext/charencode.c
95 95
96 96 parsers.o: sanpy ../../mercurial/cext/parsers.c
97 97 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
98 98 -I../../mercurial \
99 99 -c -o parsers.o ../../mercurial/cext/parsers.c
100 100
101 101 dirs.o: sanpy ../../mercurial/cext/dirs.c
102 102 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
103 103 -I../../mercurial \
104 104 -c -o dirs.o ../../mercurial/cext/dirs.c
105 105
106 106 pathencode.o: sanpy ../../mercurial/cext/pathencode.c
107 107 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
108 108 -I../../mercurial \
109 109 -c -o pathencode.o ../../mercurial/cext/pathencode.c
110 110
111 111 revlog.o: sanpy ../../mercurial/cext/revlog.c
112 112 $(CC) $(CFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
113 113 -I../../mercurial \
114 114 -c -o revlog.o ../../mercurial/cext/revlog.c
115 115
116 116 manifest_fuzzer: sanpy manifest.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o
117 117 $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
118 118 -Wno-register -Wno-macro-redefined \
119 119 -I../../mercurial manifest.cc \
120 120 manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \
121 121 -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \
122 122 -o $$OUT/manifest_fuzzer
123 123
124 124 manifest_corpus.zip:
125 125 python manifest_corpus.py $$OUT/manifest_fuzzer_seed_corpus.zip
126 126
127 revlog_fuzzer: sanpy revlog.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o
128 $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \
129 -Wno-register -Wno-macro-redefined \
130 -I../../mercurial revlog.cc \
131 manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \
132 -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \
133 -o $$OUT/revlog_fuzzer
134
135 revlog_corpus.zip:
136 python revlog_corpus.py $$OUT/revlog_fuzzer_seed_corpus.zip
137
127 138 clean:
128 139 $(RM) *.o *_fuzzer \
129 140 bdiff \
130 141 mpatch \
131 142 xdiff
132 143
133 oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer manifest_fuzzer manifest_corpus.zip
144 oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer manifest_fuzzer manifest_corpus.zip revlog_fuzzer revlog_corpus.zip
134 145
135 146 .PHONY: all clean oss-fuzz sanpy
General Comments 0
You need to be logged in to leave comments. Login now