summaryrefslogtreecommitdiffstats
path: root/fuzz
diff options
context:
space:
mode:
Diffstat (limited to 'fuzz')
-rw-r--r--fuzz/Makefile.am8
-rwxr-xr-xfuzz/init-fuzzers.sh7
-rw-r--r--fuzz/oplist.dict51
-rw-r--r--fuzz/oplist_fuzzer.cc32
-rw-r--r--fuzz/oplist_fuzzer.options3
-rwxr-xr-xfuzz/test-fuzzers.sh10
6 files changed, 108 insertions, 3 deletions
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
index da6c8ae..8ea3fb0 100644
--- a/fuzz/Makefile.am
+++ b/fuzz/Makefile.am
@@ -22,7 +22,8 @@ CLEANFILES = libFuzzer.a
22noinst_PROGRAMS = \ 22noinst_PROGRAMS = \
23 xplist_fuzzer \ 23 xplist_fuzzer \
24 bplist_fuzzer \ 24 bplist_fuzzer \
25 jplist_fuzzer 25 jplist_fuzzer \
26 oplist_fuzzer
26 27
27xplist_fuzzer_SOURCES = xplist_fuzzer.cc 28xplist_fuzzer_SOURCES = xplist_fuzzer.cc
28xplist_fuzzer_LDFLAGS = -static 29xplist_fuzzer_LDFLAGS = -static
@@ -36,12 +37,17 @@ jplist_fuzzer_SOURCES = jplist_fuzzer.cc
36jplist_fuzzer_LDFLAGS = -static 37jplist_fuzzer_LDFLAGS = -static
37jplist_fuzzer_LDADD = $(top_builddir)/src/libplist-2.0.la libFuzzer.a 38jplist_fuzzer_LDADD = $(top_builddir)/src/libplist-2.0.la libFuzzer.a
38 39
40oplist_fuzzer_SOURCES = oplist_fuzzer.cc
41oplist_fuzzer_LDFLAGS = -static
42oplist_fuzzer_LDADD = $(top_builddir)/src/libplist-2.0.la libFuzzer.a
43
39TESTS = fuzzers.test 44TESTS = fuzzers.test
40 45
41EXTRA_DIST = \ 46EXTRA_DIST = \
42 bplist.dict \ 47 bplist.dict \
43 xplist.dict \ 48 xplist.dict \
44 jplist.dict \ 49 jplist.dict \
50 oplist.dict \
45 init-fuzzers.sh \ 51 init-fuzzers.sh \
46 test-fuzzers.sh \ 52 test-fuzzers.sh \
47 fuzzers.test 53 fuzzers.test
diff --git a/fuzz/init-fuzzers.sh b/fuzz/init-fuzzers.sh
index ea2c8cc..c9b1955 100755
--- a/fuzz/init-fuzzers.sh
+++ b/fuzz/init-fuzzers.sh
@@ -26,5 +26,12 @@ cp ../test/data/j1.plist jplist-input/
26cp ../test/data/j2.plist jplist-input/ 26cp ../test/data/j2.plist jplist-input/
27./jplist_fuzzer -merge=1 jplist-input jplist-crashes jplist-leaks -dict=jplist.dict 27./jplist_fuzzer -merge=1 jplist-input jplist-crashes jplist-leaks -dict=jplist.dict
28 28
29mkdir -p oplist-input
30mkdir -p oplist-crashes
31mkdir -p oplist-leaks
32cp ../test/data/*.ostep oplist-input/
33cp ../test/data/test.strings oplist-input/
34./oplist_fuzzer -merge=1 oplist-input oplist-crashes oplist-leaks -dict=oplist.dict
35
29cd ${CURDIR} 36cd ${CURDIR}
30exit 0 37exit 0
diff --git a/fuzz/oplist.dict b/fuzz/oplist.dict
new file mode 100644
index 0000000..1408c4a
--- /dev/null
+++ b/fuzz/oplist.dict
@@ -0,0 +1,51 @@
1#
2# AFL dictionary for OpenStep plist format
3# ----------------------------------------
4
5"0"
6",0"
7"=0"
8"0="
9
10"\"\""
11",\"\""
