[libsoup/wip/fuzzing: 1/3] Add basic fuzzing support
- From: Patrick Griffis <pgriffis src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libsoup/wip/fuzzing: 1/3] Add basic fuzzing support
- Date: Tue, 15 Dec 2020 23:43:44 +0000 (UTC)
commit 355053e8a9d5f7d4d54c6900764cbec77c771289
Author: Patrick Griffis <pgriffis igalia com>
Date: Tue Dec 15 17:42:40 2020 -0600
Add basic fuzzing support
.gitlab-ci.yml | 12 ++++++++++++
fuzzing/fuzz.h | 21 +++++++++++++++++++++
fuzzing/fuzz_data_uri.c | 19 +++++++++++++++++++
fuzzing/fuzz_data_uri.dict | 1 +
fuzzing/meson.build | 41 +++++++++++++++++++++++++++++++++++++++++
meson.build | 2 +-
meson_options.txt | 6 ++++++
7 files changed, 101 insertions(+), 1 deletion(-)
---
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5f73e929..45a7c59a 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -58,6 +58,18 @@ fedora-asan:
paths:
- "_build/meson-logs/testlog.txt"
+fedora-fuzzing:
+ stage: build
+ variables:
+ CC=clang
+ script:
+ - meson _build -Dauto-features=enabled -Dfuzzing=enabled -Dintrospection=disabled -Dvapi=disabled
+ - meson test -C _build --suite=fuzzing
+ artifacts:
+ when: on_failure
+ paths:
+ - _build/meson-logs/
+
reference:
stage: docs
variables:
diff --git a/fuzzing/fuzz.h b/fuzzing/fuzz.h
new file mode 100644
index 00000000..0d380285
--- /dev/null
+++ b/fuzzing/fuzz.h
@@ -0,0 +1,21 @@
+#include "libsoup/soup.h"
+
+int LLVMFuzzerTestOneInput (const unsigned char *data, size_t size);
+
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+static GLogWriterOutput
+empty_logging_func (GLogLevelFlags log_level, const GLogField *fields,
+ gsize n_fields, gpointer user_data)
+{
+ return G_LOG_WRITER_HANDLED;
+}
+#endif
+
+/* Disables logging for oss-fuzz. Must be used with each target. */
+static void
+fuzz_set_logging_func (void)
+{
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ g_log_set_writer_func (empty_logging_func, NULL, NULL);
+#endif
+}
diff --git a/fuzzing/fuzz_data_uri.c b/fuzzing/fuzz_data_uri.c
new file mode 100644
index 00000000..97e0369f
--- /dev/null
+++ b/fuzzing/fuzz_data_uri.c
@@ -0,0 +1,19 @@
+#include "fuzz.h"
+
+int
+LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
+{
+ GBytes *bytes;
+ char *data_uri;
+
+ fuzz_set_logging_func ();
+
+ data_uri = g_strdup_printf ("data:%.*s", (int)size, data);
+ // g_print("%s", data_uri);
+ bytes = soup_uri_decode_data_uri (data_uri, NULL);
+
+ g_clear_pointer (&bytes, g_bytes_unref);
+ g_free (data_uri);
+
+ return 0;
+}
\ No newline at end of file
diff --git a/fuzzing/fuzz_data_uri.dict b/fuzzing/fuzz_data_uri.dict
new file mode 100644
index 00000000..f56a8627
--- /dev/null
+++ b/fuzzing/fuzz_data_uri.dict
@@ -0,0 +1 @@
+";base64"
\ No newline at end of file
diff --git a/fuzzing/meson.build b/fuzzing/meson.build
new file mode 100644
index 00000000..1840a087
--- /dev/null
+++ b/fuzzing/meson.build
@@ -0,0 +1,41 @@
+fs = import('fs')
+
+fuzz_targets = [
+ 'fuzz_data_uri',
+]
+
+fuzzing_args = '-fsanitize=fuzzer,address,undefined'
+have_fuzzing = cc.has_argument(fuzzing_args)
+fuzzing_feature = get_option('fuzzing')
+
+if not have_fuzzing and fuzzing_feature.enabled()
+ error('clang and libfuzz are required for fuzzing')
+endif
+
+if have_fuzzing and (fuzzing_feature.enabled() or fuzzing_feature.auto())
+ foreach target : fuzz_targets
+ exe = executable(target, [target + '.c'],
+ c_args : [fuzzing_args, '-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION'],
+ link_args : fuzzing_args,
+ dependencies : libsoup_dep,
+ )
+
+ extra_args = []
+ dict_file = join_paths(meson.current_source_dir(), target + '.dict')
+ if fs.exists(dict_file)
+ extra_args += '-dict=' + dict_file
+ endif
+
+ test(target, exe,
+ args: [
+ '-runs=1000000',
+ '-timeout=100',
+ '-jobs=8',
+ '-artifact_prefix=meson-logs/'
+ ] + extra_args,
+ suite: 'fuzzing',
+ timeout: 100,
+ priority: -1,
+ )
+ endforeach
+endif
\ No newline at end of file
diff --git a/meson.build b/meson.build
index 6564856c..53fd812f 100644
--- a/meson.build
+++ b/meson.build
@@ -1,6 +1,6 @@
project('libsoup', 'c',
version: '2.91.0',
- meson_version : '>=0.50',
+ meson_version : '>= 0.53',
license : 'LGPL2',
default_options : 'c_std=c99')
diff --git a/meson_options.txt b/meson_options.txt
index 6eab71ac..3a7bae5c 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -70,3 +70,9 @@ option('sysprof',
value: 'auto',
description: 'enable sysprof-capture support for profiling'
)
+
+option('fuzzing',
+ type: 'feature',
+ value: 'disabled',
+ description: 'enable fuzzing support'
+)
\ No newline at end of file
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]