diff options
author | Chris Wolfe <chriswwolfe@gmail.com> | 2018-04-13 10:57:02 -0500 |
---|---|---|
committer | jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com> | 2018-04-13 08:57:02 -0700 |
commit | 0a46b4bffefae917f62988b4d9177464c192d8d9 (patch) | |
tree | 46128c91bb5d901898046ea29a0d3257cb3b91bc /projects/msgpack-c | |
parent | c757771dcc1e04975d0ab5566afcbd1c2cefafa4 (diff) | |
download | oss-fuzz-0a46b4bffefae917f62988b4d9177464c192d8d9.tar.gz |
Add msgpack-c (#1313)
Add fuzzer for pack and unpack functions
Diffstat (limited to 'projects/msgpack-c')
-rw-r--r-- | projects/msgpack-c/Dockerfile | 23 | ||||
-rwxr-xr-x | projects/msgpack-c/build.sh | 27 | ||||
-rw-r--r-- | projects/msgpack-c/project.yaml | 8 | ||||
-rw-r--r-- | projects/msgpack-c/unpack_pack_fuzzer.cc | 21 |
4 files changed, 79 insertions, 0 deletions
diff --git a/projects/msgpack-c/Dockerfile b/projects/msgpack-c/Dockerfile new file mode 100644 index 000000000..d92f00fdb --- /dev/null +++ b/projects/msgpack-c/Dockerfile @@ -0,0 +1,23 @@ +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder +MAINTAINER chriswwolfe@gmail.com +RUN apt-get update && apt-get install -y cmake +RUN git clone --depth 1 https://github.com/msgpack/msgpack-c.git msgpack-c +RUN git clone --depth 1 https://github.com/derwolfe/msgpack-corpora.git msgpack-corpora +WORKDIR msgpack-c +COPY build.sh unpack_pack_fuzzer.cc $SRC/ diff --git a/projects/msgpack-c/build.sh b/projects/msgpack-c/build.sh new file mode 100755 index 000000000..3a28125f1 --- /dev/null +++ b/projects/msgpack-c/build.sh @@ -0,0 +1,27 @@ +#!/bin/bash -eu +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +cmake -DCMAKE_C_COMPILER="$CC" -DCMAKE_CXX_COMPILER="$CXX" \ + -DCMAKE_C_FLAGS="$CFLAGS" -DCMAKE_CXX_FLAGS="$CXXFLAGS" \ + -DMSGPACK_CXX11=ON . +make -j$(nproc) all + +$CXX $CXXFLAGS -std=c++11 -Iinclude -I"$SRC/msgpack-c/include" \ + "$SRC/unpack_pack_fuzzer.cc" -o "$OUT/unpack_pack_fuzzer" \ + -lFuzzingEngine "$SRC/msgpack-c/libmsgpackc.a" + +zip -rj "$OUT/unpack_pack_fuzzer_seed_corpus.zip" "$SRC/msgpack-corpora/packed/" diff --git a/projects/msgpack-c/project.yaml b/projects/msgpack-c/project.yaml new file mode 100644 index 000000000..de292c53e --- /dev/null +++ b/projects/msgpack-c/project.yaml @@ -0,0 +1,8 @@ +homepage: "https://msgpack.org/" +primary_contact: "redboltz@gmail.com" +auto_ccs: + - chriswwolfe@gmail.com +sanitizers: + - address + - memory + - undefined diff --git a/projects/msgpack-c/unpack_pack_fuzzer.cc b/projects/msgpack-c/unpack_pack_fuzzer.cc new file mode 100644 index 000000000..7f967331d --- /dev/null +++ b/projects/msgpack-c/unpack_pack_fuzzer.cc @@ -0,0 +1,21 @@ +#include <msgpack.hpp> + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + try { + // NOTE(derwolfe): by default the limits are set at 2^32-1 length. I'm + // setting these at far smaller values to avoid OOMs + const int test_limit = 10000; + msgpack::object_handle unpacked = msgpack::unpack(reinterpret_cast<const char *>(data), + size, + nullptr, + nullptr, + msgpack::unpack_limit(test_limit, + test_limit, + test_limit, + test_limit)); + msgpack::sbuffer sbuf; + msgpack::pack(sbuf, unpacked.get()); + } catch (...) { + } + return 0; +} |