Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,926 Commits 188 Branches 0 Tags 112 MiB
Commit Graph

8926 Commits

Author SHA1 Message Date
manunio 74dbbcce98
Update header lint source extension (#9840) 
This pr
- Removes duplicate extension from sourceFileExtensions
- Adds `swift` extension as its a oss-fuzz supported language and there
exists a project with .swift extension files.
https://github.com/google/oss-fuzz/tree/master/projects/swift-nio
 2023-03-01 16:44:39 -05:00
DavidKorczynski 4639506b4f
markdown-it-py: extend suite (#9844) 
Generated from auto-fuzz
https://github.com/ossf/fuzz-introspector/pull/872#issuecomment-1450847118

Signed-off-by: David Korczynski <david@adalogics.com>
 2023-03-01 21:44:29 +00:00
Dmitry Vyukov 9503ea34f5
lzo: fix crash on large inputs (#9839) 
The target allocates 2*size buffers on the stack.
Stack is not always infinite. If we allocate on the stack,
we need to cap input size.
 2023-03-01 10:32:40 -05:00
DavidKorczynski 11d320067b
glom: extend suite (#9837) 
Signed-off-by: David Korczynski <david@adalogics.com>
 2023-03-01 15:11:06 +00:00
Maksym Sobolyev 5cee1ad696
rtpproxy: initial integration. (#9767) 
This patch adds OSS-Fuzz integration for the RTPProxy project. The
RTPProxy is a companion software used by many of the SIP application
servers (OpenSIPS, Kamailio, Sipppy B2BUA etc) to handle RTP streams. We
have completed integration on our side already, e.g.
https://github.com/sippy/rtpproxy/actions/runs/4226614295/jobs/7340239205.
 2023-03-01 09:54:18 -05:00
Keith Winstein 95d53d8750
wabt: fix build of external fuzzers with `-std=c++17` (#9831) 
wabt moved from C++11 to C++17 about a year ago
(https://github.com/WebAssembly/wabt/pull/1825), but the oss-fuzz repo
includes external fuzzers that were built with C++11. A recent commit
(https://github.com/WebAssembly/wabt/pull/2152) broke the build.
 2023-03-01 09:24:36 -05:00
DavidKorczynski 19ae1cbeac
toml: call loads with explicit path (#9835) 
To make the fuzz introspector nicer:
https://github.com/google/oss-fuzz/pull/9834#issuecomment-1450019886
 2023-03-01 12:10:57 +00:00
Oliver Chang 97a6507178
Add main_repo to build status.json (#9822) 
Fixes #9782
 2023-03-01 10:56:18 +11:00
jonathanmetzman 0d84900126
Add header linter config (#9826) 2023-02-28 17:58:44 -05:00
Philip Withnall 59425b7c66
Add additional CC to GLib project configuration (#9829) 
Todd Cullum is on the Red Hat security team and has been vouched for by
Michael Catanzaro. He is not a GLib upstream maintainer.
 2023-02-28 15:47:28 -05:00
jonathanmetzman 3fc0d79468
Fix view restrictions (#9827) 2023-02-28 13:11:45 -05:00
manunio e269f7ffe3
gimli: initial integration (#9753) 
gimli is a library for reading and writing the [DWARF debugging
format](https://dwarfstd.org/).
- It has `48 million+` downloads as per
[crates.io](https://crates.io/crates/gimli)
- It has [criticality_score](https://github.com/ossf/criticality_score)
of `0.5228`
- Its being used by projects like:
- [wasmer](https://github.com/wasmerio/wasmer) (integrated to oss-fuzz)
- [wasmtime](https://github.com/bytecodealliance/wasmtime) (integrated
to oss-fuzz)
  - [rust-lang/backtrace-rs](https://github.com/rust-lang/backtrace-rs)
- A library for acquiring backtraces at runtime for Rust. This library
aims to enhance the support of the standard library by providing a
programmatic interface to work with, but it also supports simply easily
printing the current backtrace like libstd's panics.
   - [getsentry/symbolic](https://github.com/getsentry/symbolic)
- [Symbolic](https://docs.rs/symbolic) is a library written in Rust
which is used at [Sentry](https://sentry.io/) to implement symbolication
of native stack traces, sourcemap handling for minified JavaScript and
more.
   - [addr2line](https://github.com/gimli-rs/addr2line)
- A cross-platform `addr2line` clone written in Rust for retrieving
per-address debug information from files with DWARF debug information.
- It has `47 million+` downloads as per
[crates.io](https://crates.io/crates/addr2line)
 2023-02-28 09:26:14 -05:00
Patrice.S f3c063cf58
jackson-datatype-joda: initial integration (#9799) 2023-02-28 09:16:26 -05:00
Nathaniel Brough eb2b6b8cba
quick-xml: Adds autodetection for new fuzz tests (#9795) 2023-02-28 09:14:58 -05:00
Phil Turnbull 15fdde6938
krb5: Add gss_accept_sec_context fuzz harness (#9800) 
`gss_accept_sec_context` is one of the main APIs used for server
applications and typically accepts untrusted data via the `input_token`
parameter.

