From 259f3e87d79ce7405fae31b83d61622f50249b60 Mon Sep 17 00:00:00 2001 From: Arthur Chan Date: Tue, 12 Jul 2022 10:09:16 +0100 Subject: google-cloud-logger-python: initial integration (#7936) * google-cloud-logger-python: initial integration Create initial integration Create fuzzers * google-cloud-logger-python: fix folder name - Remove "google" from folder name --- projects/g-cloud-logging-py/Dockerfile | 22 ++++++++ projects/g-cloud-logging-py/build.sh | 24 ++++++++ projects/g-cloud-logging-py/fuzz_entries.py | 79 +++++++++++++++++++++++++++ projects/g-cloud-logging-py/fuzz_handlers.py | 54 ++++++++++++++++++ projects/g-cloud-logging-py/fuzz_helpers.py | 40 ++++++++++++++ projects/g-cloud-logging-py/fuzz_resources.py | 37 +++++++++++++ projects/g-cloud-logging-py/project.yaml | 12 ++++ 7 files changed, 268 insertions(+) create mode 100644 projects/g-cloud-logging-py/Dockerfile create mode 100644 projects/g-cloud-logging-py/build.sh create mode 100644 projects/g-cloud-logging-py/fuzz_entries.py create mode 100644 projects/g-cloud-logging-py/fuzz_handlers.py create mode 100644 projects/g-cloud-logging-py/fuzz_helpers.py create mode 100644 projects/g-cloud-logging-py/fuzz_resources.py create mode 100644 projects/g-cloud-logging-py/project.yaml diff --git a/projects/g-cloud-logging-py/Dockerfile b/projects/g-cloud-logging-py/Dockerfile new file mode 100644 index 00000000..84f466f6 --- /dev/null +++ b/projects/g-cloud-logging-py/Dockerfile @@ -0,0 +1,22 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder-python + +RUN git clone https://github.com/googleapis/python-logging gcloud-logging +WORKDIR gcloud-logging + +COPY build.sh fuzz_*.py $SRC/ diff --git a/projects/g-cloud-logging-py/build.sh b/projects/g-cloud-logging-py/build.sh new file mode 100644 index 00000000..6da18d63 --- /dev/null +++ b/projects/g-cloud-logging-py/build.sh @@ -0,0 +1,24 @@ +#!/bin/bash -eu +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +# Build and install project (using current CFLAGS, CXXFLAGS). +pip3 install --upgrade pip +pip3 install . + +for fuzzer in $(find $SRC -name 'fuzz_*.py'); do + compile_python_fuzzer $fuzzer +done diff --git a/projects/g-cloud-logging-py/fuzz_entries.py b/projects/g-cloud-logging-py/fuzz_entries.py new file mode 100644 index 00000000..388f3fbb --- /dev/null +++ b/projects/g-cloud-logging-py/fuzz_entries.py @@ -0,0 +1,79 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import atheris +import sys +with atheris.instrument_imports(): + import google.cloud.logging_v2.entries as entries + from google.cloud.logging_v2.client import Client + from google.cloud.logging_v2.resource import Resource + +def create_dummy_log_entry(fdp): + return entries.LogEntry( + log_name=fdp.ConsumeString(20), + labels={ + fdp.ConsumeString(10):fdp.ConsumeString(20), + fdp.ConsumeString(10):fdp.ConsumeString(20) + }, + insert_id=fdp.ConsumeString(20), + timestamp=fdp.ConsumeString(20), + resource=Resource(type="global", labels={}), + trace=fdp.ConsumeString(20), + span_id=fdp.ConsumeString(20), + trace_sampled=fdp.ConsumeBool(), + source_location=LogEntrySourceLocation( + file=fdp.ConsumeString(20), + line=fdp.ConsumeString(20), + function=fdp.ConsumeString(20) + ), + operation=LogEntryOperation( + id=fdp.ConsumeString(20), + producer=fdp.ConsumeString(20), + first=fdp.ConsumeBool(), + last=fdp.ConsumeBool() + ) + ) + +def TestInput(data): + if len(data) < 1: + return + + fdp = atheris.FuzzedDataProvider(data) + + try: + entries._int_or_none(fdp.ConsumeInt(100)) + entries.logger_name_from_path(fdp.ConsumeString(100)) + entries.logger_name_from_path(fdp.ConsumeString(100),fdp.ConsumeString(50)) + + log_entry = create_dummy_log_entry(fdp) + log_entry.to_api_repr() + + TextEntry(log_entry).to_api_repr() + StructEntry(log_entry).to_api_repr() + + protobuf_entry = ProtobufEntry(log_entry) + protobuf_entry.payload_pb() + protobuf_entry.payload_json() + protobuf_entry.to_api_repr() + except