Add the libyaml fuzzer (#115)

* libyaml fuzzer

* Update for new modern conventions

* added seed corpus

* added a dictionary

* mark myself as the primary contact

* Rename

* --depth on git clone

* rename

* consistency

* Other URL is better

projects/libyaml/Dockerfile

@@ -0,0 +1,25 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM ossfuzz/base-libfuzzer
+MAINTAINER alex.gaynor@gmail.com
+RUN apt-get install -y make autoconf automake libtool
+
+RUN git clone --depth=1 https://github.com/yaml/libyaml
+RUN zip libyaml_fuzzer_seed_corpus.zip libyaml/examples/*
+
+WORKDIR libyaml
+COPY build.sh libyaml_fuzzer.cc libyaml_fuzzer.options yaml.dict $SRC/

projects/libyaml/build.sh

@@ -0,0 +1,29 @@
+#!/bin/bash -eu
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+cd libyaml
+
+./bootstrap
+./configure
+make "-j$(nproc)"
+
+$CXX $CXXFLAGS -std=c++11 -Iinclude \
+    $SRC/libyaml_fuzzer.cc -o $OUT/libyaml_fuzzer \
+    -lfuzzer src/.libs/libyaml.a $FUZZER_LDFLAGS
+
+cp $SRC/libyaml_fuzzer_seed_corpus.zip $OUT/
+cp $SRC/*.dict $SRC/*.options $OUT/

projects/libyaml/libyaml_fuzzer.cc

@@ -0,0 +1,21 @@
+#include <stdint.h>
+
+#include <yaml.h>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+    yaml_parser_t parser;
+    yaml_parser_initialize(&parser);
+    yaml_parser_set_input_string(&parser, data, size);
+
+    int done = 0;
+    while (!done) {
+        yaml_event_t event;
+        if (!yaml_parser_parse(&parser, &event)) {
+            break;
+        }
+        done = (event.type == YAML_STREAM_END_EVENT);
+        yaml_event_delete(&event);
+    }
+    yaml_parser_delete(&parser);
+    return 0;
+}

projects/libyaml/libyaml_fuzzer.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+dict = yaml.dict

projects/libyaml/yaml.dict

@@ -0,0 +1,18 @@
+"["
+"]"
+"{"
+"}"
+"-"
+","
+"&"
+"<<"
+":"
+"|"
+"!!"
+">"
+"\""
+"'"
+
+integer="123"
+float="12.5"
+mantissa="1.3e+9"