libxml2 build

2016-08-30 15:30:53 -07:00 · 2016-08-30 15:30:53 -07:00 · 55017ab56b
parent af9368ffd1
commit 55017ab56b
8 changed files with 202 additions and 0 deletions
--- a/libxml2/Dockerfile
+++ b/libxml2/Dockerfile
@ -0,0 +1,21 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM ossfuzz/base-libfuzzer
+MAINTAINER ochang@chromium.org
+RUN apt-get install -y make autoconf automake libtool
+
+CMD /src/oss-fuzz/libxml2/build.sh
--- a/libxml2/Jenkinsfile
+++ b/libxml2/Jenkinsfile
@ -0,0 +1,22 @@
+// Copyright 2016 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+def libfuzzerBuild = fileLoader.fromGit('infra/libfuzzer-pipeline.groovy',
+        'https://github.com/google/oss-fuzz.git', 'master', null, '')
+
+libfuzzerBuild {
+  git = "git://git.gnome.org/libxml2"
+}
--- a/libxml2/build.sh
+++ b/libxml2/build.sh
@ -0,0 +1,11 @@
+#!/bin/bash -eu
+cd /src/libxml2
+
+./configure
+make clean all
+
+for fuzzer in libxml2_xml_read_memory_fuzzer libxml2_xml_regexp_compile_fuzzer; do
+  $CXX $CXXFLAGS -std=c++11 -Iinclude/ \
+      /src/oss-fuzz/libxml2/$fuzzer.cc -o /out/$fuzzer \
+      /work/libfuzzer/*.o .libs/libxml2.a $LDFLAGS
+done
--- a/libxml2/libxml2_xml_read_memory_fuzzer.cc
+++ b/libxml2/libxml2_xml_read_memory_fuzzer.cc
@ -0,0 +1,23 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include "libxml/parser.h"
+
+void ignore (void* ctx, const char* msg, ...) {
+  // Error handler to avoid spam of error messages from libxml parser.
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  xmlSetGenericErrorFunc(NULL, &ignore);
+
+  if (auto doc = xmlReadMemory(reinterpret_cast<const char*>(data),
+                               static_cast<int>(size), "noname.xml", NULL, 0)) {
+    xmlFreeDoc(doc);
+  }
+
+  return 0;
+}
--- a/libxml2/libxml2_xml_read_memory_fuzzer.options
+++ b/libxml2/libxml2_xml_read_memory_fuzzer.options
@ -0,0 +1,2 @@
+[libfuzzer]
+dict = xml.dict
--- a/libxml2/libxml2_xml_regexp_compile_fuzzer.cc
+++ b/libxml2/libxml2_xml_regexp_compile_fuzzer.cc
@ -0,0 +1,34 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include <algorithm>
+#include <string>
+#include <vector>
+
+#include "libxml/parser.h"
+#include "libxml/tree.h"
+#include "libxml/xmlversion.h"
+
+
+void ignore (void * ctx, const char * msg, ...) {
+  // Error handler to avoid spam of error messages from libxml parser.
+}
+
+
+// Entry point for LibFuzzer.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  xmlSetGenericErrorFunc(NULL, &ignore);
+
+  std::vector<uint8_t> buffer(size + 1, 0);
+  std::copy(data, data + size, buffer.data());
+
+  xmlRegexpPtr x = xmlRegexpCompile(buffer.data());
+  if (x)
+    xmlRegFreeRegexp(x);
+
+  return 0;
+}
--- a/libxml2/libxml2_xml_regexp_compile_fuzzer.options
+++ b/libxml2/libxml2_xml_regexp_compile_fuzzer.options
@ -0,0 +1,2 @@
+[libfuzzer]
+dict = xml.dict
--- a/libxml2/xml.dict
+++ b/libxml2/xml.dict
@ -0,0 +1,87 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+#
+# AFL dictionary for XML
+# ----------------------
+#
+# Several basic syntax elements and attributes, modeled on libxml2.
+#
+# Created by Michal Zalewski <lcamtuf@google.com>
+#
+
+attr_encoding=" encoding=\"1\""
+attr_generic=" a=\"1\""
+attr_href=" href=\"1\""
+attr_standalone=" standalone=\"no\""
+attr_version=" version=\"1\""
+attr_xml_base=" xml:base=\"1\""
+attr_xml_id=" xml:id=\"1\""
+attr_xml_lang=" xml:lang=\"1\""
+attr_xml_space=" xml:space=\"1\""
+attr_xmlns=" xmlns=\"1\""
+
+entity_builtin="&lt;"
+entity_decimal="&#1;"
+entity_external="&a;"
+entity_hex="&#x1;"
+
+string_any="ANY"
+string_brackets="[]"
+string_cdata="CDATA"
+string_col_fallback=":fallback"
+string_col_generic=":a"
+string_col_include=":include"
+string_dashes="--"
+string_empty="EMPTY"
+string_empty_dblquotes="\"\""
+string_empty_quotes="''"
+string_entities="ENTITIES"
+string_entity="ENTITY"
+string_fixed="#FIXED"
+string_id="ID"
+string_idref="IDREF"
+string_idrefs="IDREFS"
+string_implied="#IMPLIED"
+string_nmtoken="NMTOKEN"
+string_nmtokens="NMTOKENS"
+string_notation="NOTATION"
+string_parentheses="()"
+string_pcdata="#PCDATA"
+string_percent="%a"
+string_public="PUBLIC"
+string_required="#REQUIRED"
+string_schema=":schema"
+string_system="SYSTEM"
+string_ucs4="UCS-4"
+string_utf16="UTF-16"
+string_utf8="UTF-8"
+string_xmlns="xmlns:"
+
+tag_attlist="<!ATTLIST"
+tag_cdata="<![CDATA["
+tag_close="</a>"
+tag_doctype="<!DOCTYPE"
+tag_element="<!ELEMENT"
+tag_entity="<!ENTITY"
+tag_ignore="<![IGNORE["
+tag_include="<![INCLUDE["
+tag_notation="<!NOTATION"
+tag_open="<a>"
+tag_open_close="<a />"
+tag_open_exclamation="<!"
+tag_open_q="<?"
+tag_sq2_close="]]>"
+tag_xml_q="<?xml?>"