fabric: add more fuzzers (#8713)

Adds more fuzzers for hyperledger fabric. Signed-off-by: AdamKorcz <adam@adalogics.com> Signed-off-by: AdamKorcz <adam@adalogics.com>
2022-10-07 18:00:18 +01:00 · 2022-10-07 18:00:18 +01:00 · 9415dd79b4
parent 1328379d34
commit 9415dd79b4
10 changed files with 165 additions and 1 deletions
--- a/projects/fabric/Dockerfile
+++ b/projects/fabric/Dockerfile
@ -16,5 +16,12 @@

 FROM gcr.io/oss-fuzz-base/base-builder-go
 RUN git clone --depth 1 https://github.com/hyperledger/fabric
-COPY build.sh persistence_fuzzer.go $SRC/
+RUN git clone --depth 1 https://github.com/AdamKorcz/instrumentation
+COPY build.sh ccprovider_fuzzer.go \
+	 persistence_fuzzer.go \
+	 policydsl_fuzzer.go \
+	 fabenc_fuzzer.go \
+	 msp_fuzzer.go $SRC/
 WORKDIR $SRC/fabric
+
+COPY *.options $SRC/
--- a/projects/fabric/FuzzExtractFileEntries.options
+++ b/projects/fabric/FuzzExtractFileEntries.options
@ -0,0 +1,3 @@
+[libfuzzer]
+max_len = 1800000
+len_control = 0
--- a/projects/fabric/FuzzParseChaincodePackage.options
+++ b/projects/fabric/FuzzParseChaincodePackage.options
@ -0,0 +1,3 @@
+[libfuzzer]
+max_len = 1800000
+len_control = 0
--- a/projects/fabric/FuzzPersistence.options
+++ b/projects/fabric/FuzzPersistence.options
@ -0,0 +1,3 @@
+[libfuzzer]
+max_len = 1800000
+len_control = 0
--- a/projects/fabric/build.sh
+++ b/projects/fabric/build.sh
@ -15,5 +15,29 @@
 #
 ################################################################################

+rm -r $SRC/fabric/cmd/cryptogen
+
+cd $SRC/instrumentation && go run main.go $SRC/fabric && cd $SRC/fabric
+go mod tidy && go mod vendor
+
+
 cp $SRC/persistence_fuzzer.go ./core/chaincode/persistence/mock/
+go get github.com/AdaLogics/go-fuzz-headers
+go mod vendor
 compile_go_fuzzer github.com/hyperledger/fabric/core/chaincode/persistence/mock FuzzPersistence fuzz_persistence
+compile_go_fuzzer github.com/hyperledger/fabric/core/chaincode/persistence/mock FuzzChaincodePackageStreamerMetadatabytes FuzzChaincodePackageStreamerMetadatabytes
+compile_go_fuzzer github.com/hyperledger/fabric/core/chaincode/persistence/mock FuzzParseChaincodePackage FuzzParseChaincodePackage
+
+cp $SRC/ccprovider_fuzzer.go ./core/common/ccprovider/
+compile_go_fuzzer github.com/hyperledger/fabric/core/common/ccprovider FuzzExtractFileEntries FuzzExtractFileEntries
+
+cp $SRC/policydsl_fuzzer.go $SRC/fabric/common/policydsl/
+compile_go_fuzzer github.com/hyperledger/fabric/common/policydsl FuzzFromString fuzz_from_string
+
+cp $SRC/msp_fuzzer.go $SRC/fabric/msp/
+compile_go_fuzzer github.com/hyperledger/fabric/msp FuzzDeserializeIdentity fuzz_deserialize_identity
+
+cp $SRC/fabenc_fuzzer.go $SRC/fabric/common/flogging/fabenc/
+compile_go_fuzzer github.com/hyperledger/fabric/common/flogging/fabenc FuzzParseFormat fuzz_parse_format
+
+cp $SRC/*.options $OUT/
--- a/projects/fabric/ccprovider_fuzzer.go
+++ b/projects/fabric/ccprovider_fuzzer.go
@ -0,0 +1,33 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package ccprovider
+
+import (
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+)
+
+func FuzzExtractFileEntries(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	tarBytes, err := f.TarBytes()
+	if err != nil {
+		return 0
+	}
+	databaseType, err := f.GetString()
+	if err != nil {
+		return 0
+	}
+	_, _ = ExtractFileEntries(tarBytes, databaseType)
+	return 1
+}
--- a/projects/fabric/fabenc_fuzzer.go
+++ b/projects/fabric/fabenc_fuzzer.go
@ -0,0 +1,20 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package fabenc
+
+func FuzzParseFormat(data []byte) int {
+	_, _ = ParseFormat(string(data))
+	return 1
+}
--- a/projects/fabric/msp_fuzzer.go
+++ b/projects/fabric/msp_fuzzer.go
@ -0,0 +1,22 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package msp
+
+func FuzzDeserializeIdentity(data []byte) int {
+	m := &mspManagerImpl{}
+	m.up = true
+	_, _ = m.DeserializeIdentity(data)
+	return 1
+}
--- a/projects/fabric/persistence_fuzzer.go
+++ b/projects/fabric/persistence_fuzzer.go
@ -15,8 +15,12 @@
 package mock

 import (
+	"bytes"
+	"compress/gzip"
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
 	"github.com/hyperledger/fabric/core/chaincode/persistence"
 	tm "github.com/stretchr/testify/mock"
+	"os"
 )

 func FuzzPersistence(data []byte) int {
@ -27,3 +31,28 @@ func FuzzPersistence(data []byte) int {
 	_, _ = ccpp.Parse(data)
 	return 1
 }
+
+func FuzzChaincodePackageStreamerMetadatabytes(data []byte) int {
+	err := os.WriteFile("demoTar.tar", data, 0666)
+	if err != nil {
+		return 0
+	}
+	defer os.Remove("demoTar.tar")
+	cps := &persistence.ChaincodePackageStreamer{PackagePath: "demoTar.tar"}
+	_, _ = cps.MetadataBytes()
+	return 1
+}
+
+func FuzzParseChaincodePackage(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	source, err := f.TarBytes()
+	if err != nil {
+		return 0
+	}
+	var b bytes.Buffer
+	w := gzip.NewWriter(&b)
+	w.Write(source)
+	w.Close()
+	_, _, _ = persistence.ParseChaincodePackage(b.Bytes())
+	return 1
+}
--- a/projects/fabric/policydsl_fuzzer.go
+++ b/projects/fabric/policydsl_fuzzer.go
@ -0,0 +1,20 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package policydsl
+
+func FuzzFromString(data []byte) int {
+	_, _ = FromString(string(data))
+	return 1
+}