From d91bfc856331cf97c415a5e2e37cdd2f01056bb4 Mon Sep 17 00:00:00 2001 From: David Korczynski Date: Thu, 21 Dec 2023 14:59:17 -0800 Subject: [PATCH 1/2] Add ClusterFuzzLite integration Signed-off-by: David Korczynski --- .clusterfuzzlite/Dockerfile | 6 ++++++ .clusterfuzzlite/README.md | 4 ++++ .clusterfuzzlite/build.sh | 8 ++++++++ .clusterfuzzlite/parse_fuzzer.c | 23 +++++++++++++++++++++++ .clusterfuzzlite/project.yaml | 1 + .github/workflows/cflite_pr.yml | 30 ++++++++++++++++++++++++++++++ 6 files changed, 72 insertions(+) create mode 100644 .clusterfuzzlite/Dockerfile create mode 100644 .clusterfuzzlite/README.md create mode 100644 .clusterfuzzlite/build.sh create mode 100644 .clusterfuzzlite/parse_fuzzer.c create mode 100644 .clusterfuzzlite/project.yaml create mode 100644 .github/workflows/cflite_pr.yml diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile new file mode 100644 index 0000000..6257dcd --- /dev/null +++ b/.clusterfuzzlite/Dockerfile @@ -0,0 +1,6 @@ +FROM gcr.io/oss-fuzz-base/base-builder +RUN apt-get update && apt-get install -y make autoconf automake libtool + +COPY . $SRC/csv_parser +COPY .clusterfuzzlite/build.sh $SRC/build.sh +WORKDIR $SRC/csv_parser \ No newline at end of file diff --git a/.clusterfuzzlite/README.md b/.clusterfuzzlite/README.md new file mode 100644 index 0000000..6461d7a --- /dev/null +++ b/.clusterfuzzlite/README.md @@ -0,0 +1,4 @@ +# ClusterFuzzLite set up + +This folder contains a fuzzing set for [ClusterFuzzLite](https://google.github.io/clusterfuzzlite). + \ No newline at end of file diff --git a/.clusterfuzzlite/build.sh b/.clusterfuzzlite/build.sh new file mode 100644 index 0000000..55085d2 --- /dev/null +++ b/.clusterfuzzlite/build.sh @@ -0,0 +1,8 @@ +#!/bin/bash -eu + +# Copy all fuzzer executables to $OUT/ +$CC $CFLAGS $LIB_FUZZING_ENGINE \ + $SRC/csv_parser/.clusterfuzzlite/parse_fuzzer.c \ + -o $OUT/parse_fuzzer \ + csv.c split.c fread_csv_line.c \ + -I$SRC/csv_parser diff --git a/.clusterfuzzlite/parse_fuzzer.c b/.clusterfuzzlite/parse_fuzzer.c new file mode 100644 index 0000000..1d209da --- /dev/null +++ b/.clusterfuzzlite/parse_fuzzer.c @@ -0,0 +1,23 @@ +#include +#include +#include +#include + +#include + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + char *new_str = (char *)malloc(size + 1); + if (new_str == NULL) { + return 0; + } + memcpy(new_str, data, size); + new_str[size] = '\0'; + + char **pstr = parse_csv(new_str); + if (pstr != NULL) { + free_csv_line(pstr); + } + + free(new_str); + return 0; +} \ No newline at end of file diff --git a/.clusterfuzzlite/project.yaml b/.clusterfuzzlite/project.yaml new file mode 100644 index 0000000..e196c5c --- /dev/null +++ b/.clusterfuzzlite/project.yaml @@ -0,0 +1 @@ +language: c \ No newline at end of file diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml new file mode 100644 index 0000000..04056ab --- /dev/null +++ b/.github/workflows/cflite_pr.yml @@ -0,0 +1,30 @@ +name: ClusterFuzzLite PR fuzzing +on: + workflow_dispatch: + pull_request: + branches: [ main ] +permissions: read-all +jobs: + PR: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + sanitizer: [address] + steps: + - name: Build Fuzzers (${{ matrix.sanitizer }}) + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + sanitizer: ${{ matrix.sanitizer }} + language: c + bad-build-check: false + - name: Run Fuzzers (${{ matrix.sanitizer }}) + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 100 + mode: 'code-change' + report-unreproducible-crashes: false + sanitizer: ${{ matrix.sanitizer }} From 59d603942627df92e4840caa33cd3ef3305f9253 Mon Sep 17 00:00:00 2001 From: David Korczynski Date: Sat, 23 Dec 2023 03:19:35 -0800 Subject: [PATCH 2/2] cflite: fix branch name Signed-off-by: David Korczynski --- .github/workflows/cflite_pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml index 04056ab..93de02a 100644 --- a/.github/workflows/cflite_pr.yml +++ b/.github/workflows/cflite_pr.yml @@ -2,7 +2,7 @@ name: ClusterFuzzLite PR fuzzing on: workflow_dispatch: pull_request: - branches: [ main ] + branches: [ master ] permissions: read-all jobs: PR: