Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libwebsockets: Add fuzzer for lws-upng (#7977) 

* libwebsockets: Add fuzzer for lws-upng

* Add License

* Fix sanitzer config

* Fix fuzzing_engine config

* Update Dockerfile

* Update build.sh

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
This commit is contained in:
afosscontact 2022-07-08 15:34:34 +09:00 committed by GitHub
parent 817620fd70
commit 865bd604be
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 100 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
projects/libwebsockets/Dockerfile Normal file
View File

@ -0,0 +1,23 @@
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
FROM gcr.io/oss-fuzz-base/base-builder
RUN apt-get update && apt-get install -y libssl-dev
RUN git clone --depth 1 https://github.com/warmcat/libwebsockets.git
COPY build.sh $SRC
COPY lws_upng_inflate_fuzzer.cpp $SRC/libwebsockets/
WORKDIR $SRC/libwebsockets

27
projects/libwebsockets/build.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash -eu
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
DIR=$SRC/libwebsockets/
cd $DIR
mkdir build && cd build
cmake -DCMAKE_C_FLAGS="$CFLAGS -fsanitize=address,fuzzer-no-link -g" -DCMAKE_CXX_FLAGS="$CXXFLAGS -fsanitize=address,fuzzer-no-link -g" -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address,fuzzer-no-link -g" -DCMAKE_SHARED_LINKER_FLAGS="-fsanitize=address,fuzzer-no-link -g" ..
make -j8
cd $DIR
$CXX -g -fsanitize=address,fuzzer -I$DIR/build/include -o $OUT/lws_upng_inflate_fuzzer lws_upng_inflate_fuzzer.cpp -L$DIR/build/lib -l:libwebsockets.a -L/usr/lib/x86_64-linux-gnu/ -l:libssl.so -l:libcrypto.so

48
projects/libwebsockets/lws_upng_inflate_fuzzer.cpp Normal file
View File

@ -0,0 +1,48 @@
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
/*
* This fuzzer is generated by UTopia project based on TEST(Test_Tensorflow,
* read_inception). (UTopia Project: https://github.com/Samsung/UTopia)
*/
#include "libwebsockets.h"
#include <fuzzer/FuzzedDataProvider.h>
static void lws_api_test_gunzip(FuzzedDataProvider &provider) {
int result = 0;
struct inflator_ctx *gunz = nullptr;
const uint8_t *outring;
size_t outringlen, *opl, *cl = 0;
auto input1 = provider.ConsumeRandomLengthString();
gunz = lws_upng_inflator_create(&outring, &outringlen, &opl, &cl);
if (!gunz)
goto bail;
lws_upng_inflate_data(gunz, input1.c_str(), input1.size());
bail:
if (gunz)
lws_upng_inflator_destroy(&gunz);
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, uint32_t size) {
FuzzedDataProvider provider(data, size);
auto select = provider.ConsumeIntegralInRange<unsigned char>(0, 1);
switch (select) {
case 0:
lws_api_test_gunzip(provider);
break;
}
return 0;
}

5
projects/libwebsockets/project.yaml
View File

@ -3,7 +3,6 @@ language: c
primary_contact: "andy@warmcat.com"
sanitizers:
- address
- memory:
experimental: True
- undefined
fuzzing_engines:
- libfuzzer
main_repo: 'https://libwebsockets.org/repo/libwebsockets'