From 7f0580c141cfab380687c29a09ddae718aba1e5c Mon Sep 17 00:00:00 2001 From: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com> Date: Fri, 8 Oct 2021 16:28:39 +0100 Subject: [pulumi] Initial integration (#5895) --- projects/pulumi/Dockerfile | 23 ++++++++++++++++++ projects/pulumi/build.sh | 26 ++++++++++++++++++++ projects/pulumi/config_fuzzer.go | 51 ++++++++++++++++++++++++++++++++++++++++ projects/pulumi/project.yaml | 10 ++++++++ projects/pulumi/schema_fuzzer.go | 31 ++++++++++++++++++++++++ 5 files changed, 141 insertions(+) create mode 100644 projects/pulumi/Dockerfile create mode 100644 projects/pulumi/build.sh create mode 100644 projects/pulumi/config_fuzzer.go create mode 100644 projects/pulumi/project.yaml create mode 100644 projects/pulumi/schema_fuzzer.go diff --git a/projects/pulumi/Dockerfile b/projects/pulumi/Dockerfile new file mode 100644 index 00000000..3b12b3c7 --- /dev/null +++ b/projects/pulumi/Dockerfile @@ -0,0 +1,23 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder-go +RUN git clone --depth 1 https://github.com/pulumi/pulumi +COPY build.sh \ + config_fuzzer.go \ + schema_fuzzer.go \ + $SRC/ +WORKDIR $SRC/pulumi diff --git a/projects/pulumi/build.sh b/projects/pulumi/build.sh new file mode 100644 index 00000000..9671dcae --- /dev/null +++ b/projects/pulumi/build.sh @@ -0,0 +1,26 @@ +#!/bin/bash -eu +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +cd pkg +#go mod download + +cp $SRC/schema_fuzzer.go $SRC/pulumi/pkg/codegen/schema/ +compile_go_fuzzer github.com/pulumi/pulumi/pkg/v3/codegen/schema SchemaFuzzer schema_fuzzer + +cp $SRC/config_fuzzer.go $SRC/pulumi/sdk/go/common/resource/config/ +compile_go_fuzzer github.com/pulumi/pulumi/sdk/v3/go/common/resource/config FuzzConfig fuzz +compile_go_fuzzer github.com/pulumi/pulumi/sdk/v3/go/common/resource/config FuzzParseKey fuzz_parse_key diff --git a/projects/pulumi/config_fuzzer.go b/projects/pulumi/config_fuzzer.go new file mode 100644 index 00000000..18c3bc07 --- /dev/null +++ b/projects/pulumi/config_fuzzer.go @@ -0,0 +1,51 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package config + +import ( + "encoding/json" +) + +func FuzzConfig(data []byte) int { + if len(data) != 32 { + return -1 + } + crypter := NewSymmetricCrypter(make([]byte, 32)) + _, _ = crypter.EncryptValue(string(data)) + _, _ = crypter.DecryptValue(string(data)) + return 1 +} + +func fuuzRoundtripKey(m Key, marshal func(v interface{}) ([]byte, error), + unmarshal func([]byte, interface{}) error) (Key, error) { + b, err := marshal(m) + if err != nil { + return Key{}, err + } + + var newM Key + err = unmarshal(b, &newM) + return newM, err +} + +func FuzzParseKey(data []byte) int { + k, err := ParseKey(string(data)) + if err != nil { + return 0 + } + fuuzRoundtripKey(k, json.Marshal, json.Unmarshal) + return 1 +} diff --git a/projects/pulumi/project.yaml b/projects/pulumi/project.yaml new file mode 100644 index 00000000..60803647 --- /dev/null +++ b/projects/pulumi/project.yaml @@ -0,0 +1,10 @@ +homepage: "https://www.pulumi.com/" +main_repo: "https://github.com/pulumi/pulumi" +primary_contact: "anton@pulumi.com" +auto_ccs : + - "adam@adalogics.com" +language: go +fuzzing_engines: + - libfuzzer +sanitizers: + - address diff --git a/projects/pulumi/schema_fuzzer.go b/projects/pulumi/schema_fuzzer.go new file mode 100644 index 00000000..38ac5c9e --- /dev/null +++ b/projects/pulumi/schema_fuzzer.go @@ -0,0 +1,31 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package schema + +import ( + fuzz "github.com/AdaLogics/go-fuzz-headers" +) + +func SchemaFuzzer(data []byte) int { + pkgSpec := PackageSpec{} + f := fuzz.NewConsumer(data) + err := f.GenerateStruct(&pkgSpec) + if err != nil { + return 0 + } + _, _ = ImportSpec(pkgSpec, nil) + return 1 +} -- cgit v1.2.3