[GLib] Integration (#1670)

2018-08-01 17:29:28 +02:00 · 2018-08-01 17:29:28 +02:00 · 1d5bb6c78a
parent 5a2033f846
commit 1d5bb6c78a
7 changed files with 135 additions and 0 deletions
--- a/projects/glib/Dockerfile
+++ b/projects/glib/Dockerfile
@ -0,0 +1,24 @@
+# Copyright 2018 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER pdknsk@gmail.com
+RUN apt-get update && \
+    apt-get install -y autoconf libtool ninja-build python3-pip
+RUN pip3 install -U meson
+RUN git clone https://gitlab.gnome.org/GNOME/glib
+WORKDIR glib
+COPY build.sh fuzz.options fuzz_bookmark.c fuzz_markup.c fuzz_key.c $SRC/
--- a/projects/glib/build.sh
+++ b/projects/glib/build.sh
@ -0,0 +1,52 @@
+#!/bin/bash -eu
+# Copyright 2018 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+BUILD=$WORK/meson
+
+rm -rf $BUILD
+mkdir $BUILD
+
+meson $BUILD \
+  -Ddefault_library=static \
+  -Dlibmount=false \
+  -Dselinux=false
+
+ninja -C $BUILD
+
+$CC $CFLAGS -I. -Iglib -I$BUILD/glib -c $SRC/fuzz_markup.c
+$CXX $CXXFLAGS -lFuzzingEngine \
+  fuzz_markup.o -o $OUT/fuzz_markup \
+  $BUILD/glib/libglib-2.0.a $BUILD/glib/libcharset/libcharset.a
+cp $SRC/fuzz.options $OUT/fuzz_markup.options
+find glib/tests -type f -size -32k -name "*.gmarkup" \
+  -exec zip -qju $OUT/fuzz_markup_seed_corpus.zip "{}" \;
+
+$CC $CFLAGS -I. -Iglib -I$BUILD/glib -c $SRC/fuzz_bookmark.c
+$CXX $CXXFLAGS -lFuzzingEngine \
+  fuzz_bookmark.o -o $OUT/fuzz_bookmark \
+  $BUILD/glib/libglib-2.0.a $BUILD/glib/libcharset/libcharset.a
+cp $SRC/fuzz.options $OUT/fuzz_bookmark.options
+find glib/tests -type f -size -32k -name "*.xbel" \
+  -exec zip -qju $OUT/fuzz_bookmark_seed_corpus.zip "{}" \;
+
+$CC $CFLAGS -I. -Iglib -I$BUILD/glib -c $SRC/fuzz_key.c
+$CXX $CXXFLAGS -lFuzzingEngine \
+  fuzz_key.o -o $OUT/fuzz_key \
+  $BUILD/glib/libglib-2.0.a $BUILD/glib/libcharset/libcharset.a
+cp $SRC/fuzz.options $OUT/fuzz_key.options
+find glib/tests -type f -size -32k -name "*.ini" \
+  -exec zip -qju $OUT/fuzz_key_seed_corpus.zip "{}" \;
--- a/projects/glib/fuzz.options
+++ b/projects/glib/fuzz.options
@ -0,0 +1,2 @@
+[libfuzzer]
+close_fd_mask = 2
--- a/projects/glib/fuzz_bookmark.c
+++ b/projects/glib/fuzz_bookmark.c
@ -0,0 +1,8 @@
+#include "glib/glib.h"
+#include <stdint.h>
+
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  g_autoptr(GBookmarkFile) bookmarkfile = g_bookmark_file_new();
+  g_bookmark_file_load_from_data(bookmarkfile, (const gchar*)data, size, NULL);
+  return 0;
+}
--- a/projects/glib/fuzz_key.c
+++ b/projects/glib/fuzz_key.c
@ -0,0 +1,8 @@
+#include "glib/glib.h"
+#include <stdint.h>
+
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  g_autoptr(GKeyFile) keyfile = g_key_file_new();
+  g_key_file_load_from_data(keyfile, (const gchar*)data, size, 0, NULL);
+  return 0;
+}
--- a/projects/glib/fuzz_markup.c
+++ b/projects/glib/fuzz_markup.c
@ -0,0 +1,33 @@
+#include <stdint.h>
+#include "glib/glib.h"
+
+static GMarkupParser parser = {
+    NULL, NULL, NULL, NULL, NULL,
+};
+
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  g_autoptr(GMarkupParseContext) ctx =
+      g_markup_parse_context_new(&parser, 0, NULL, NULL);
+
+  // Parses incrementally in chunks.
+
+  const uint8_t* new_data = data;
+  size_t new_size = (size % 0x200) + 1;
+
+  while (1) {
+    if (new_data + new_size > data + size)
+      new_size = data + size - new_data;
+    if (!g_markup_parse_context_parse(
+        ctx, (const gchar*)new_data, new_size, NULL)) {
+      break;
+    }
+    if (!new_size) {
+      g_markup_parse_context_end_parse(ctx, NULL);
+      break;
+    }
+    new_data += new_size;
+    new_size += size % 0x10;
+  }
+
+  return 0;
+}
--- a/projects/glib/project.yaml
+++ b/projects/glib/project.yaml
@ -0,0 +1,8 @@
+homepage: "https://gitlab.gnome.org/GNOME/glib"
+primary_contact: "bugzilla@tecnocode.co.uk"
+auto_ccs:
+- philip.withnall@gmail.com
+sanitizers:
+- address
+- undefined
+- memory