From a2363da0b2be1e34ced3ad1cb5b4c9683fd4d1f1 Mon Sep 17 00:00:00 2001 From: DavidKorczynski Date: Mon, 9 May 2022 19:22:00 +0100 Subject: [PATCH] flask: add jinja compiler fuzzers (#7685) * flask: add jinja compiler fuzzers * nit --- projects/flask/fuzz_jinja_compile_expr.py | 39 +++++++++++++++ .../flask/fuzz_jinja_compile_templates.py | 47 +++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 projects/flask/fuzz_jinja_compile_expr.py create mode 100644 projects/flask/fuzz_jinja_compile_templates.py diff --git a/projects/flask/fuzz_jinja_compile_expr.py b/projects/flask/fuzz_jinja_compile_expr.py new file mode 100644 index 000000000..e01ad6525 --- /dev/null +++ b/projects/flask/fuzz_jinja_compile_expr.py @@ -0,0 +1,39 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +import sys +import atheris + +with atheris.instrument_imports(): + import jinja2 + +def TestOneInput(data): + fdp = atheris.FuzzedDataProvider(data) + env = jinja2.Environment() + try: + v1 = env.compile_expression(fdp.ConsumeString(sys.maxsize)) + except jinja2.TemplateSyntaxError: + return + except SyntaxError: + return + except RecursionError: + return + return + +def main(): + atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/projects/flask/fuzz_jinja_compile_templates.py b/projects/flask/fuzz_jinja_compile_templates.py new file mode 100644 index 000000000..7c6a2abd8 --- /dev/null +++ b/projects/flask/fuzz_jinja_compile_templates.py @@ -0,0 +1,47 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +import sys +import atheris + +with atheris.instrument_imports(): + from jinja2.environment import Environment + from jinja2.loaders import DictLoader + +def TestOneInput(data): + fdp = atheris.FuzzedDataProvider(data) + template_str = fdp.ConsumeString(sys.maxsize) + + tmp_path = "/tmp/mytemplates" + temp_file = os.path.join(tmp_path, "template.jinja2") + if not os.path.isdir(tmp_path): + os.mkdir(tmp_path) + if os.path.isfile(temp_file): + os.remove(temp_file) + with open(temp_file, "wb") as fd: + fd.write(data) + + env = Environment(loader=DictLoader({"foo": template_str})) + try: + env.compile_templates(tmp_path, zip=None) + except RecursionError: + return + return + +def main(): + atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main()