From bcf1fcd990c17903d443113083daeed8b46b297e Mon Sep 17 00:00:00 2001
From: DavidKorczynski <david@adalogics.com>
Date: Wed, 6 Jul 2022 02:02:28 +0100
Subject: numpy: initial integration (#7681)

* numpy: initial integration

Depends on https://github.com/google/oss-fuzz/pull/7680

* Update project.yaml to match
https://github.com/google/oss-fuzz/pull/7698

* add maintainer mail
---
 projects/numpy/Dockerfile     | 21 ++++++++++++++
 projects/numpy/build.sh       | 33 ++++++++++++++++++++++
 projects/numpy/fuzz_loader.py | 65 +++++++++++++++++++++++++++++++++++++++++++
 projects/numpy/project.yaml   | 11 ++++++++
 4 files changed, 130 insertions(+)
 create mode 100644 projects/numpy/Dockerfile
 create mode 100644 projects/numpy/build.sh
 create mode 100644 projects/numpy/fuzz_loader.py
 create mode 100644 projects/numpy/project.yaml

(limited to 'projects')

diff --git a/projects/numpy/Dockerfile b/projects/numpy/Dockerfile
new file mode 100644
index 00000000..e31785a9
--- /dev/null
+++ b/projects/numpy/Dockerfile
@@ -0,0 +1,21 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder-python
+RUN pip3 install cython
+RUN git clone https://github.com/numpy/numpy && cd numpy && git submodule update --init
+WORKDIR $SRC
+COPY *.py build.sh $SRC/
diff --git a/projects/numpy/build.sh b/projects/numpy/build.sh
new file mode 100644
index 00000000..5de9837e
--- /dev/null
+++ b/projects/numpy/build.sh
@@ -0,0 +1,33 @@
+#!/bin/bash -eu
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+cd numpy
+
+unset CFLAGS
+unset CXXFLAGS
+unset LIB_FUZZING_ENGINE
+
+pip3 install .
+python3 setup.py install
+
+mkdir -p $SRC/numpy-fuzzers
+cd $SRC/numpy-fuzzers
+
+# Build fuzzers in $OUT.
+for fuzzer in $(find $SRC -name 'fuzz_*.py'); do
+  compile_python_fuzzer $fuzzer
+done
diff --git a/projects/numpy/fuzz_loader.py b/projects/numpy/fuzz_loader.py
new file mode 100644
index 00000000..ee2c6ac3
--- /dev/null
+++ b/projects/numpy/fuzz_loader.py
@@ -0,0 +1,65 @@
+#!/usr/bin/python3
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import atheris
+import sys
+
+with atheris.instrument_imports():
+  from io import StringIO
+  import numpy as np
+
+def get_fuzz_types():
+    # Define the rows
+    dtype = np.dtype(
+        [('f0', np.uint16), ('f1', np.float64), ('f2', 'S7'), ('f3', np.int8)]
+    )
+
+    # An expected match
+    expected = np.array(
+        [
+            (1, 2.4, "a", -34),
+            (2, 3.1, "b", 29),
+            (3, 9.9, "g", 120),
+        ],
+        dtype=dtype
+    )
+    return dtype, expected
+
+def TestOneInput(fuzz_data):
+  dtype, expected = get_fuzz_types()
+  fdp = atheris.FuzzedDataProvider(fuzz_data)
+  new_data = StringIO(fdp.ConsumeString(sys.maxsize))
+  try:
+    np.loadtxt(new_data, dtype=dtype, delimiter=";", skiprows=True)
+  # Catch all of the exceptions that are caught in 
+  # https://github.com/numpy/numpy/blob/main/numpy/lib/tests/test_loadtxt.py
+  except StopIteration:
+    return
+  except ValueError:
+    return
+  except IndexError:
+    return
+  except TypeError:
+    return
+  except RuntimeError:
+    return
+
+def main():
+  atheris.instrument_all()
+  atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
+  atheris.Fuzz()
+
+if __name__ == "__main__":
+  main()
diff --git a/projects/numpy/project.yaml b/projects/numpy/project.yaml
new file mode 100644
index 00000000..c05cb40b
--- /dev/null
+++ b/projects/numpy/project.yaml
@@ -0,0 +1,11 @@
+homepage: "numpy.org"
+main_repo: "https://github.com/numpy/numpy"
+language: python
+primary_contact: "ralf.gommers@gmail.com"
+fuzzing_engines:
+  - libfuzzer
+sanitizers:
+  - address
+vendor_ccs:
+  - david@adalogics.com
+  - adam@adalogics.com
-- 
cgit v1.2.3