From 7d2d694e36c37433c3024f1050807a9882049688 Mon Sep 17 00:00:00 2001 From: Zied Aouini Date: Wed, 17 Aug 2022 18:27:05 +0200 Subject: [PATCH] [nfstream] Initiate fuzzing on nfstream project. (#8210) --- projects/nfstream/Dockerfile | 24 ++++++++++++++++++ projects/nfstream/build.sh | 26 ++++++++++++++++++++ projects/nfstream/pcap_fuzzer.py | 42 ++++++++++++++++++++++++++++++++ projects/nfstream/project.yaml | 1 - 4 files changed, 92 insertions(+), 1 deletion(-) create mode 100644 projects/nfstream/Dockerfile create mode 100644 projects/nfstream/build.sh create mode 100644 projects/nfstream/pcap_fuzzer.py diff --git a/projects/nfstream/Dockerfile b/projects/nfstream/Dockerfile new file mode 100644 index 000000000..a9f11f98f --- /dev/null +++ b/projects/nfstream/Dockerfile @@ -0,0 +1,24 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder-python +RUN apt-get update +RUN apt-get install -y python3-dev autoconf automake libtool pkg-config flex bison gettext libjson-c-dev libpcap-dev +RUN apt-get install -y libusb-1.0-0-dev libdbus-glib-1-dev libbluetooth-dev libnl-genl-3-dev libffi-dev python-dev +RUN python3 -m pip install --upgrade pip +RUN git clone --recurse-submodules https://github.com/nfstream/nfstream.git +WORKDIR nfstream +COPY build.sh *.py $SRC/ diff --git a/projects/nfstream/build.sh b/projects/nfstream/build.sh new file mode 100644 index 000000000..8c85e8028 --- /dev/null +++ b/projects/nfstream/build.sh @@ -0,0 +1,26 @@ +#!/bin/bash -eu +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +python3 -m pip install -U -r dev_requirements.txt +python3 prepare.py +python3 -m pip install -U . + +# Build fuzzers in $OUT. +for fuzzer in $(find $SRC -name '*_fuzzer.py'); do + compile_python_fuzzer $fuzzer --hidden-import=_cffi_backend +done + +zip -j $OUT/pcap_fuzzer_seed_corpus.zip tests/pcaps/* diff --git a/projects/nfstream/pcap_fuzzer.py b/projects/nfstream/pcap_fuzzer.py new file mode 100644 index 000000000..b9b50eb56 --- /dev/null +++ b/projects/nfstream/pcap_fuzzer.py @@ -0,0 +1,42 @@ +#!/usr/bin/python3 + +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import sys +import atheris + +with atheris.instrument_imports(): + import io + from nfstream import NFStreamer + + +def TestOneInput(input_bytes): + with open('fuzz_one_input.pcap', 'wb') as w: + # Save it as binary file with .pcap extension + w.write(io.BytesIO(input_bytes).read()) + try: + for _ in NFStreamer(source="fuzz_one_input.pcap"): + pass + except (ValueError, TypeError): + pass + + +def main(): + atheris.Setup(sys.argv, TestOneInput) + atheris.Fuzz() + + +if __name__ == "__main__": + main() diff --git a/projects/nfstream/project.yaml b/projects/nfstream/project.yaml index d43611959..af863b6a6 100644 --- a/projects/nfstream/project.yaml +++ b/projects/nfstream/project.yaml @@ -8,5 +8,4 @@ fuzzing_engines: sanitizers: - address - undefined - - memory main_repo: 'https://github.com/nfstream/nfstream'