[Matio] Add matio project (#2761)

5 files changed, 182 insertions, 0 deletions

diff --git a/projects/matio/Dockerfile b/projects/matio/Dockerfile
new file mode 100644
index 00000000..cc727f55
--- /dev/null
+++ b/projects/matio/Dockerfile
@@ -0,0 +1,23 @@
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER t-beu@users.sourceforge.net
+RUN apt-get update && apt-get install -y make autoconf automake libtool
+RUN git clone --depth 1 git://git.code.sf.net/p/matio/matio matio
+WORKDIR matio
+COPY build.sh $SRC/
+COPY *.cc *.h $SRC/
diff --git a/projects/matio/build.sh b/projects/matio/build.sh
new file mode 100755
index 00000000..34638656
--- /dev/null
+++ b/projects/matio/build.sh
@@ -0,0 +1,30 @@
+#!/bin/bash -eu
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# build project
+./autogen.sh
+./configure
+make -j$(nproc)
+make install
+
+# build fuzzers
+for fuzzers in $(find $SRC -name '*_fuzzer.cc'); do
+  base=$(basename -s .cc $fuzzers)
+  $CXX $CXXFLAGS -std=c++11 -Iinclude \
+  $fuzzers ./getopt/.libs/libgetopt.a \
+  ./src/.libs/libmatio.a -o $OUT/$base $LIB_FUZZING_ENGINE
+done
diff --git a/projects/matio/fuzzer_temp_file.h b/projects/matio/fuzzer_temp_file.h
new file mode 100644
index 00000000..da6f11f9
--- /dev/null
+++ b/projects/matio/fuzzer_temp_file.h
@@ -0,0 +1,81 @@
+// Copyright 2019 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Adapter utility from fuzzer input to a temporary file, for fuzzing APIs that
+// require a file instead of an input buffer.
+
+#ifndef FUZZER_TEMP_FILE_H_
+#define FUZZER_TEMP_FILE_H_
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+// Pure-C interface for creating and cleaning up temporary files.
+
+static char* fuzzer_get_tmpfile(const uint8_t* data, size_t size) {
+  char* filename_buffer = strdup("/tmp/generate_temporary_file.XXXXXX");
+  if (!filename_buffer) {
+    perror("Failed to allocate file name buffer.");
+    abort();
+  }
+  const int file_descriptor = mkstemp(filename_buffer);
+  if (file_descriptor < 0) {
+    perror("Failed to make temporary file.");
+    abort();
+  }
+  FILE* file = fdopen(file_descriptor, "wb");
+  if (!file) {
+    perror("Failed to open file descriptor.");
+    close(file_descriptor);
+    abort();
+  }
+  const size_t bytes_written = fwrite(data, sizeof(uint8_t), size, file);
+  if (bytes_written < size) {
+    close(file_descriptor);
+    fprintf(stderr, "Failed to write all bytes to file (%zu out of %zu)",
+            bytes_written, size);
+    abort();
+  }
+  fclose(file);
+  return filename_buffer;
+}
+
+static void fuzzer_release_tmpfile(char* filename) {
+  if (unlink(filename) != 0) {
+    perror("WARNING: Failed to delete temporary file.");
+  }
+  free(filename);
+}
+
+// C++ RAII object for creating temporary files.
+
+#ifdef __cplusplus
+class FuzzerTemporaryFile {
+ public:
+  FuzzerTemporaryFile(const uint8_t* data, size_t size)
+      : filename_(fuzzer_get_tmpfile(data, size)) {}
+
+  ~FuzzerTemporaryFile() { fuzzer_release_tmpfile(filename_); }
+
+  const char* filename() const { return filename_; }
+
+ private:
+  char* filename_;
+};
+#endif
+
+#endif  // FUZZER_TEMP_FILE_H_
diff --git a/projects/matio/matio_fuzzer.cc b/projects/matio/matio_fuzzer.cc
new file mode 100644
index 00000000..c97b8c89
--- /dev/null
+++ b/projects/matio/matio_fuzzer.cc
@@ -0,0 +1,39 @@
+// Copyright 2019 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Adapter utility from fuzzer input to a temporary file, for fuzzing APIs that
+// require a file instead of an input buffer.
+
+#include <cstddef>
+#include <cstdint>
+#include <cstdlib>
+#include <string>
+#include <vector>
+
+#include "fuzzer_temp_file.h"
+#include "matio.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  FuzzerTemporaryFile temp_file(data, size);
+
+  mat_t* matfd = Mat_Open(temp_file.filename(), MAT_ACC_RDONLY);
+  if (matfd == nullptr) {
+    return 0;
+  }
+  // TODO(https://github.com/google/oss-fuzz/pull/2761): use more complicated APIs
+  // such as Mat_VarReadDataAll, Mat_VarReadDataLinear, Mat_VarReadNext, etc. 
+  Mat_Close(matfd);
+
+  return 0;
+}
diff --git a/projects/matio/project.yaml b/projects/matio/project.yaml
new file mode 100644
index 00000000..5f1bb530
--- /dev/null
+++ b/projects/matio/project.yaml
@@ -0,0 +1,9 @@
+homepage: "https://github.com/tbeu/matio"
+primary_contact: "t-beu@users.sourceforge.net"
+sanitizers:
+  - address
+  - memory
+  - undefined
+architectures:
+  - x86_64
+  - i386