diff options
author | DavidKorczynski <david@adalogics.com> | 2022-07-12 10:08:03 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-12 10:08:03 +0100 |
commit | 3066f97b88272b6a744ef5373264102430da3689 (patch) | |
tree | da796033dfe863ba7b49278fc3fd3a660fc7faa2 | |
parent | dc4d35eb69528130d3eb09a90c8cd39a31a2a2be (diff) |
g-apis-py-core: initial integration (#7943)
* g-apis-py-core: initial integration
Initial integration of https://github.com/googleapis/python-api-core
* expand fuzzer
-rw-r--r-- | projects/g-apis-py-api-core/Dockerfile | 21 | ||||
-rw-r--r-- | projects/g-apis-py-api-core/build.sh | 23 | ||||
-rw-r--r-- | projects/g-apis-py-api-core/fuzz_path_template.py | 61 | ||||
-rw-r--r-- | projects/g-apis-py-api-core/project.yaml | 12 |
4 files changed, 117 insertions, 0 deletions
diff --git a/projects/g-apis-py-api-core/Dockerfile b/projects/g-apis-py-api-core/Dockerfile new file mode 100644 index 00000000..7b95e20b --- /dev/null +++ b/projects/g-apis-py-api-core/Dockerfile @@ -0,0 +1,21 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder-python +RUN pip3 install --upgrade pip +RUN git clone https://github.com/googleapis/python-api-core +COPY build.sh *.py $SRC/ +WORKDIR python-api-core diff --git a/projects/g-apis-py-api-core/build.sh b/projects/g-apis-py-api-core/build.sh new file mode 100644 index 00000000..ab841a59 --- /dev/null +++ b/projects/g-apis-py-api-core/build.sh @@ -0,0 +1,23 @@ +#!/bin/bash -eu +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +pip3 install . + +# Build flask fuzzers +for fuzzer in $(find $SRC -name 'fuzz_*.py'); do + compile_python_fuzzer $fuzzer +done diff --git a/projects/g-apis-py-api-core/fuzz_path_template.py b/projects/g-apis-py-api-core/fuzz_path_template.py new file mode 100644 index 00000000..4438d0ad --- /dev/null +++ b/projects/g-apis-py-api-core/fuzz_path_template.py @@ -0,0 +1,61 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import atheris +import sys + +with atheris.instrument_imports(): + from google.api_core import path_template + +def TestOneInput(data): + fdp = atheris.FuzzedDataProvider(data) + targets = [ + "expand", + "transcode", + "validate" + ] + target = targets[fdp.ConsumeIntInRange(0, len(targets)-1)] + if target == "expand": + s1 = fdp.ConsumeString(200) + s2 = fdp.ConsumeString(200) + try: + path_template.expand(s1, s2) + except ValueError: + # ValueError is raised + # https://github.com/googleapis/python-api-core/blob/5b5e77563229687c901d77b5fdecc18168b535e6/google/api_core/path_template.py#L123 + pass + elif target == "transcode": + s1 = fdp.ConsumeString(200) + s2 = fdp.ConsumeString(200) + s3 = fdp.ConsumeString(200) + try: + path_template.transcode([{'uri' : s1, 'body' : s2,'method' : s3}]) + except ValueError: + # ValueError is raised: + # https://github.com/googleapis/python-api-core/blob/main/google/api_core/path_template.py#L260 + pass + elif target == "validate": + s1 = fdp.ConsumeString(200) + s2 = fdp.ConsumeString(200) + path_template.validate(s1, s2) + + +def main(): + atheris.instrument_all() + atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/projects/g-apis-py-api-core/project.yaml b/projects/g-apis-py-api-core/project.yaml new file mode 100644 index 00000000..e82ba5a7 --- /dev/null +++ b/projects/g-apis-py-api-core/project.yaml @@ -0,0 +1,12 @@ +fuzzing_engines: +- libfuzzer +homepage: https://github.com/googleapis/python-api-core +language: python +main_repo: https://github.com/googleapis/python-api-core +sanitizers: +- address +- undefined +vendor_ccs: +- david@adalogics.com +- adam@adalogics.com +- arthur.chan@adalogics.com |