diff options
author | afosscontact <87739221+autofuzzoss@users.noreply.github.com> | 2022-07-08 15:34:34 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-08 08:34:34 +0200 |
commit | 865bd604beafcb350971c959b121ca60e5782a93 (patch) | |
tree | afe1b09f2363aea7a4f0c7083e874159b804523a | |
parent | 817620fd70e95bca1349bad655d43cee131fa338 (diff) |
libwebsockets: Add fuzzer for lws-upng (#7977)
* libwebsockets: Add fuzzer for lws-upng
* Add License
* Fix sanitzer config
* Fix fuzzing_engine config
* Update Dockerfile
* Update build.sh
Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
-rw-r--r-- | projects/libwebsockets/Dockerfile | 23 | ||||
-rwxr-xr-x | projects/libwebsockets/build.sh | 27 | ||||
-rw-r--r-- | projects/libwebsockets/lws_upng_inflate_fuzzer.cpp | 48 | ||||
-rw-r--r-- | projects/libwebsockets/project.yaml | 5 |
4 files changed, 100 insertions, 3 deletions
diff --git a/projects/libwebsockets/Dockerfile b/projects/libwebsockets/Dockerfile new file mode 100644 index 00000000..f69b308c --- /dev/null +++ b/projects/libwebsockets/Dockerfile @@ -0,0 +1,23 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder +RUN apt-get update && apt-get install -y libssl-dev + +RUN git clone --depth 1 https://github.com/warmcat/libwebsockets.git +COPY build.sh $SRC +COPY lws_upng_inflate_fuzzer.cpp $SRC/libwebsockets/ +WORKDIR $SRC/libwebsockets diff --git a/projects/libwebsockets/build.sh b/projects/libwebsockets/build.sh new file mode 100755 index 00000000..6afd111a --- /dev/null +++ b/projects/libwebsockets/build.sh @@ -0,0 +1,27 @@ +#!/bin/bash -eu +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +DIR=$SRC/libwebsockets/ + +cd $DIR +mkdir build && cd build + +cmake -DCMAKE_C_FLAGS="$CFLAGS -fsanitize=address,fuzzer-no-link -g" -DCMAKE_CXX_FLAGS="$CXXFLAGS -fsanitize=address,fuzzer-no-link -g" -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address,fuzzer-no-link -g" -DCMAKE_SHARED_LINKER_FLAGS="-fsanitize=address,fuzzer-no-link -g" .. +make -j8 + +cd $DIR +$CXX -g -fsanitize=address,fuzzer -I$DIR/build/include -o $OUT/lws_upng_inflate_fuzzer lws_upng_inflate_fuzzer.cpp -L$DIR/build/lib -l:libwebsockets.a -L/usr/lib/x86_64-linux-gnu/ -l:libssl.so -l:libcrypto.so diff --git a/projects/libwebsockets/lws_upng_inflate_fuzzer.cpp b/projects/libwebsockets/lws_upng_inflate_fuzzer.cpp new file mode 100644 index 00000000..b685bd50 --- /dev/null +++ b/projects/libwebsockets/lws_upng_inflate_fuzzer.cpp @@ -0,0 +1,48 @@ +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +/* + * This fuzzer is generated by UTopia project based on TEST(Test_Tensorflow, + * read_inception). (UTopia Project: https://github.com/Samsung/UTopia) + */ +#include "libwebsockets.h" +#include <fuzzer/FuzzedDataProvider.h> + +static void lws_api_test_gunzip(FuzzedDataProvider &provider) { + int result = 0; + struct inflator_ctx *gunz = nullptr; + const uint8_t *outring; + size_t outringlen, *opl, *cl = 0; + auto input1 = provider.ConsumeRandomLengthString(); + + gunz = lws_upng_inflator_create(&outring, &outringlen, &opl, &cl); + if (!gunz) + goto bail; + + lws_upng_inflate_data(gunz, input1.c_str(), input1.size()); + +bail: + if (gunz) + lws_upng_inflator_destroy(&gunz); +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, uint32_t size) { + FuzzedDataProvider provider(data, size); + auto select = provider.ConsumeIntegralInRange<unsigned char>(0, 1); + switch (select) { + case 0: + lws_api_test_gunzip(provider); + break; + } + + return 0; +} diff --git a/projects/libwebsockets/project.yaml b/projects/libwebsockets/project.yaml index f4563bd4..c490e777 100644 --- a/projects/libwebsockets/project.yaml +++ b/projects/libwebsockets/project.yaml @@ -3,7 +3,6 @@ language: c primary_contact: "andy@warmcat.com" sanitizers: - address - - memory: - experimental: True - - undefined +fuzzing_engines: +- libfuzzer main_repo: 'https://libwebsockets.org/repo/libwebsockets' |