12"=\"\""
13"\"\"="
14
15"="
16";"
17
18"{}"
19",{}"
20"={}"
21"{\"\"=0}"
22"{{}}"
23
24"()"
25",()"
26"=()"
27"(0)"
28"(())"
29
30"''"
31"\\"
32"\\b"
33"\\f"
34"\\n"
35"\\r"
36"\\t"
37"\\U0000"
38"\\a"
39"\\b"
40"\\f"
41"\\n"
42"\\r"
43"\\t"
44"\\v"
45"\\0"
46"\\uD800\\uDC00"
47"\\uDBFF\\uDFFF"
48
49"\"\"=0"
50"//"
51"/**/"
diff --git a/fuzz/oplist_fuzzer.cc b/fuzz/oplist_fuzzer.cc
new file mode 100644
index 0000000..0fabed8
--- /dev/null
+++ b/fuzz/oplist_fuzzer.cc
@@ -0,0 +1,32 @@
1/*
2 * oplist_fuzzer.cc
3 * OpenStep plist fuzz target for libFuzzer
4 *
5 * Copyright (c) 2023 Nikias Bassen All Rights Reserved.
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22#include <plist/plist.h>
23#include <stdio.h>
24
25extern "C" int LLVMFuzzerTestOneInput(const unsigned char* data, size_t size)
26{
27 plist_t root_node = NULL;
28 plist_from_openstep(reinterpret_cast<const char*>(data), size, &root_node);
29 plist_free(root_node);
30
31 return 0;
32}
diff --git a/fuzz/oplist_fuzzer.options b/fuzz/oplist_fuzzer.options
new file mode 100644
index 0000000..69a63d9
--- /dev/null
+++ b/fuzz/oplist_fuzzer.options
@@ -0,0 +1,3 @@
1[libfuzzer]
2max_len = 4096
3dict = oplist.dict
diff --git a/fuzz/test-fuzzers.sh b/fuzz/test-fuzzers.sh
index 40be74f..4fdf82b 100755
--- a/fuzz/test-fuzzers.sh
+++ b/fuzz/test-fuzzers.sh
@@ -5,13 +5,13 @@ FUZZDIR=`dirname $0`
5 5
6cd ${FUZZDIR} 6cd ${FUZZDIR}
7 7
8if ! test -x xplist_fuzzer || ! test -x bplist_fuzzer || ! test -x jplist_fuzzer; then 8if ! test -x xplist_fuzzer || ! test -x bplist_fuzzer || ! test -x jplist_fuzzer || ! test -x oplist_fuzzer; then
9 echo "ERROR: you need to build the fuzzers first." 9 echo "ERROR: you need to build the fuzzers first."
10 cd ${CURDIR} 10 cd ${CURDIR}
11 exit 1 11 exit 1
12fi 12fi
13 13
14if ! test -d xplist-input || ! test -d bplist-input || ! test -d jplist-input; then 14if ! test -d xplist-input || ! test -d bplist-input || ! test -d jplist-input || ! test -d oplist-input; then
15 echo "ERROR: fuzzer corpora directories are not present. Did you run init-fuzzers.sh ?" 15 echo "ERROR: fuzzer corpora directories are not present. Did you run init-fuzzers.sh ?"
16 cd ${CURDIR} 16 cd ${CURDIR}
17 exit 1 17 exit 1
@@ -35,5 +35,11 @@ if ! ./jplist_fuzzer jplist-input -dict=jplist.dict -max_len=65536 -runs=10000;
35 exit 1 35 exit 1
36fi 36fi
37 37
38echo "### TESTING oplist_fuzzer ###"
39if ! ./oplist_fuzzer oplist-input -dict=oplist.dict -max_len=65536 -runs=10000; then
40 cd ${CURDIR}
41 exit 1
42fi
43
38cd ${CURDIR} 44cd ${CURDIR}
39exit 0 45exit 0
© 2009-2020 sukimashita.com - Generated by cgit - Icons from Tango - Uses Google Analytics