mirror of https://github.com/google/oss-fuzz.git
[cups] Migrate harness to upstream OpenPrinting project (#12036)
The OpenPrinting project under the Linux Foundation has initiated the [OpenPrinting fuzzing](https://github.com/OpenPrinting/fuzzing) repository to officially maintain OSS-Fuzz testing tasks. This PR includes following updates: 1. Migration of the existing CUPS fuzzing harness to the upstream OpenPrinting/fuzzing project. 2. Updated of CUPS mailing contact list and configuration setting. All harness building related changes has been locally tested and verified. We deeply appreciate the contributions from @pkillarjun for his initial integration of the CUPS project into OSS-Fuzz and his support during this migration. However, OpenPrinting has decided to move the corpus, fuzzing harnesses, and build scripts into the repository under its organisation and maintainance. In addition, the bug reports will be firstly processed by OpenPrinting's security team and not by the initial contributor, who is not part of the organisation. These two measures will minimise the security risks and still maintaining the ability of open source fellows to participate in the development. CC @tillkamppeter @iosifache --------- Signed-off-by: TTFISH <jiongchiyu@gmail.com>
This commit is contained in:
TTFISH
GitHub
parent
2d32108e21
commit
83f38e71b3
|
|
@ -14,9 +14,9 @@
|
|||
#
|
||||
################################################################################
|
||||
FROM gcr.io/oss-fuzz-base/base-builder
|
||||
RUN apt-get update && apt-get install -y autoconf libtool-bin pkg-config zlib1g-dev libavahi-client-dev libsystemd-dev
|
||||
RUN apt-get update && apt-get install -y zlib1g-dev libavahi-client-dev libsystemd-dev
|
||||
RUN git clone --depth 1 https://github.com/OpenPrinting/cups
|
||||
RUN git clone https://github.com/pkillarjun/oss-fuzz-bloat
|
||||
RUN git clone --depth 1 https://github.com/OpenPrinting/fuzzing.git
|
||||
|
||||
COPY build.sh $SRC/
|
||||
COPY fuzzer $SRC/cups/fuzzer/
|
||||
WORKDIR $SRC/cups/
|
||||
WORKDIR $SRC/cups
|
||||
|
|
@ -14,22 +14,5 @@
|
|||
# limitations under the License.
|
||||
#
|
||||
################################################################################
|
||||
export CFLAGS="$CFLAGS -fPIE"
|
||||
export CXXFLAGS="$CFLAGS -fPIE"
|
||||
export LDFLAGS="$CFLAGS -fPIE"
|
||||
|
||||
./configure --enable-static --disable-shared
|
||||
make
|
||||
|
||||
pushd fuzzer/
|
||||
make
|
||||
cp FuzzCUPS $OUT/FuzzCUPS
|
||||
cp FuzzIPP $OUT/FuzzIPP
|
||||
cp FuzzRaster $OUT/FuzzRaster
|
||||
popd
|
||||
|
||||
pushd $SRC/oss-fuzz-bloat/cups
|
||||
cp FuzzCUPS_seed_corpus.zip $OUT/FuzzCUPS_seed_corpus.zip
|
||||
cp FuzzIPP_seed_corpus.zip $OUT/FuzzIPP_seed_corpus.zip
|
||||
cp FuzzRaster_seed_corpus.zip $OUT/FuzzRaster_seed_corpus.zip
|
||||
popd
|
||||
$SRC/fuzzing/cups/oss_fuzz_build.sh
|
||||
|
|
|
|||
|
|
@ -1,49 +0,0 @@
|
|||
/* Copyright 2022 Google LLC
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
#undef _CUPS_NO_DEPRECATED
|
||||
#include "cups-private.h"
|
||||
#include "ppd-private.h"
|
||||
#include "raster-private.h"
|
||||
#include <sys/stat.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <math.h>
|
||||
|
||||
#define kMinInputLength 10
|
||||
#define kMaxInputLength 10240
|
||||
|
||||
extern int
|
||||
LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
|
||||
{/*cups/cups/testppd.c*/
|
||||
|
||||
if (Size < kMinInputLength || Size > kMaxInputLength){
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*Add Null byte*/
|
||||
char *DataFx;
|
||||
size_t SizeFx = Size+1;
|
||||
DataFx = (char *)calloc(SizeFx,sizeof(char));
|
||||
memcpy((void *)DataFx,(void *)Data,Size);
|
||||
|
||||
int preferred_bits;
|
||||
cups_page_header2_t header;
|
||||
|
||||
memset(&header, 0, sizeof(header));
|
||||
header.Collate = CUPS_TRUE;
|
||||
preferred_bits = 0;
|
||||
|
||||
_cupsRasterExecPS(&header, &preferred_bits,(char*)DataFx);
|
||||
|
||||
free(DataFx);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -1,59 +0,0 @@
|
|||
/* Copyright 2022 Google LLC
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
