python-protobuf: initial integration (#7515)

* python-protobuf: initial integration * nit * update to latest python base image
author: DavidKorczynski <david@adalogics.com> 2022-04-08 17:36:07 +0100
committer: GitHub <noreply@github.com> 2022-04-08 12:36:07 -0400
commit: cacd58c2222489577681c881031f1e606db31e31 (patch)
tree: e169de89dc173361d1282ee6ed4732e5da77a007 /projects/protobuf-python
parent: c25c6d920f8b1d0f4a129067f931da750f5682fb (diff)
4 files changed, 118 insertions, 0 deletions
diff --git a/projects/protobuf-python/Dockerfile b/projects/protobuf-python/Dockerfile
new file mode 100644
index 00000000..3a2e78f0
--- /dev/null
+++ b/projects/protobuf-python/Dockerfile
@@ -0,0 +1,22 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder-python
+RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config
+RUN curl -L -O https://raw.githubusercontent.com/protobuf-c/protobuf-c/39cd58f5ff06048574ed5ce17ee602dc84006162/t/test-full.proto
+RUN git clone --depth 1 --recursive https://github.com/protocolbuffers/protobuf.git
+WORKDIR $SRC
+COPY build.sh fuzz_* $SRC/
diff --git a/projects/protobuf-python/build.sh b/projects/protobuf-python/build.sh
new file mode 100644
index 00000000..8fdd9b8f
--- /dev/null
+++ b/projects/protobuf-python/build.sh
@@ -0,0 +1,40 @@
+#!/bin/bash -eu
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# Build protoc with default options.
+unset CFLAGS CXXFLAGS
+mkdir $SRC/protobuf-install/
+cd $SRC/protobuf/
+./autogen.sh
+./configure --prefix=$SRC/protobuf-install
+make -j$(nproc)
+make install
+export PROTOC="$SRC/protobuf-install/bin/protoc"
+
+ldconfig
+cd python
+python3 setup.py build --cpp_implementation
+pip3 install .
+
+# Compile test protos with protoc.
+cd $SRC/
+$PROTOC --python_out=. --proto_path=. test-full.proto
+
+# Build fuzzers in $OUT.
+for fuzzer in $(find $SRC -name 'fuzz_*.py'); do
+  compile_python_fuzzer $fuzzer
+done
diff --git a/projects/protobuf-python/fuzz_protobuf.py b/projects/protobuf-python/fuzz_protobuf.py
new file mode 100644
index 00000000..02c24ce5
--- /dev/null
+++ b/projects/protobuf-python/fuzz_protobuf.py
@@ -0,0 +1,48 @@
+#!/usr/bin/python3
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import sys
+import atheris
+
+with atheris.instrument_imports():
+  import test_full_pb2
+  from google.protobuf.message import DecodeError
+
+@atheris.instrument_func
+def TestOneInput(input_bytes):
+  # We need to make the file an absolute path
+  testfile_path = os.path.join(os.getcwd(), "serialized.bin")
+  with open(testfile_path, "wb") as f:
+    f.write(input_bytes)
+
+  pbmsg = test_full_pb2.TestMessSubMess()
+  with open(testfile_path, "rb") as fd:
+    try:
+      pbmsg.ParseFromString(fd.read())
+    except DecodeError:
+      None
+
+  os.remove(testfile_path)
+
+
+def main():
+  atheris.instrument_all()
+  atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
+  atheris.Fuzz()
+
+
+if __name__ == "__main__":
+  main()
diff --git a/projects/protobuf-python/project.yaml b/projects/protobuf-python/project.yaml
new file mode 100644
index 00000000..b4fe8f69
--- /dev/null
+++ b/projects/protobuf-python/project.yaml
@@ -0,0 +1,8 @@
+homepage: "https://developers.google.com/protocol-buffers/"
+main_repo: "https://github.com/protocolbuffers/protobuf"
+language: python
+primary_contact: "david@adalogics.com"
+fuzzing_engines:
+  - libfuzzer
+sanitizers:
+  - address
author	DavidKorczynski <david@adalogics.com>	2022-04-08 17:36:07 +0100
committer	GitHub <noreply@github.com>	2022-04-08 12:36:07 -0400
commit	cacd58c2222489577681c881031f1e606db31e31 (patch)
tree	e169de89dc173361d1282ee6ed4732e5da77a007 /projects/protobuf-python
parent	c25c6d920f8b1d0f4a129067f931da750f5682fb (diff)