From 1e0815083881f509893d320c87d0d470cad35d2d Mon Sep 17 00:00:00 2001 From: Chris Wolfe Date: Mon, 5 Feb 2018 19:24:51 -0600 Subject: [PATCH] pull in fuzzers, add CI scripts later --- ChangeLog | 3 +++ fuzz/README.md | 6 ++++++ fuzz/build.sh | 30 ++++++++++++++++++++++++++++++ fuzz/tokener_parse_ex_fuzzer.cc | 13 +++++++++++++ fuzz/tokener_parse_ex_fuzzer.dict | 18 ++++++++++++++++++ 5 files changed, 70 insertions(+) create mode 100644 fuzz/README.md create mode 100755 fuzz/build.sh create mode 100644 fuzz/tokener_parse_ex_fuzzer.cc create mode 100644 fuzz/tokener_parse_ex_fuzzer.dict diff --git a/ChangeLog b/ChangeLog index 5dd29ab..8f8aa8d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,9 @@ Deprecated and removed features: * lh_table_lookup() has been removed, use lh_table_lookup_ex() instead. * Remove TRUE and FALSE defines, use 1 and 0 instead. +Build changes: +-------------- +* Add a top level fuzz directory for fuzzers run by OSS-Fuzz 0.13 (up to commit 5dae561, 2017/11/29) ================================= diff --git a/fuzz/README.md b/fuzz/README.md new file mode 100644 index 0000000..237c1da --- /dev/null +++ b/fuzz/README.md @@ -0,0 +1,6 @@ +# Fuzzers + +This directory contains fuzzers that +target [llvm's LibFuzzer](https://llvm.org/docs/LibFuzzer.html). They are built +and run automatically by +Google's [OSS-Fuzz](https://github.com/google/oss-fuzz/) infrastructure. diff --git a/fuzz/build.sh b/fuzz/build.sh new file mode 100755 index 0000000..30c3f77 --- /dev/null +++ b/fuzz/build.sh @@ -0,0 +1,30 @@ +#!/bin/bash -eu +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +./autogen.sh +./configure --enable-static --disable-shared +make -j$(nproc) all +ar rc json_c.a *.o + +cp $SRC/*.dict $OUT/ + +for f in $SRC/*_fuzzer.cc; do + fuzzer=$(basename "$f" _fuzzer.cc) + $CXX $CXXFLAGS -std=c++11 -I$SRC/json-c \ + $SRC/${fuzzer}_fuzzer.cc -o $OUT/${fuzzer}_fuzzer \ + -lFuzzingEngine $SRC/json-c/json_c.a +done diff --git a/fuzz/tokener_parse_ex_fuzzer.cc b/fuzz/tokener_parse_ex_fuzzer.cc new file mode 100644 index 0000000..c0a1c3d --- /dev/null +++ b/fuzz/tokener_parse_ex_fuzzer.cc @@ -0,0 +1,13 @@ +#include + +#include + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + const char *data1 = reinterpret_cast(data); + json_tokener *tok = json_tokener_new(); + json_object *obj = json_tokener_parse_ex(tok, data1, size); + + json_object_put(obj); + json_tokener_free(tok); + return 0; +} diff --git a/fuzz/tokener_parse_ex_fuzzer.dict b/fuzz/tokener_parse_ex_fuzzer.dict new file mode 100644 index 0000000..23c6fa2 --- /dev/null +++ b/fuzz/tokener_parse_ex_fuzzer.dict @@ -0,0 +1,18 @@ +"{" +"}" +"," +"[" +"]" +"," +":" +"e" +"e+" +"e-" +"E" +"E+" +"E-" +"\"" +"null" +"1" +"1.234" +"3e4" -- 2.50.0