Show More
| @@ -0,0 +1,49 b'' | |||||
|
|
1 | #include "pyutil.h" | |||
|
|
2 | ||||
|
|
3 | #include <string> | |||
|
|
4 | ||||
|
|
5 | namespace contrib | |||
|
|
6 | { | |||
|
|
7 | ||||
|
|
8 | static char cpypath[8192] = "\0"; | |||
|
|
9 | ||||
|
|
10 | static PyObject *mainmod; | |||
|
|
11 | static PyObject *globals; | |||
|
|
12 | ||||
|
|
13 | /* TODO: use Python 3 for this fuzzing? */ | |||
|
|
14 | PyMODINIT_FUNC initparsers(void); | |||
|
|
15 | ||||
|
|
16 | void initpy(const char *cselfpath) | |||
|
|
17 | { | |||
|
|
18 | const std::string subdir = "/sanpy/lib/python2.7"; | |||
|
|
19 | /* HACK ALERT: we need a full Python installation built without | |||
|
|
20 | pymalloc and with ASAN, so we dump one in | |||
|
|
21 | $OUT/sanpy/lib/python2.7. This helps us wire that up. */ | |||
|
|
22 | std::string selfpath(cselfpath); | |||
|
|
23 | std::string pypath; | |||
|
|
24 | auto pos = selfpath.rfind("/"); | |||
|
|
25 | if (pos == std::string::npos) { | |||
|
|
26 | char wd[8192]; | |||
|
|
27 | getcwd(wd, 8192); | |||
|
|
28 | pypath = std::string(wd) + subdir; | |||
|
|
29 | } else { | |||
|
|
30 | pypath = selfpath.substr(0, pos) + subdir; | |||
|
|
31 | } | |||
|
|
32 | strncpy(cpypath, pypath.c_str(), pypath.size()); | |||
|
|
33 | setenv("PYTHONPATH", cpypath, 1); | |||
|
|
34 | setenv("PYTHONNOUSERSITE", "1", 1); | |||
|
|
35 | /* prevent Python from looking up users in the fuzz environment */ | |||
|
|
36 | setenv("PYTHONUSERBASE", cpypath, 1); | |||
|
|
37 | Py_SetPythonHome(cpypath); | |||
|
|
38 | Py_InitializeEx(0); | |||
|
|
39 | mainmod = PyImport_AddModule("__main__"); | |||
|
|
40 | globals = PyModule_GetDict(mainmod); | |||
|
|
41 | initparsers(); | |||
|
|
42 | } | |||
|
|
43 | ||||
|
|
44 | PyObject *pyglobals() | |||
|
|
45 | { | |||
|
|
46 | return globals; | |||
|
|
47 | } | |||
|
|
48 | ||||
|
|
49 | } // namespace contrib | |||
| @@ -0,0 +1,9 b'' | |||||
|
|
1 | #include <Python.h> | |||
|
|
2 | ||||
|
|
3 | namespace contrib | |||
|
|
4 | { | |||
|
|
5 | ||||
|
|
6 | void initpy(const char *cselfpath); | |||
|
|
7 | PyObject *pyglobals(); | |||
|
|
8 | ||||
|
|
9 | } /* namespace contrib */ | |||
| @@ -12,6 +12,11 b' fuzzutil-oss-fuzz.o: fuzzutil.cc fuzzuti' | |||||
| 12 | $(CXX) $(CXXFLAGS) -std=c++17 \ |
|
12 | $(CXX) $(CXXFLAGS) -std=c++17 \ | |
| 13 | -I../../mercurial -c -o fuzzutil-oss-fuzz.o fuzzutil.cc |
|
13 | -I../../mercurial -c -o fuzzutil-oss-fuzz.o fuzzutil.cc | |
| 14 |
|
14 | |||
|
|
15 | pyutil.o: pyutil.cc pyutil.h | |||
|
|
16 | $(CXX) $(CXXFLAGS) -g -O1 \ | |||
|
|
17 | `$$OUT/sanpy/bin/python-config --cflags` \ | |||
|
|
18 | -I../../mercurial -c -o pyutil.o pyutil.cc | |||
|
|
19 | ||||
| 15 | bdiff.o: ../../mercurial/bdiff.c |
|
20 | bdiff.o: ../../mercurial/bdiff.c | |
| 16 | $(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \ |
|
21 | $(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \ | |
| 17 | ../../mercurial/bdiff.c |
|
22 | ../../mercurial/bdiff.c | |
| @@ -108,11 +113,11 b' revlog.o: sanpy ../../mercurial/cext/rev' | |||||
| 108 | -I../../mercurial \ |
|
113 | -I../../mercurial \ | |
| 109 | -c -o revlog.o ../../mercurial/cext/revlog.c |
|
114 | -c -o revlog.o ../../mercurial/cext/revlog.c | |
| 110 |
|
115 | |||
| 111 | manifest_fuzzer: sanpy manifest.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o |
|
116 | manifest_fuzzer: sanpy manifest.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o | |
| 112 | $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \ |
|
117 | $(CXX) $(CXXFLAGS) `$$OUT/sanpy/bin/python-config --cflags` \ | |
| 113 | -Wno-register -Wno-macro-redefined \ |
|
118 | -Wno-register -Wno-macro-redefined \ | |
| 114 | -I../../mercurial manifest.cc \ |
|