@greghudson: fyi, here's the improvements to the fuzzing setup that we
discussed via email.
 2023-02-28 09:14:37 -05:00
vargen a1c27dd02e
[snappy-java] initial commit (#9813) 2023-02-28 09:13:54 -05:00
Catena cyber abe86870e7
infra: Golang coverage fixes (#9812) 
@AdamKorcz what do you think of these commits ?

cf https://github.com/google/oss-fuzz/pull/8937 and should fix
https://github.com/google/oss-fuzz/issues/9808
 2023-02-28 09:13:22 -05:00
Michael Ford b4ff54a398
bitcoin: remove Wlad from email cc list (#9815) 2023-02-28 09:12:31 -05:00
Yifeng He 096a44c0fa
llvm: fix build deprecate LLVM_ENABLE_PROJECTS (#9817) 
llvm build has been broken, the reason is that
1. [`LLVM_ENABLE_PROJECTS` for libc++, libc++abi was
deprecate](https://reviews.llvm.org/D112724)
2. compiler-rt is also a runtime according to the
[llvm-docs](https://llvm.org/docs/CMake.html#llvm-related-variables)
 2023-02-28 09:10:50 -05:00
DavidKorczynski 482fabbe40
pymysql: fix build (#9825) 
Signed-off-by: David Korczynski <david@adalogics.com>
 2023-02-28 12:11:25 +00:00
SGills 6d389f49db
Adding urllib3 requests coverage (#9793) 
This change added a new fuzzer `fuzz_requests`. This fuzzes the
`.request` method in urllib3, which opens a lot more coverage.

<img width="653" alt="image"
src="https://user-images.githubusercontent.com/5122866/221026547-8097ef14-bc21-4e4e-a5ab-573048259576.png">

I have created a python `HTTPServer` that provides fuzzed responses to
all the different request types. And I try and drive different
combinations of requests including mixes of headers, bodies and request
types. This gives a nice improvement on current coverage levels [urllib3
fuzz inspector report
2023-02-23](https://storage.googleapis.com/oss-fuzz-introspector/urllib3/inspector-report/20230223/fuzz_report.html).
 2023-02-28 02:49:16 -08:00
emkornfield edd3dc9d9a
Add some googlers to arrow fuzzer permissions (#9819) 
Adds googlers that have interest in some fuzz runs for Arrow/Parquet
 2023-02-28 16:14:20 +11:00
Nathaniel Brough 8bc63cee51
croaring: Add a cpp fuzz harness (#9794) 
Signed-off-by: Nathaniel Brough <nathaniel.brough@gmail.com>
 2023-02-28 16:13:33 +11:00
Guido Vranken 11110bae7c
[libecc] Support BASH hash (#9821) 
This is another hash function supported by libecc
 2023-02-28 16:12:08 +11:00
madamantis-leviathan 0248ec7d05
libdwarf: switch to fuzzers and corpora maintained by the project owner (#9786) 
This pull request updates the Dockerfile and the build script to use the
new [fuzzers](https://github.com/davea42/libdwarf-code/tree/master/fuzz)
and [corpora](https://github.com/davea42/libdwarf-binary-samples)
maintained by the owner of libdwarf-code.

---------

Co-authored-by: Maksym Adamantis <maksym.adamantis@leviathan.corp-partner.google.com>
 2023-02-27 14:55:02 +00:00
Ilija Tovilo 0ba4b20807
Add myself (Ilija Tovilo) to PHP project (#9806) 
@dstogov Can you confirm that this is ok?
 2023-02-27 10:01:04 +00:00
Louis Sautier 788183edf1
cctz: disable benchmark build (#9811) 
This is required for the CI to work on
https://github.com/google/cctz/pull/241
 2023-02-27 17:00:18 +11:00
Catena cyber df358b948a
Ngolo coverage through corpus (#9807) 
More corpus for ngolo-fuzzing

