From c54e373cb66027a4f56492c66a14d0cd792ec864 Mon Sep 17 00:00:00 2001 From: DavidKorczynski Date: Tue, 23 Aug 2022 14:44:18 +0100 Subject: [PATCH] grpcio/grpc-py: initial integration (#7756) * grpc-py: initial integration * add license * nit * grpc-py: add server fuzzer * add doc --- projects/grpc-py/Dockerfile | 25 +++++++++++ projects/grpc-py/build.sh | 26 +++++++++++ projects/grpc-py/fuzz_server.py | 79 +++++++++++++++++++++++++++++++++ projects/grpc-py/project.yaml | 11 +++++ 4 files changed, 141 insertions(+) create mode 100644 projects/grpc-py/Dockerfile create mode 100644 projects/grpc-py/build.sh create mode 100644 projects/grpc-py/fuzz_server.py create mode 100644 projects/grpc-py/project.yaml diff --git a/projects/grpc-py/Dockerfile b/projects/grpc-py/Dockerfile new file mode 100644 index 000000000..ff154abe0 --- /dev/null +++ b/projects/grpc-py/Dockerfile @@ -0,0 +1,25 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + + +FROM gcr.io/oss-fuzz-base/base-builder-python + +RUN apt install python3-dev libssl-dev libre2-dev -y +RUN git clone https://github.com/grpc/grpc grpc && \ + cd grpc && \ + git submodule update --init +WORKDIR grpc +COPY build.sh *.py $SRC/ diff --git a/projects/grpc-py/build.sh b/projects/grpc-py/build.sh new file mode 100644 index 000000000..875f1149e --- /dev/null +++ b/projects/grpc-py/build.sh @@ -0,0 +1,26 @@ +#!/bin/bash -eu +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +pip3 install --upgrade pip +pip3 install -r ./requirements.txt + +GRPC_PYTHON_CFLAGS="${CFLAGS}" GRPC_PYTHON_BUILD_SYSTEM_RE2=true GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=true GRPC_PYTHON_BUILD_SYSTEM_ZLIB=true pip3 install -v . + +cd $SRC/grpc/examples/python/helloworld +for fuzzer in $(find $SRC -name 'fuzz_*.py'); do + compile_python_fuzzer $fuzzer --add-data helloworld_pb2.py:. --add-data helloworld_pb2_grpc.py:. +done diff --git a/projects/grpc-py/fuzz_server.py b/projects/grpc-py/fuzz_server.py new file mode 100644 index 000000000..a536168eb --- /dev/null +++ b/projects/grpc-py/fuzz_server.py @@ -0,0 +1,79 @@ +#!/usr/bin/python3 +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Fuzz grpc server using the Greeter example""" + +import sys +import time +import grpc +import socket +import atheris +import threading +from concurrent.futures import ThreadPoolExecutor +from google.protobuf.internal import builder as _builder + +# Extract path of fuzzer so we can include protobuf modules +if getattr(sys, 'frozen', False): + app_path = os.path.dirname(sys.executable) +elif __file__: + app_path = os.path.dirname(__file__) +else: + raise Exception("Could not extract path needed to import loop.py") +sys.path.append(app_path) + +import helloworld_pb2 +import helloworld_pb2_grpc + + +# Simple server +class FuzzGreeter(helloworld_pb2_grpc.GreeterServicer): + def SayHello(self, request, context): + print("In server") + return helloworld_pb2.HelloReply(message='Hello from fuzz server, %s!' % request.name) + + +def serve() -> None: + """Starts fuzz server""" + server = grpc.server(ThreadPoolExecutor(max_workers=1)) + helloworld_pb2_grpc.add_GreeterServicer_to_server(FuzzGreeter(), server) + server.add_insecure_port('[::]:50051') + server.start() + server.wait_for_termination() + return + + +def TestInput(input_bytes): + """Send fuzzing input to the server""" + time.sleep(0.02) + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect(("localhost", 50051)) + s.sendall(input_bytes) + data = s.recv(1024) + return + + +def main(): + # Launch a grpc server + _thread = threading.Thread(target=serve) + _thread.start() + time.sleep(0.2) + + # Start fuzzing + atheris.instrument_all() + atheris.Setup(sys.argv, TestInput, enable_python_coverage=True) + atheris.Fuzz() + + +if __name__ == "__main__": + main() diff --git a/projects/grpc-py/project.yaml b/projects/grpc-py/project.yaml new file mode 100644 index 000000000..ba978416c --- /dev/null +++ b/projects/grpc-py/project.yaml @@ -0,0 +1,11 @@ +fuzzing_engines: +- libfuzzer +homepage: https://github.com/grpc/grpc +language: python +main_repo: https://github.com/grpc/grpc +sanitizers: +- address +- undefined +vendor_ccs: +- david@adalogics.com +- adam@adalogics.com