From d3df01901951ad7c894b882669c97ec845c4d7b2 Mon Sep 17 00:00:00 2001 From: Mike Aizatsky Date: Tue, 26 Jul 2016 13:59:42 -0700 Subject: [PATCH] [expat] working build & simple fuzzer from chrome. --- expat/Dockerfile | 3 ++- expat/build.sh | 9 +++++++-- expat/parse_fuzzer.cc | 23 +++++++++++++++++++++++ 3 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 expat/parse_fuzzer.cc diff --git a/expat/Dockerfile b/expat/Dockerfile index 598f4a2c8..0f5633368 100644 --- a/expat/Dockerfile +++ b/expat/Dockerfile @@ -16,5 +16,6 @@ FROM ossfuzz/base-libfuzzer MAINTAINER mike.aizatsky@gmail.com +RUN apt-get install -y autoconf automake libtool -CMD /workspace/oss-fuzz/expat/build.sh +CMD /src/oss-fuzz/expat/build.sh diff --git a/expat/build.sh b/expat/build.sh index 5145fbf67..b5ec93fb6 100755 --- a/expat/build.sh +++ b/expat/build.sh @@ -1,8 +1,13 @@ #!/bin/bash -ex +. /env -echo $pwd - +cd /workspace/expat ls -alR ./buildconf.sh ./configure +make clean all + +$CXX $CXXFLAGS -std=c++11 -Ilib/ \ + /src/oss-fuzz/expat/parse_fuzzer.cc -o /out/parse_fuzzer \ + /work/libfuzzer/*.o .libs/libexpat.a diff --git a/expat/parse_fuzzer.cc b/expat/parse_fuzzer.cc new file mode 100644 index 000000000..da4640956 --- /dev/null +++ b/expat/parse_fuzzer.cc @@ -0,0 +1,23 @@ +// Copyright 2016 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include +#include "expat.h" + +std::vector kEncodings = {{"UTF-16", "UTF-8", "ISO-8859-1", + "US-ASCII", "UTF-16BE", "UTF-16LE", + "INVALIDENCODING"}}; +// Entry point for LibFuzzer. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + const char* dataPtr = reinterpret_cast(data); + for (int use_ns = 0; use_ns <= 1; ++use_ns) { + for (auto enc : kEncodings) { + XML_Parser parser = + use_ns ? XML_ParserCreateNS(enc, '\n') : XML_ParserCreate(enc); + XML_Parse(parser, dataPtr, size, true); + XML_ParserFree(parser); + } + } + return 0; +}