[json-c] Add project (#1123)

* Add a fuzzer for json_tokener_parse_ex. detect_leaks=0 * remove comments, add email * remove options file * free the object; the fuzzer was responsible for the leak * remove control characters * make the dict match the fuzzer for the convention to load the dict * decl and use * fix signature, reinterpret * add hawicz's email
2018-02-01 09:19:28 -06:00 · 2018-02-01 09:19:28 -06:00 · 31b00466ff
parent 92152969c5
commit 31b00466ff
5 changed files with 87 additions and 0 deletions
--- a/projects/json-c/Dockerfile
+++ b/projects/json-c/Dockerfile
@ -0,0 +1,22 @@
+# Copyright 2018 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER chriswwolfe@gmail.com
+RUN apt-get update && apt-get install -y make autoconf automake libtool
+RUN git clone --depth 1 https://github.com/json-c/json-c.git json-c
+WORKDIR json-c
+COPY build.sh *.cc *.dict $SRC/
--- a/projects/json-c/build.sh
+++ b/projects/json-c/build.sh
@ -0,0 +1,30 @@
+#!/bin/bash -eu
+# Copyright 2018 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+./autogen.sh
+./configure --enable-static --disable-shared
+make -j$(nproc) all
+ar rc json_c.a *.o
+
+cp $SRC/*.dict $OUT/
+
+for f in $SRC/*_fuzzer.cc; do
+    fuzzer=$(basename "$f" _fuzzer.cc)
+    $CXX $CXXFLAGS -std=c++11 -I$SRC/json-c \
+         $SRC/${fuzzer}_fuzzer.cc -o $OUT/${fuzzer}_fuzzer \
+         -lFuzzingEngine $SRC/json-c/json_c.a
+done
--- a/projects/json-c/project.yaml
+++ b/projects/json-c/project.yaml
@ -0,0 +1,4 @@
+homepage: "https://json-c.github.io/json-c/"
+primary_contact: "erh+git@nimenees.com"
+auto_ccs:
+  - "chriswwolfe@gmail.com"
--- a/projects/json-c/tokener_parse_ex_fuzzer.cc
+++ b/projects/json-c/tokener_parse_ex_fuzzer.cc
@ -0,0 +1,13 @@
+#include <stdint.h>
+
+#include <json.h>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  const char *data1 = reinterpret_cast<const char *>(data);
+  json_tokener *tok = json_tokener_new();
+  json_object *obj = json_tokener_parse_ex(tok, data1, size);
+
+  json_object_put(obj);
+  json_tokener_free(tok);
+  return 0;
+}
--- a/projects/json-c/tokener_parse_ex_fuzzer.dict
+++ b/projects/json-c/tokener_parse_ex_fuzzer.dict
@ -0,0 +1,18 @@
+"{"
+"}"
+","
+"["
+"]"
+","
+":"
+"e"
+"e+"
+"e-"
+"E"
+"E+"
+"E-"
+"\""
+"null"
+"1"
+"1.234"
+"3e4"