From: Sergey Bronnikov <sergeyb@tarantool.org> To: tarantool-patches@dev.tarantool.org, o.piskunov@tarantool.org, avtikhon@tarantool.org, alexander.turenko@tarantool.org Subject: [Tarantool-patches] [PATCH v1] Add fuzzers for csv, http_parser and uri modules Date: Thu, 2 Apr 2020 14:48:10 +0300 [thread overview] Message-ID: <20200402114810.GA91040@pony.bronevichok.ru> (raw) GitHub branch: https://github.com/tarantool/tarantool/tree/ligurio/gh-1809-libfuzzer Ticket: #1809 --- cmake/profile.cmake | 5 +++++ src/lib/csv/CMakeLists.txt | 11 +++++++++++ src/lib/csv/test_csv.c | 14 ++++++++++++++ src/lib/http_parser/CMakeLists.txt | 11 +++++++++++ src/lib/http_parser/test_http_parser.c | 22 ++++++++++++++++++++++ src/lib/uri/CMakeLists.txt | 12 ++++++++++++ src/lib/uri/test_uri.c | 22 ++++++++++++++++++++++ 7 files changed, 97 insertions(+) create mode 100644 src/lib/csv/test_csv.c create mode 100644 src/lib/http_parser/test_http_parser.c create mode 100644 src/lib/uri/test_uri.c diff --git a/cmake/profile.cmake b/cmake/profile.cmake index bc4bf67f5..b9fcd7655 100644 --- a/cmake/profile.cmake +++ b/cmake/profile.cmake @@ -42,6 +42,11 @@ else() add_definitions(-DNVALGRIND=1) endif() +option(ENABLE_FUZZER "Enable fuzzing testing" OFF) +if (ENABLE_FUZZER) + set(TESTING_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/Testing") +endif () + option(ENABLE_ASAN "Enable AddressSanitizer, a fast memory error detector based on compiler instrumentation" OFF) if (ENABLE_ASAN) if (CMAKE_COMPILER_IS_GNUCC) diff --git a/src/lib/csv/CMakeLists.txt b/src/lib/csv/CMakeLists.txt index 3580e4da2..d5a3ed1f6 100644 --- a/src/lib/csv/CMakeLists.txt +++ b/src/lib/csv/CMakeLists.txt @@ -4,3 +4,14 @@ set(lib_sources set_source_files_compile_flags(${lib_sources}) add_library(csv STATIC ${lib_sources}) + +if (ENABLE_FUZZER AND CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(TestName "test_csv") + add_executable(${TestName} ${TestName}.c) + set_target_properties(${TestName} + PROPERTIES + COMPILE_FLAGS "-fsanitize=fuzzer,address -g -O1" + LINK_FLAGS "-fsanitize=fuzzer,address") + target_link_libraries(${TestName} PRIVATE csv) + set_target_properties(${TestName} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${TESTING_OUTPUT_DIRECTORY}") +endif () diff --git a/src/lib/csv/test_csv.c b/src/lib/csv/test_csv.c new file mode 100644 index 000000000..ea4973cb0 --- /dev/null +++ b/src/lib/csv/test_csv.c @@ -0,0 +1,14 @@ +#include <stdint.h> +#include <stddef.h> +#include "csv.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct csv csv; + csv_create(&csv); + char *end = (char*)data + size; + csv_parse_chunk(&csv, (const char*)data, end); + csv_finish_parsing(&csv); + csv_destroy(&csv); + + return 0; +} diff --git a/src/lib/http_parser/CMakeLists.txt b/src/lib/http_parser/CMakeLists.txt index a48f83cb6..7af922fbb 100644 --- a/src/lib/http_parser/CMakeLists.txt +++ b/src/lib/http_parser/CMakeLists.txt @@ -1 +1,12 @@ add_library(http_parser STATIC http_parser.c) + +if (ENABLE_FUZZER AND CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(TestName "test_http_parser") + add_executable(${TestName} ${TestName}.c) + set_target_properties(${TestName} + PROPERTIES + COMPILE_FLAGS "-fsanitize=fuzzer,address -g -O1" + LINK_FLAGS "-fsanitize=fuzzer,address") + target_link_libraries(${TestName} PRIVATE http_parser) + set_target_properties(${TestName} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${TESTING_OUTPUT_DIRECTORY}") +endif () diff --git a/src/lib/http_parser/test_http_parser.c b/src/lib/http_parser/test_http_parser.c new file mode 100644 index 000000000..a189e71e9 --- /dev/null +++ b/src/lib/http_parser/test_http_parser.c @@ -0,0 +1,22 @@ +#include <stdlib.h> +#include <stdint.h> +#include <stddef.h> +#include "http_parser.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct http_parser parser; + char *buf = (char*)data; + http_parser_create(&parser); + parser.hdr_name = (char *)calloc((int)size, sizeof(char)); + if (parser.hdr_name == NULL) { + return -1; + } + char *end_buf = buf + size; + int rc = http_parse_header_line(&parser, &buf, end_buf, size); + free(parser.hdr_name); + if (rc != 0) { + return rc; + } + + return 0; +} diff --git a/src/lib/uri/CMakeLists.txt b/src/lib/uri/CMakeLists.txt index 96410e5bf..77f5c5d57 100644 --- a/src/lib/uri/CMakeLists.txt +++ b/src/lib/uri/CMakeLists.txt @@ -8,3 +8,15 @@ if (CC_HAS_WNO_IMPLICIT_FALLTHROUGH) -Wno-implicit-fallthrough) endif() add_library(uri STATIC uri.c) + +if (ENABLE_FUZZER AND CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(TestName "test_uri") + add_executable(${TestName} ${TestName}.c) + add_compile_options(-fsanitize=fuzzer,address -g -O1) + set_target_properties(${TestName} + PROPERTIES + COMPILE_FLAGS "-fsanitize=fuzzer,address -g -O1" + LINK_FLAGS "-fsanitize=fuzzer,address") + target_link_libraries(${TestName} PRIVATE uri) + set_target_properties(${TestName} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${TESTING_OUTPUT_DIRECTORY}") +endif () diff --git a/src/lib/uri/test_uri.c b/src/lib/uri/test_uri.c new file mode 100644 index 000000000..ad8db6ef2 --- /dev/null +++ b/src/lib/uri/test_uri.c @@ -0,0 +1,22 @@ +#include <stdlib.h> +#include <stdint.h> +#include <stddef.h> +#include <string.h> +#include "uri.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + char *buf = calloc(size, sizeof(char*)); + if (!buf) { + return -1; + } + strncpy(buf, (char*)data, size); + buf[size] = '\0'; + struct uri uri; + int rc = uri_parse(&uri, buf); + free(buf); + if (rc != 0) { + return rc; + } + + return 0; +} -- 2.23.0 -- sergeyb@
reply other threads:[~2020-04-02 11:48 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200402114810.GA91040@pony.bronevichok.ru \ --to=sergeyb@tarantool.org \ --cc=alexander.turenko@tarantool.org \ --cc=avtikhon@tarantool.org \ --cc=o.piskunov@tarantool.org \ --cc=tarantool-patches@dev.tarantool.org \ --subject='Re: [Tarantool-patches] [PATCH v1] Add fuzzers for csv, http_parser and uri modules' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox