From aac200815a809c03f62cd39c7fc139800be61169 Mon Sep 17 00:00:00 2001
From: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com>
Date: Wed, 12 May 2021 20:08:33 +0100
Subject: [PATCH] [cfengine] Initial integration (#5496)

---
 projects/cfengine/Dockerfile      | 26 ++++++++++++++++++++
 projects/cfengine/build.sh        | 28 ++++++++++++++++++++++
 projects/cfengine/project.yaml    | 10 ++++++++
 projects/cfengine/string_fuzzer.c | 40 +++++++++++++++++++++++++++++++
 4 files changed, 104 insertions(+)
 create mode 100644 projects/cfengine/Dockerfile
 create mode 100755 projects/cfengine/build.sh
 create mode 100644 projects/cfengine/project.yaml
 create mode 100644 projects/cfengine/string_fuzzer.c

diff --git a/projects/cfengine/Dockerfile b/projects/cfengine/Dockerfile
new file mode 100644
index 000000000..24b70d8b2
--- /dev/null
+++ b/projects/cfengine/Dockerfile
@@ -0,0 +1,26 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+RUN apt-get update && apt-get install -y \
+    build-essential autoconf automake libssl-dev \
+    libpcre3 libpcre3-dev bison libbison-dev \
+    libacl1 libacl1-dev libpq-dev lmdb-utils \
+    liblmdb-dev libpam0g-dev flex libtool
+
+RUN git clone --depth 1 https://github.com/cfengine/core --recursive
+WORKDIR core
+COPY build.sh string_fuzzer.c $SRC/
diff --git a/projects/cfengine/build.sh b/projects/cfengine/build.sh
new file mode 100755
index 000000000..4a2d542c7
--- /dev/null
+++ b/projects/cfengine/build.sh
@@ -0,0 +1,28 @@
+#!/bin/bash -eu
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+./autogen.sh
+./configure
+make V=1 -j$(nproc)
+
+cd libpromises
+mv $SRC/string_fuzzer.c .
+find . -name "*.o" -exec ar rcs fuzz_lib.a {} \;
+$CC $CFLAGS -I./ -c string_fuzzer.c -o string_fuzzer.o
+$CC $CXXFLAGS $LIB_FUZZING_ENGINE string_fuzzer.o \
+    -o $OUT/string_fuzzer fuzz_lib.a \
+    ../libntech/libutils/.libs/libutils.a
diff --git a/projects/cfengine/project.yaml b/projects/cfengine/project.yaml
new file mode 100644
index 000000000..4db793d6e
--- /dev/null
+++ b/projects/cfengine/project.yaml
@@ -0,0 +1,10 @@
+homepage: "https://github.com/cfengine/core"
+main_repo: "https://github.com/cfengine/core"
+language: c++
+primary_contact: "vratislav.podzimek@northern.tech"
+auto_ccs:
+  - "Adam@adalogics.com"
+sanitizers:
+  - address
+  - undefined
+  - memory
diff --git a/projects/cfengine/string_fuzzer.c b/projects/cfengine/string_fuzzer.c
new file mode 100644
index 000000000..b7d5cfb83
--- /dev/null
+++ b/projects/cfengine/string_fuzzer.c
@@ -0,0 +1,40 @@
+/* Copyright 2021 Google LLC
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+      http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+#include <stdint.h>
+#include <string.h>
+#include <stdlib.h>
+#include <string_expressions.h>
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size){
+    if(size<4) {
+        return 0;
+    }
+    for (int i=0; i<size; i++) {
+        if(data[i]==0) {
+            return 0;
+        }
+    }
+    char *new_str = (char *)malloc(size+1);
+    if (new_str == NULL){
+        return 0;
+    }
+    memcpy(new_str, data, size);
+    new_str[size] = '\0';
+    int len = strlen(new_str);
+
+    StringParseResult res = ParseStringExpression(new_str, 0, len);
+
+    FreeStringExpression(res.result);
+    free(new_str);
+    return 0;
+}