zip-rs: initial integration (#5400)

* initial integration of zip-rs. * update contact * Updated Dockerfile * Update licenses to 2022; * updated comments in Cargo file
author: DavidKorczynski <david@adalogics.com> 2022-01-25 15:12:18 +0000
committer: GitHub <noreply@github.com> 2022-01-25 07:12:18 -0800
commit: 3403ecc3ee2635a70f270f9c9fe5b8e5b3fe84ff (patch)
tree: 4ff5a1165e126c24ea12f394c65bccea579641d7
parent: 9decaec30f1032c29fa3d68a1ac668bd7724f6bd (diff)
5 files changed, 129 insertions, 0 deletions
diff --git a/projects/zip-rs/Dockerfile b/projects/zip-rs/Dockerfile
new file mode 100644
index 00000000..66352a0c
--- /dev/null
+++ b/projects/zip-rs/Dockerfile
@@ -0,0 +1,22 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+FROM gcr.io/oss-fuzz-base/base-builder-rust
+
+RUN git clone --depth 1 https://github.com/zip-rs/zip
+COPY fuzz $SRC/zip/fuzz
+WORKDIR $SRC
+
+COPY build.sh $SRC/
diff --git a/projects/zip-rs/build.sh b/projects/zip-rs/build.sh
new file mode 100755
index 00000000..15a05f68
--- /dev/null
+++ b/projects/zip-rs/build.sh
@@ -0,0 +1,20 @@
+#!/bin/bash -eu
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+cd $SRC/zip
+cargo fuzz build -O 
+cp fuzz/target/x86_64-unknown-linux-gnu/release/from_zip $OUT/
diff --git a/projects/zip-rs/fuzz/Cargo.toml b/projects/zip-rs/fuzz/Cargo.toml
new file mode 100644
index 00000000..fe3144ce
--- /dev/null
+++ b/projects/zip-rs/fuzz/Cargo.toml
@@ -0,0 +1,38 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+####################
+
+[package]
+name = "zip-fuzz"
+version = "0.0.0"
+authors = ["David Korczynski <david@adalogics.com>"]
+publish = false
+edition = "2018"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+libfuzzer-sys = "0.3"
+#zip = { path = ".." , version = "0.5"}
+zip = { path = ".." }
+
+[[bin]]
+name = "from_zip"
+path = "fuzz_targets/fuzz_zip.rs"
+
+# Prevent this from interfering with workspaces
+[workspace]
+
diff --git a/projects/zip-rs/fuzz/fuzz_targets/fuzz_zip.rs b/projects/zip-rs/fuzz/fuzz_targets/fuzz_zip.rs
new file mode 100644
index 00000000..82887c94
--- /dev/null
+++ b/projects/zip-rs/fuzz/fuzz_targets/fuzz_zip.rs
@@ -0,0 +1,39 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+//limitations under the License.
+//
+//###################
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+use std::io::{Cursor, Seek};
+use zip::CompressionMethod;
+use zip::write::FileOptions;
+use std::fs::File;
+use std::io::Write;
+use std::fs;
+
+
+fuzz_target!(|data: &[u8]| {
+    match zip::ZipArchive::new(Cursor::new(data)) {
+        Ok(archive) => {
+            for i in 0..archive.len() {
+                let comment = archive.comment();
+                if !comment.is_empty() {
+                }
+
+            }
+        },
+        Err(e) =>  return
+    }
+});
diff --git a/projects/zip-rs/project.yaml b/projects/zip-rs/project.yaml
new file mode 100644
index 00000000..357caf6c
--- /dev/null
+++ b/projects/zip-rs/project.yaml
@@ -0,0 +1,10 @@
+homepage: "https://github.com/zip-rs/zip"
+main_repo: "https://github.com/zip-rs/zip"
+primary_contact: "marli@frost.red"
+sanitizers:
+  - address
+fuzzing_engines:
+  - libfuzzer
+language: rust
+auto_ccs:
+  - "david@adalogics.com"
author	DavidKorczynski <david@adalogics.com>	2022-01-25 15:12:18 +0000
committer	GitHub <noreply@github.com>	2022-01-25 07:12:18 -0800
commit	3403ecc3ee2635a70f270f9c9fe5b8e5b3fe84ff (patch)
tree	4ff5a1165e126c24ea12f394c65bccea579641d7
parent	9decaec30f1032c29fa3d68a1ac668bd7724f6bd (diff)