diff options
author | Fabian Meumertzheim <fabian@meumertzhe.im> | 2021-09-29 17:43:40 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-09-29 10:43:40 -0500 |
commit | 5b4bd94235b9e02724b66d606c2c4ba789050b89 (patch) | |
tree | 9234eee803fd3c35d1f03dfaa1c1739caea3c43d | |
parent | ab547f18819b8a568dc9ce5c7dd1460fb87d56fc (diff) | |
download | oss-fuzz-5b4bd94235b9e02724b66d606c2c4ba789050b89.tar.gz |
[infra] Add block listed target name logic from ClusterFuzz (#6538)
* [infra] Add block listed target name logic from ClusterFuzz
-rw-r--r-- | infra/utils.py | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/infra/utils.py b/infra/utils.py index d991a285e..b11edf19b 100644 --- a/infra/utils.py +++ b/infra/utils.py @@ -25,7 +25,8 @@ import helper ALLOWED_FUZZ_TARGET_EXTENSIONS = ['', '.exe'] FUZZ_TARGET_SEARCH_STRING = 'LLVMFuzzerTestOneInput' -VALID_TARGET_NAME = re.compile(r'^[a-zA-Z0-9_-]+$') +VALID_TARGET_NAME_REGEX = re.compile(r'^[a-zA-Z0-9_-]+$') +BLOCKLISTED_TARGET_NAME_REGEX = re.compile(r'^(jazzer_driver.*)$') # Location of google cloud storage for latest OSS-Fuzz builds. GCS_BASE_URL = 'https://storage.googleapis.com/' @@ -118,11 +119,17 @@ def is_fuzz_target_local(file_path): Copied from clusterfuzz src/python/bot/fuzzers/utils.py with slight modifications. """ + # pylint: disable=too-many-return-statements filename, file_extension = os.path.splitext(os.path.basename(file_path)) - if not VALID_TARGET_NAME.match(filename): + if not VALID_TARGET_NAME_REGEX.match(filename): # Check fuzz target has a valid name (without any special chars). return False + if BLOCKLISTED_TARGET_NAME_REGEX.match(filename): + # Check fuzz target an explicitly disallowed name (e.g. binaries used for + # jazzer-based targets). + return False + if file_extension not in ALLOWED_FUZZ_TARGET_EXTENSIONS: # Ignore files with disallowed extensions (to prevent opening e.g. .zips). return False |