diff --git a/projects/keras/Dockerfile b/projects/keras/Dockerfile index 30ec07184..7850c9393 100644 --- a/projects/keras/Dockerfile +++ b/projects/keras/Dockerfile @@ -23,7 +23,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ apt-get clean && \ rm -rf /var/lib/apt/lists/* -RUN python3 -m pip install --upgrade pip +RUN python3 -m pip install --upgrade pip chardet # We install Keras by way of Tensorflow. As such, this build instructions # follow the logic of tensorflow-py project. @@ -39,5 +39,6 @@ RUN curl -Lo /usr/bin/bazel \ chmod +x /usr/bin/bazel RUN git clone --depth 1 https://github.com/tensorflow/tensorflow tensorflow +RUN git clone --depth 1 https://github.com/DavidKorczynski/hdf5-files $SRC/hdf5-files WORKDIR $SRC/tensorflow COPY build.sh *.py $SRC/ diff --git a/projects/keras/build.sh b/projects/keras/build.sh index ec0b19d77..78184e19b 100644 --- a/projects/keras/build.sh +++ b/projects/keras/build.sh @@ -27,3 +27,6 @@ python3 -m pip install tf-nightly-cpu mv $SRC/tensorflow/tensorflow $SRC/tensorflow/tensorflow_src compile_python_fuzzer $SRC/fuzz_serialization.py +compile_python_fuzzer $SRC/fuzz_model.py + +zip $OUT/fuzz_model_seed_corpus.zip $SRC/hdf5-files/basic-model.h5 diff --git a/projects/keras/fuzz_model.py b/projects/keras/fuzz_model.py new file mode 100644 index 000000000..fd32648dd --- /dev/null +++ b/projects/keras/fuzz_model.py @@ -0,0 +1,49 @@ +#!/usr/bin/python3 +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +import sys +import atheris +import json +import h5py +import chardet + +with atheris.instrument_imports(): + import keras + +@atheris.instrument_func +def TestOneInput(data): + with open("model.hdf5", "wb") as mf: + mf.write(data) + + try: + keras.models.load_model("model.hdf5") + # Catch all sorts of exceptions. The goal right now is capturing more security + # relevant properties so focus on code coverage. + except OSError: + return + except KeyError: + return + except TypeError: + return + except ValueError: + return + + +def main(): + atheris.Setup(sys.argv, TestOneInput) + atheris.Fuzz() + + +if __name__ == "__main__": + main()