diff options
| author | Google AutoFuzz Team <security-tps@google.com> | 2020-12-29 19:35:13 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-29 10:35:13 -0800 |
| commit | 234a82a6d26561dc90681a9e76c1fab1ba06b1e3 (patch) | |
| tree | fed328c4055ed546e7be84e47c9fa7bbfbb1b81c /projects | |
| parent | 8b6b21e39137f96b6587f8866a1c66adf49c3cfc (diff) | |
| download | oss-fuzz-234a82a6d26561dc90681a9e76c1fab1ba06b1e3.tar.gz | |
Add a fuzzer for scapy (#4897)
* Add a fuzzer for scapy
* Add a properâ„¢ contact for scapy's fuzzer
* Fix wrapper to match docs (for symbolization)
Co-authored-by: Abhishek Arya <inferno@chromium.org>
Diffstat (limited to 'projects')
| -rw-r--r-- | projects/scapy/Dockerfile | 26 | ||||
| -rw-r--r-- | projects/scapy/build.sh | 36 | ||||
| -rw-r--r-- | projects/scapy/pcap_fuzzer.py | 39 | ||||
| -rw-r--r-- | projects/scapy/project.yaml | 12 |
4 files changed, 113 insertions, 0 deletions
diff --git a/projects/scapy/Dockerfile b/projects/scapy/Dockerfile new file mode 100644 index 000000000..6631b327e --- /dev/null +++ b/projects/scapy/Dockerfile @@ -0,0 +1,26 @@ +# Copyright 2019 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder + +RUN git clone \ + --depth 1 \ + --branch master \ + https://github.com/secdev/scapy.git + +WORKDIR scapy + +COPY build.sh pcap_fuzzer.py $SRC/ diff --git a/projects/scapy/build.sh b/projects/scapy/build.sh new file mode 100644 index 000000000..b3270da76 --- /dev/null +++ b/projects/scapy/build.sh @@ -0,0 +1,36 @@ +#!/bin/bash -eu +# Copyright 2020 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +# Build and install project (using current CFLAGS, CXXFLAGS). +pip3 install . + +# Build fuzzers in $OUT. +for fuzzer in $(find $SRC -name '*_fuzzer.py'); do + fuzzer_basename=$(basename -s .py $fuzzer) + fuzzer_package=${fuzzer_basename}.pkg + pyinstaller --distpath $OUT --onefile --name $fuzzer_package $fuzzer + + # Create execution wrapper. + echo "#!/bin/sh +# LLVMFuzzerTestOneInput for fuzzer detection. +this_dir=\$(dirname \"\$0\") +ASAN_OPTIONS=\$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=\$this_dir/llvm-symbolizer:detect_leaks=0 \ +\$this_dir/$fuzzer_package \$@" > $OUT/$fuzzer_basename + chmod u+x $OUT/$fuzzer_basename +done + +zip -j $OUT/pcap_fuzzer_seed_corpus.zip test/pcaps/* diff --git a/projects/scapy/pcap_fuzzer.py b/projects/scapy/pcap_fuzzer.py new file mode 100644 index 000000000..aaf1f5ffb --- /dev/null +++ b/projects/scapy/pcap_fuzzer.py @@ -0,0 +1,39 @@ +#!/usr/bin/python3 + +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import io +import sys +import atheris + +import scapy +import scapy.error +import scapy.utils + + +def TestOneInput(input_bytes): + try: + scapy.utils.rdpcap(io.BytesIO(input_bytes)) + except scapy.error.Scapy_Exception: + pass + + +def main(): + atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) + atheris.Fuzz() + + +if __name__ == "__main__": + main() diff --git a/projects/scapy/project.yaml b/projects/scapy/project.yaml new file mode 100644 index 000000000..2ac7a6390 --- /dev/null +++ b/projects/scapy/project.yaml @@ -0,0 +1,12 @@ +homepage: "https://scapy.net" +main_repo: "https://github.com/secdev/scapy" +language: python +primary_contact: "guillaume@valadon.net" +auto_ccs: + - "jvoisin@google.com" + - "ipudney@google.com" +fuzzing_engines: + - libfuzzer +sanitizers: + - address + - undefined |