ValueError as e: + if "did not match expected pattern" not in str(e): + raise e + +def main(): + atheris.Setup(sys.argv, TestInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/projects/g-cloud-logging-py/fuzz_handlers.py b/projects/g-cloud-logging-py/fuzz_handlers.py new file mode 100644 index 00000000..4854d1f0 --- /dev/null +++ b/projects/g-cloud-logging-py/fuzz_handlers.py @@ -0,0 +1,54 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import atheris +import sys +import logging +with atheris.instrument_imports(): + import google.cloud.logging_v2.handlers.handlers as handlers + import google.cloud.logging_v2.handlers.structured_log as log + +def TestInput(data): + fdp = atheris.FuzzedDataProvider(data) + + logname = fdp.ConsumeString(100) + message = fdp.ConsumeString(100) + record = logging.LogRecord( + logname, logging.INFO, None, None, message, None, None + ) + + handlers.CloudLoggingFilter._infer_source_location(record) + filter = handlers.CloudLoggingFilter(record) + + handler = log.StructuredLogHandler( + labels={ + fdp.ConsumeString(10):fdp.ConsumeString(20), + fdp.ConsumeString(10):fdp.ConsumeString(20) + }, + project_id=fdp.ConsumeString(100) + ) + try: + handler.format(record) + handlers._format_and_parse_message(record, handler) + handlers.setup_logging(handler) + except ValueError as e: + if "Formatting field not found in record" not in str(e): + raise e +def main(): + atheris.Setup(sys.argv, TestInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/projects/g-cloud-logging-py/fuzz_helpers.py b/projects/g-cloud-logging-py/fuzz_helpers.py new file mode 100644 index 00000000..4cadac3e --- /dev/null +++ b/projects/g-cloud-logging-py/fuzz_helpers.py @@ -0,0 +1,40 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import atheris +import sys +with atheris.instrument_imports(): + import google.cloud.logging_v2._helpers as helpers + import google.cloud.logging_v2.handlers._helpers as handlers_helpers + +def TestInput(data): + fdp = atheris.FuzzedDataProvider(data) + + helpers.retrieve_metadata_server(fdp.ConsumeString(100)) + helpers._normalize_severity(fdp.ConsumeInt(100)) + helpers._add_defaults_to_filter(fdp.ConsumeString(100)) + + handlers_helpers.get_request_data_from_flask() + handlers_helpers.get_request_data_from_django() + handlers_helpers._parse_trace_parent(fdp.ConsumeString(100)) + handlers_helpers._parse_xcloud_trace(fdp.ConsumeString(100)) + handlers_helpers.get_request_data() + +def main(): + atheris.Setup(sys.argv, TestInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/projects/g-cloud-logging-py/fuzz_resources.py b/projects/g-cloud-logging-py/fuzz_resources.py new file mode 100644 index 00000000..1c4d3dcf --- /dev/null +++ b/projects/g-cloud-logging-py/fuzz_resources.py @@ -0,0 +1,37 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import atheris +import sys +with atheris.instrument_imports(): + import google.cloud.logging_v2.handlers._monitored_resources as resources + +def TestInput(data): + fdp = atheris.FuzzedDataProvider(data) + + resources._create_functions_resource() + resources._create_kubernetes_resource() + resources._create_compute_resource() + resources._create_cloud_run_resource() + resources._create_app_engine_resource() + resources._create_global_resource(fdp.ConsumeString(100)) + resources.detect_resource(fdp.ConsumeString(100)) + +def main(): + atheris.Setup(sys.argv, TestInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/projects/g-cloud-logging-py/project.yaml b/projects/g-cloud-logging-py/project.yaml new file mode 100644 index 00000000..3febd763 --- /dev/null +++ b/projects/g-cloud-logging-py/project.yaml @@ -0,0 +1,12 @@ +fuzzing_engines: +- libfuzzer +homepage: https://github.com/googleapis/python-logging +language: python +main_repo: https://github.com/googleapis/python-logging +sanitizers: +- address +- undefined +vendor_ccs: +- david@adalogics.com +- adam@adalogics.com +- arthur.chan@adalogics.com -- cgit v1.2.3