From c279d13834c1777a3e53fe4f3cab02a3f2eb90bf Mon Sep 17 00:00:00 2001
From: DavidKorczynski <david@adalogics.com>
Date: Tue, 7 Mar 2023 15:52:44 +0000
Subject: [PATCH] packaging: fix fuzzer (#9882)

Catch an exception thrown by the code and remove invalid operators.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56761

Signed-off-by: David Korczynski <david@adalogics.com>
---
 projects/packaging/fuzz_packaging.py | 35 ++++++++++++++--------------
 1 file changed, 18 insertions(+), 17 deletions(-)

diff --git a/projects/packaging/fuzz_packaging.py b/projects/packaging/fuzz_packaging.py
index 26f93ca23..254b2eaac 100644
--- a/projects/packaging/fuzz_packaging.py
+++ b/projects/packaging/fuzz_packaging.py
@@ -16,28 +16,28 @@
 
 import sys
 import atheris
-from packaging.utils import (
-  canonicalize_version,
-  parse_wheel_filename,
-  parse_sdist_filename,
-  InvalidSdistFilename,
-  InvalidWheelFilename
-)
+from packaging.utils import (canonicalize_version, parse_wheel_filename,
+                             parse_sdist_filename, InvalidSdistFilename,
+                             InvalidWheelFilename)
 
 from packaging.specifiers import InvalidSpecifier, Specifier
+from packaging.version import InvalidVersion
 
 
 def fuzz_utils(data):
   """Logic to hit routines in src/packaging/utils."""
   fdp = atheris.FuzzedDataProvider(data)
-  canonicalize_version(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
+  canonicalize_version(
+      fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
   try:
-    parse_sdist_filename(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
+    parse_sdist_filename(
+        fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
   except InvalidSdistFilename:
     pass
 
   try:
-    parse_wheel_filename(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
+    parse_wheel_filename(
+        fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
   except InvalidWheelFilename:
     pass
 
@@ -46,18 +46,19 @@ def fuzz_specifier(data):
   """Logic to hit routines in src/packaging/specifiers."""
   fdp = atheris.FuzzedDataProvider(data)
   try:
-    spec1 = Specifier(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
-    spec2 = Specifier(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
+    spec1 = Specifier(
+        fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
+    spec2 = Specifier(
+        fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(0, 1024)))
   except InvalidSpecifier:
     return
 
   b1 = spec1 == spec2
   b2 = spec1 != spec2
-  b3 = spec1 <= spec2
-  b4 = spec1 >= spec2
-  b5 = spec1 < spec2
-  b6 = spec1 > spec2
-  b7 = spec1.constains(fdp.ConsumeUnicodeNoSurrogates(24))
+  try:
+    b7 = spec1.contains(fdp.ConsumeUnicodeNoSurrogates(24))
+  except InvalidVersion:
+    pass
 
 
 def TestOneInput(data):