119 | -I../../mercurial manifest.cc \ | |
| 115 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o \ |
|
120 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ | |
| 116 | -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \ |
|
121 | -lFuzzingEngine `$$OUT/sanpy/bin/python-config --ldflags` \ | |
| 117 | -o $$OUT/manifest_fuzzer |
|
122 | -o $$OUT/manifest_fuzzer | |
| 118 |
|
123 | |||
| @@ -3,43 +3,17 b'' | |||||
| 3 | #include <stdlib.h> |
|
3 | #include <stdlib.h> | |
| 4 | #include <unistd.h> |
|
4 | #include <unistd.h> | |
| 5 |
|
5 | |||
|
|
6 | #include "pyutil.h" | |||
|
|
7 | ||||
| 6 | #include <string> |
|
8 | #include <string> | |
| 7 |
|
9 | |||
| 8 | extern "C" { |
|
10 | extern "C" { | |
| 9 |
|
11 | |||
| 10 | /* TODO: use Python 3 for this fuzzing? */ |
|
|||
| 11 | PyMODINIT_FUNC initparsers(void); |
|
|||
| 12 |
|
||||
| 13 | static char cpypath[8192] = "\0"; |
|
|||
| 14 |
|
||||
| 15 | static PyCodeObject *code; |
|
12 | static PyCodeObject *code; | |
| 16 | static PyObject *mainmod; |
|
|||
| 17 | static PyObject *globals; |
|
|||
| 18 |
|
13 | |||
| 19 | extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) |
|
14 | extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) | |
| 20 | { |
|
15 | { | |
| 21 | const std::string subdir = "/sanpy/lib/python2.7"; |
|
16 | contrib::initpy(*argv[0]); | |
| 22 | /* HACK ALERT: we need a full Python installation built without |
|
|||
| 23 | pymalloc and with ASAN, so we dump one in |
|
|||
| 24 | $OUT/sanpy/lib/python2.7. This helps us wire that up. */ |
|
|||
| 25 | std::string selfpath(*argv[0]); |
|
|||
| 26 | std::string pypath; |
|
|||
| 27 | auto pos = selfpath.rfind("/"); |
|
|||
| 28 | if (pos == std::string::npos) { |
|
|||
| 29 | char wd[8192]; |
|
|||
| 30 | getcwd(wd, 8192); |
|
|||
| 31 | pypath = std::string(wd) + subdir; |
|
|||
| 32 | } else { |
|
|||
| 33 | pypath = selfpath.substr(0, pos) + subdir; |
|
|||
| 34 | } |
|
|||
| 35 | strncpy(cpypath, pypath.c_str(), pypath.size()); |
|
|||
| 36 | setenv("PYTHONPATH", cpypath, 1); |
|
|||
| 37 | setenv("PYTHONNOUSERSITE", "1", 1); |
|
|||
| 38 | /* prevent Python from looking up users in the fuzz environment */ |
|
|||
| 39 | setenv("PYTHONUSERBASE", cpypath, 1); |
|
|||
| 40 | Py_SetPythonHome(cpypath); |
|
|||
| 41 | Py_InitializeEx(0); |
|
|||
| 42 | initparsers(); |
|
|||
| 43 | code = (PyCodeObject *)Py_CompileString(R"py( |
|
17 | code = (PyCodeObject *)Py_CompileString(R"py( | |
| 44 | from parsers import lazymanifest |
|
18 | from parsers import lazymanifest | |
| 45 | try: |
|
19 | try: | |
| @@ -60,8 +34,6 b' except Exception as e:' | |||||
| 60 | # print e |
|
34 | # print e | |
| 61 | )py", |
|
35 | )py", | |
| 62 | "fuzzer", Py_file_input); |
|
36 | "fuzzer", Py_file_input); | |
| 63 | mainmod = PyImport_AddModule("__main__"); |
|
|||
| 64 | globals = PyModule_GetDict(mainmod); |
|
|||
| 65 | return 0; |
|
37 | return 0; | |
| 66 | } |
|
38 | } | |
| 67 |
|
39 | |||
| @@ -71,7 +43,7 b' int LLVMFuzzerTestOneInput(const uint8_t' | |||||
| 71 | PyBytes_FromStringAndSize((const char *)Data, (Py_ssize_t)Size); |
|
43 | PyBytes_FromStringAndSize((const char *)Data, (Py_ssize_t)Size); | |
| 72 | PyObject *locals = PyDict_New(); |
|
44 | PyObject *locals = PyDict_New(); | |
| 73 | PyDict_SetItemString(locals, "mdata", mtext); |
|
45 | PyDict_SetItemString(locals, "mdata", mtext); | |
| 74 | PyObject *res = PyEval_EvalCode(code, globals, locals); |
|
46 | PyObject *res = PyEval_EvalCode(code, contrib::pyglobals(), locals); | |
| 75 | if (!res) { |
|
47 | if (!res) { | |
| 76 | PyErr_Print(); |
|
48 | PyErr_Print(); | |
| 77 | } |
|
49 | } | |
General Comments 0
You need to be logged in to leave comments.
Login now