From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp15.mail.ru (smtp15.mail.ru [94.100.176.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id B0D6E4696C3 for ; Thu, 2 Apr 2020 14:48:15 +0300 (MSK) Date: Thu, 2 Apr 2020 14:48:10 +0300 From: Sergey Bronnikov Message-ID: <20200402114810.GA91040@pony.bronevichok.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Subject: [Tarantool-patches] [PATCH v1] Add fuzzers for csv, http_parser and uri modules List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: tarantool-patches@dev.tarantool.org, o.piskunov@tarantool.org, avtikhon@tarantool.org, alexander.turenko@tarantool.org GitHub branch: https://github.com/tarantool/tarantool/tree/ligurio/gh-1809-libfuzzer Ticket: #1809 --- cmake/profile.cmake | 5 +++++ src/lib/csv/CMakeLists.txt | 11 +++++++++++ src/lib/csv/test_csv.c | 14 ++++++++++++++ src/lib/http_parser/CMakeLists.txt | 11 +++++++++++ src/lib/http_parser/test_http_parser.c | 22 ++++++++++++++++++++++ src/lib/uri/CMakeLists.txt | 12 ++++++++++++ src/lib/uri/test_uri.c | 22 ++++++++++++++++++++++ 7 files changed, 97 insertions(+) create mode 100644 src/lib/csv/test_csv.c create mode 100644 src/lib/http_parser/test_http_parser.c create mode 100644 src/lib/uri/test_uri.c diff --git a/cmake/profile.cmake b/cmake/profile.cmake index bc4bf67f5..b9fcd7655 100644 --- a/cmake/profile.cmake +++ b/cmake/profile.cmake @@ -42,6 +42,11 @@ else() add_definitions(-DNVALGRIND=1) endif() +option(ENABLE_FUZZER "Enable fuzzing testing" OFF) +if (ENABLE_FUZZER) + set(TESTING_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/Testing") +endif () + option(ENABLE_ASAN "Enable AddressSanitizer, a fast memory error detector based on compiler instrumentation" OFF) if (ENABLE_ASAN) if (CMAKE_COMPILER_IS_GNUCC) diff --git a/src/lib/csv/CMakeLists.txt b/src/lib/csv/CMakeLists.txt index 3580e4da2..d5a3ed1f6 100644 --- a/src/lib/csv/CMakeLists.txt +++ b/src/lib/csv/CMakeLists.txt @@ -4,3 +4,14 @@ set(lib_sources set_source_files_compile_flags(${lib_sources}) add_library(csv STATIC ${lib_sources}) + +if (ENABLE_FUZZER AND CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(TestName "test_csv") + add_executable(${TestName} ${TestName}.c) + set_target_properties(${TestName} + PROPERTIES + COMPILE_FLAGS "-fsanitize=fuzzer,address -g -O1" + LINK_FLAGS "-fsanitize=fuzzer,address") + target_link_libraries(${TestName} PRIVATE csv) + set_target_properties(${TestName} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${TESTING_OUTPUT_DIRECTORY}") +endif () diff --git a/src/lib/csv/test_csv.c b/src/lib/csv/test_csv.c new file mode 100644 index 000000000..ea4973cb0 --- /dev/null +++ b/src/lib/csv/test_csv.c @@ -0,0 +1,14 @@ +#include +#include +#include "csv.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct csv csv; + csv_create(&csv); + char *end = (char*)data + size; + csv_parse_chunk(&csv, (const char*)data, end); + csv_finish_parsing(&csv); + csv_destroy(&csv); + + return 0; +} diff --git a/src/lib/http_parser/CMakeLists.txt b/src/lib/http_parser/CMakeLists.txt index a48f83cb6..7af922fbb 100644 --- a/src/lib/http_parser/CMakeLists.txt +++ b/src/lib/http_parser/CMakeLists.txt @@ -1 +1,12 @@ add_library(http_parser STATIC http_parser.c) + +if (ENABLE_FUZZER AND CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(TestName "test_http_parser") + add_executable(${TestName} ${TestName}.c) + set_target_properties(${TestName} + PROPERTIES + COMPILE_FLAGS "-fsanitize=fuzzer,address -g -O1" + LINK_FLAGS "-fsanitize=fuzzer,address") + target_link_libraries(${TestName} PRIVATE http_parser) + set_target_properties(${TestName} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${TESTING_OUTPUT_DIRECTORY}") +endif () diff --git a/src/lib/http_parser/test_http_parser.c b/src/lib/http_parser/test_http_parser.c new file mode 100644 index 000000000..a189e71e9 --- /dev/null +++ b/src/lib/http_parser/test_http_parser.c @@ -0,0 +1,22 @@ +#include +#include +#include +#include "http_parser.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct http_parser parser; + char *buf = (char*)data; + http_parser_create(&parser); + parser.hdr_name = (char *)calloc((int)size, sizeof(char)); + if (parser.hdr_name == NULL) { + return -1; + } + char *end_buf = buf + size; + int rc = http_parse_header_line(&parser, &buf, end_buf, size); + free(parser.hdr_name); + if (rc != 0) { + return rc; + } + + return 0; +} diff --git a/src/lib/uri/CMakeLists.txt b/src/lib/uri/CMakeLists.txt index 96410e5bf..77f5c5d57 100644 --- a/src/lib/uri/CMakeLists.txt +++ b/src/lib/uri/CMakeLists.txt @@ -8,3 +8,15 @@ if (CC_HAS_WNO_IMPLICIT_FALLTHROUGH) -Wno-implicit-fallthrough) endif() add_library(uri STATIC uri.c) + +if (ENABLE_FUZZER AND CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(TestName "test_uri") + add_executable(${TestName} ${TestName}.c) + add_compile_options(-fsanitize=fuzzer,address -g -O1) + set_target_properties(${TestName} + PROPERTIES + COMPILE_FLAGS "-fsanitize=fuzzer,address -g -O1" + LINK_FLAGS "-fsanitize=fuzzer,address") + target_link_libraries(${TestName} PRIVATE uri) + set_target_properties(${TestName} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${TESTING_OUTPUT_DIRECTORY}") +endif () diff --git a/src/lib/uri/test_uri.c b/src/lib/uri/test_uri.c new file mode 100644 index 000000000..ad8db6ef2 --- /dev/null +++ b/src/lib/uri/test_uri.c @@ -0,0 +1,22 @@ +#include +#include +#include +#include +#include "uri.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + char *buf = calloc(size, sizeof(char*)); + if (!buf) { + return -1; + } + strncpy(buf, (char*)data, size); + buf[size] = '\0'; + struct uri uri; + int rc = uri_parse(&uri, buf); + free(buf); + if (rc != 0) { + return rc; + } + + return 0; +} -- 2.23.0 -- sergeyb@