diff --git a/projects/glib/Dockerfile b/projects/glib/Dockerfile new file mode 100644 index 000000000..d99d85ae9 --- /dev/null +++ b/projects/glib/Dockerfile @@ -0,0 +1,24 @@ +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder +MAINTAINER pdknsk@gmail.com +RUN apt-get update && \ + apt-get install -y autoconf libtool ninja-build python3-pip +RUN pip3 install -U meson +RUN git clone https://gitlab.gnome.org/GNOME/glib +WORKDIR glib +COPY build.sh fuzz.options fuzz_bookmark.c fuzz_markup.c fuzz_key.c $SRC/ diff --git a/projects/glib/build.sh b/projects/glib/build.sh new file mode 100755 index 000000000..d89c8f029 --- /dev/null +++ b/projects/glib/build.sh @@ -0,0 +1,52 @@ +#!/bin/bash -eu +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +BUILD=$WORK/meson + +rm -rf $BUILD +mkdir $BUILD + +meson $BUILD \ + -Ddefault_library=static \ + -Dlibmount=false \ + -Dselinux=false + +ninja -C $BUILD + +$CC $CFLAGS -I. -Iglib -I$BUILD/glib -c $SRC/fuzz_markup.c +$CXX $CXXFLAGS -lFuzzingEngine \ + fuzz_markup.o -o $OUT/fuzz_markup \ + $BUILD/glib/libglib-2.0.a $BUILD/glib/libcharset/libcharset.a +cp $SRC/fuzz.options $OUT/fuzz_markup.options +find glib/tests -type f -size -32k -name "*.gmarkup" \ + -exec zip -qju $OUT/fuzz_markup_seed_corpus.zip "{}" \; + +$CC $CFLAGS -I. -Iglib -I$BUILD/glib -c $SRC/fuzz_bookmark.c +$CXX $CXXFLAGS -lFuzzingEngine \ + fuzz_bookmark.o -o $OUT/fuzz_bookmark \ + $BUILD/glib/libglib-2.0.a $BUILD/glib/libcharset/libcharset.a +cp $SRC/fuzz.options $OUT/fuzz_bookmark.options +find glib/tests -type f -size -32k -name "*.xbel" \ + -exec zip -qju $OUT/fuzz_bookmark_seed_corpus.zip "{}" \; + +$CC $CFLAGS -I. -Iglib -I$BUILD/glib -c $SRC/fuzz_key.c +$CXX $CXXFLAGS -lFuzzingEngine \ + fuzz_key.o -o $OUT/fuzz_key \ + $BUILD/glib/libglib-2.0.a $BUILD/glib/libcharset/libcharset.a +cp $SRC/fuzz.options $OUT/fuzz_key.options +find glib/tests -type f -size -32k -name "*.ini" \ + -exec zip -qju $OUT/fuzz_key_seed_corpus.zip "{}" \; diff --git a/projects/glib/fuzz.options b/projects/glib/fuzz.options new file mode 100644 index 000000000..7ca5e76f5 --- /dev/null +++ b/projects/glib/fuzz.options @@ -0,0 +1,2 @@ +[libfuzzer] +close_fd_mask = 2 diff --git a/projects/glib/fuzz_bookmark.c b/projects/glib/fuzz_bookmark.c new file mode 100644 index 000000000..1b14a1d66 --- /dev/null +++ b/projects/glib/fuzz_bookmark.c @@ -0,0 +1,8 @@ +#include "glib/glib.h" +#include + +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + g_autoptr(GBookmarkFile) bookmarkfile = g_bookmark_file_new(); + g_bookmark_file_load_from_data(bookmarkfile, (const gchar*)data, size, NULL); + return 0; +} diff --git a/projects/glib/fuzz_key.c b/projects/glib/fuzz_key.c new file mode 100644 index 000000000..839ab9de2 --- /dev/null +++ b/projects/glib/fuzz_key.c @@ -0,0 +1,8 @@ +#include "glib/glib.h" +#include + +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + g_autoptr(GKeyFile) keyfile = g_key_file_new(); + g_key_file_load_from_data(keyfile, (const gchar*)data, size, 0, NULL); + return 0; +} diff --git a/projects/glib/fuzz_markup.c b/projects/glib/fuzz_markup.c new file mode 100644 index 000000000..d2342f134 --- /dev/null +++ b/projects/glib/fuzz_markup.c @@ -0,0 +1,33 @@ +#include +#include "glib/glib.h" + +static GMarkupParser parser = { + NULL, NULL, NULL, NULL, NULL, +}; + +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + g_autoptr(GMarkupParseContext) ctx = + g_markup_parse_context_new(&parser, 0, NULL, NULL); + + // Parses incrementally in chunks. + + const uint8_t* new_data = data; + size_t new_size = (size % 0x200) + 1; + + while (1) { + if (new_data + new_size > data + size) + new_size = data + size - new_data; + if (!g_markup_parse_context_parse( + ctx, (const gchar*)new_data, new_size, NULL)) { + break; + } + if (!new_size) { + g_markup_parse_context_end_parse(ctx, NULL); + break; + } + new_data += new_size; + new_size += size % 0x10; + } + + return 0; +} diff --git a/projects/glib/project.yaml b/projects/glib/project.yaml new file mode 100644 index 000000000..2e5ec1f38 --- /dev/null +++ b/projects/glib/project.yaml @@ -0,0 +1,8 @@ +homepage: "https://gitlab.gnome.org/GNOME/glib" +primary_contact: "bugzilla@tecnocode.co.uk" +auto_ccs: +- philip.withnall@gmail.com +sanitizers: +- address +- undefined +- memory