#include "file.h"
|
||||
#include "string-private.h"
|
||||
#include "ipp-private.h"
|
||||
#include <spawn.h>
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
#define kMinInputLength 10
|
||||
#define kMaxInputLength 10240
|
||||
|
||||
void LoadIPP(char *filename){
|
||||
cups_file_t *fp;
|
||||
ipp_t *request;
|
||||
|
||||
request = ippNew();
|
||||
fp = cupsFileOpen(filename, "r");
|
||||
|
||||
ippReadIO(fp, (ipp_iocb_t)cupsFileRead, 1, NULL, request);
|
||||
|
||||
cupsFileClose(fp);
|
||||
ippDelete(request);
|
||||
}
|
||||
|
||||
extern int
|
||||
LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
|
||||
{/*cups/cups/fuzzipp.c*/
|
||||
|
||||
if (Size < kMinInputLength || Size > kMaxInputLength){
|
||||
return 1;
|
||||
}
|
||||
|
||||
char filename[256];
|
||||
|
||||
sprintf(filename, "/tmp/libfuzzer.%d", getpid());
|
||||
FILE *fp = fopen(filename, "wb");
|
||||
if (!fp) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
fwrite(Data, Size, 1, fp);
|
||||
fclose(fp);
|
||||
|
||||
LoadIPP(filename);
|
||||
unlink(filename);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -1,56 +0,0 @@
|
|||
/* Copyright 2022 Google LLC
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
#include <cups/raster-private.h>
|
||||
#include <math.h>
|
||||
|
||||
#define kMinInputLength 10
|
||||
#define kMaxInputLength 10240
|
||||
|
||||
void LoadRES(char *filename){
|
||||
int fd;
|
||||
cups_raster_t *ras;
|
||||
cups_page_header2_t header;
|
||||
|
||||
fd = open(filename, O_RDONLY);
|
||||
|
||||
ras = cupsRasterOpen(fd, CUPS_RASTER_READ);
|
||||
|
||||
cupsRasterReadHeader2(ras, &header);
|
||||
|
||||
cupsRasterClose(ras);
|
||||
close(fd);
|
||||
}
|
||||
|
||||
extern int
|
||||
LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
|
||||
{/*cups/cups/testraster.c*/
|
||||
|
||||
if (Size < kMinInputLength || Size > kMaxInputLength){
|
||||
return 1;
|
||||
}
|
||||
|
||||
char filename[256];
|
||||
|
||||
sprintf(filename, "/tmp/libfuzzer.%d", getpid());
|
||||
FILE *fp = fopen(filename, "wb");
|
||||
if (!fp) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
fwrite(Data, Size, 1, fp);
|
||||
fclose(fp);
|
||||
|
||||
LoadRES(filename);
|
||||
unlink(filename);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
TARGET=Fuzzing
|
||||
|
||||
CUPS=FuzzCUPS
|
||||
IPP=FuzzIPP
|
||||
RES=FuzzRaster
|
||||
|
||||
INCDIR=-I./../ -I./../cups/
|
||||
MACRO=-D_CUPS_SOURCE -D_FORTIFY_SOURCE=2 -D_REENTRANT -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_THREAD_SAFE -D_REENTRANT
|
||||
EXTFLAGS=-Wall -Werror
|
||||
LIBDIR=-L./../cups/
|
||||
LibFLAGS=$(LIBDIR) $(LIB_FUZZING_ENGINE) -lcups -lcupsimage -lssl -lcrypto -lz -lpthread -l:libavahi-client.a -l:libavahi-common.a -l:libdbus-1.a -lsystemd
|
||||
|
||||
all: $(TARGET)
|
||||
|
||||
$(TARGET):
|
||||
$(CC) $(CFLAGS) $(EXTFLAGS) $(MACRO) $(INCDIR) -c $(CUPS).c
|
||||
$(CC) $(CFLAGS) $(EXTFLAGS) $(MACRO) $(INCDIR) -c $(IPP).c
|
||||
$(CC) $(CFLAGS) $(EXTFLAGS) $(MACRO) $(INCDIR) -c $(RES).c
|
||||
|
||||
$(CXX) $(CFLAGS) -o $(CUPS) $(CUPS).o $(LibFLAGS)
|
||||
$(CXX) $(CFLAGS) -o $(IPP) $(IPP).o $(LibFLAGS)
|
||||
$(CXX) $(CFLAGS) -o $(RES) $(RES).o $(LibFLAGS)
|
||||
|
||||
clean:
|
||||
rm $(CUPS) $(IPP) $(RES) *.o
|
||||
|
||||
.PHONY: all clean
|
||||
|
|
@ -1,14 +1,27 @@
|
|||
homepage: "https://openprinting.github.io/cups/"
|
||||
main_repo: 'https://github.com/OpenPrinting/cups'
|
||||
# help_url:
|
||||
language: c
|
||||
primary_contact: "security@msweet.org"
|
||||
|
||||
primary_contact: "jiongchiyu@gmail.com"
|
||||
auto_ccs:
|
||||
- "ajsinghyadav00@gmail.com"
|
||||
- "till.kamppeter@gmail.com"
|
||||
- "ossfuzz@iosifache.me"
|
||||
- "msweet@msweet.org"
|
||||
# vendor_ccs:
|
||||
|
||||
architectures:
|
||||
- x86_64
|
||||
# - i386
|
||||
|
||||
sanitizers:
|
||||
- address
|
||||
- memory
|
||||
# - undefined
|
||||
|
||||
fuzzing_engines:
|
||||
- libfuzzer
|
||||
- afl
|
||||
- honggfuzz
|
||||
sanitizers:
|
||||
- address
|
||||
- memory
|
||||
- undefined
|
||||
main_repo: 'https://github.com/OpenPrinting/cups'
|
||||
|
||||
# builds_per_day: 2
|
||||
Loading…
Reference in New Issue