add boost/regex fuzzer (#851)

4 files changed, 77 insertions, 0 deletions

diff --git a/projects/boost/Dockerfile b/projects/boost/Dockerfile
new file mode 100644
index 000000000..9812def2a
--- /dev/null
+++ b/projects/boost/Dockerfile
@@ -0,0 +1,26 @@
+# Copyright 2017 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+RUN apt-get update && apt-get install -y g++
+
+RUN git clone --recursive https://github.com/boostorg/boost.git
+WORKDIR boost
+# This bootstrap boost with the g++ toolchain.
+# The actual build will need to use CXX/CXXFLAGS provided by OSS-Fuzz.
+RUN ./bootstrap.sh && ./b2 headers
+# Preferably, move boost_regex_fuzzer.cc to the boost repository.
+COPY build.sh boost_regex_fuzzer.cc $SRC/
diff --git a/projects/boost/boost_regex_fuzzer.cc b/projects/boost/boost_regex_fuzzer.cc
new file mode 100644
index 000000000..35feb6c20
--- /dev/null
+++ b/projects/boost/boost_regex_fuzzer.cc
@@ -0,0 +1,16 @@
+// From https://svn.boost.org/trac10/ticket/12818
+// This fuzz target can likely be enhanced to exercise more code.
+// The ideal place for this fuzz target is the bost repository.
+#include <boost/regex.hpp>
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  try {
+    std::string str((char *)Data, Size);
+    boost::regex e(str);
+    boost::match_results<std::string::const_iterator> what;
+    boost::regex_match(str, what, e,
+                       boost::match_default | boost::match_partial);
+
+  } catch (const std::exception &) {
+  }
+  return 0;
+}
diff --git a/projects/boost/build.sh b/projects/boost/build.sh
new file mode 100755
index 000000000..568a10f77
--- /dev/null
+++ b/projects/boost/build.sh
@@ -0,0 +1,26 @@
+#!/bin/bash -eu
+# Copyright 2017 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+
+# Very simple build rule, but sufficient here.
+$CXX $CXXFLAGS -I . ../boost_regex_fuzzer.cc libs/regex/src/*.cpp $LIB_FUZZING_ENGINE -o boost_regex_fuzzer
+
+# Copy the fuzzer executables, zip-ed corpora, option and dictionary files to $OUT
+find . -name '*_fuzzer' -exec cp -v '{}' $OUT ';'
+# find . -name '*_fuzzer.dict' -exec cp -v '{}' $OUT ';'     # If you have dictionaries.
+# find . -name '*_fuzzer.options' -exec cp -v '{}' $OUT ';'  # If you have custom options.
+# find . -name '*_fuzzer_seed_corpus.zip' -exec cp -v '{}' $OUT ';' # If you have seed corpora (you better have them!)
diff --git a/projects/boost/project.yaml b/projects/boost/project.yaml
new file mode 100644
index 000000000..13e2cd8b5
--- /dev/null
+++ b/projects/boost/project.yaml
@@ -0,0 +1,9 @@
+homepage: "http://www.boost.org/"
+
+# TODO: add actual boost maintainers here.
+# Provide the e-mail for the primary contact and others:
+# Un-comment the below lines to make auto-cc work.
+# primary_contact: "primary-my-api-maintainer@example.com"
+# auto_ccs:  
+#   - "secondary-my-api-maintainer@example.com"
+#   - "tertiary-my-api-maintainer@example.com"