By running `go test` in a dummy package copying the files from the real
package, so as to avoid imports cycles
 2023-02-27 16:58:22 +11:00
Jacek Trossen 6b797cb3f7
Initial integration for xercesImpl (#9789) 2023-02-27 16:57:01 +11:00
Alan Modra 976e6f9715
binutils/fuzz_as.c gas_early_init (#9810) 
Fix an error passing argv to gas_early_init. &fakeArgv isn't correct.
The address of a pointer of type char** must be passed. That char***
will be passed on to expandargv, which possibly modifies the char**
(although it won't be with current args), which is why the call to
perform_an_assembly_pass is changed too.
 2023-02-27 16:54:21 +11:00
Patrice.S 64d5ff6eae
xz-java: initial integration (#9797) 2023-02-27 11:43:54 +11:00
aschaich d97407ce13
[jsch] Initial commit for com.github.mwiede:jsch (#9798) 2023-02-27 11:43:26 +11:00
Patrice.S 7117bf80c2
jline3: initial integration (#9790) 2023-02-27 11:42:07 +11:00
aschaich 1727e5cf69
[StAX] Initial integration for StAX (#9791) 2023-02-27 11:41:51 +11:00
Henry Lin 2e9874f212
Apache Lucene: Initial integration (#9772) 2023-02-27 11:39:35 +11:00
DavidKorczynski 0cb65d0fac
stack_data: initial integration (#9804) 
Signed-off-by: David Korczynski <david@adalogics.com>
 2023-02-25 15:59:47 +00:00
DavidKorczynski b26eadcbaf
ntlm-auth: initial integration (#9803) 
Signed-off-by: David Korczynski <david@adalogics.com>
 2023-02-25 15:59:19 +00:00
DavidKorczynski 1ddd283805
flask-wtf: initial integration (#9802) 
Signed-off-by: David Korczynski <david@adalogics.com>
 2023-02-25 15:58:26 +00:00
Catena cyber fadf6ee1f2
Adds project glog (#9160) 
@sergiud are you interested in having glog running on oss-fuzz ?

see also https://github.com/google/glog/issues/816 cc @autofuzzoss

I also quickly find a timeout with input
`_ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ_`
 2023-02-25 20:27:04 +11:00
DavidKorczynski c96a0eb202
tensorflow: enable more targets (#9801) 
Includes some new fuzzers that are placed outside `security/fuzzing`,
e.g. `saved_model_fuzzer`
 2023-02-24 19:29:12 +00:00
Alan Modra 0f2fff3002
binutils/fuzz_objcopy memory leaks (#9796) 
This should fix issue 49000, caused by not freeing symbol htabs. The
patch also removes some NULLing out of buffer pointers. These are all
cleared in init_objcopy_global_state.
 2023-02-24 07:01:03 -08:00
Khaled Yakdan c7680381a6
infra: use an absolute path to the JavaScript fuzz test file (#9788) 
This fixes the issue of running Jazzer.js fuzzer using an absolute path
such as `/out/fuzzer`.

@oliverchang We needed a minor fix in Jazzer.js
(https://github.com/CodeIntelligenceTesting/jazzer.js/pull/341), so you
would need to rebuild the project so that the latest version (1.4.0) is
fetched from npm.
 2023-02-24 11:29:50 +11:00
Catena cyber 05d03d3f5a
ngolo-fuzzing: generate corpus for targets (#9783) 
Should allow to find new bugs such as
https://github.com/golang/go/issues/58642
 2023-02-23 07:26:16 -08:00
DavidKorczynski ecc8a1601b
libhoextdown: only compile relevant libraries (#9787) 
This enable Fuzz Introspector build since we avoid some shared libraries
that are not compatible with LLVM LTO.
 2023-02-23 10:39:49 +00:00
Alan Modra 2f0202da5a
binutils/fuzz_dwarf memory leak (#9784) 
Fixes issue 42739, a leak in the fuzzer.
 2023-02-23 02:27:53 -08:00
Khaled Yakdan fd04971319
Source-based code coverage reporting for Jazzer.js (#9758) 2023-02-23 18:51:21 +11:00
Catena cyber 9c2083a08c
rust: do not use none sanitizer (#9763) 
rustc errors with
error: incorrect value `none` for unstable option `sanitizer`

Should fix at least ecc-diff-fuzzer build failure cf
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55912
 2023-02-23 13:06:01 +11:00
Hayley Denbraver e5f6911beb
Updated Google Analytics (#9777) 
Updated Documentation google analytics from UA to GA4

Resolves #9743
 2023-02-23 13:00:42 +11:00
DavidKorczynski bf647ce826
infra: bump fuzz introspector (#9702) 
Includes
- Several bug fixes for builds
- Refinement of how static analysis is matched with code coverage data
(https://github.com/ossf/fuzz-introspector/issues/812)
- More output to `summary.json` to make the following logic less hacky:
3d2ec74dba/infra/build/build_status/fuzz_introspector_page_gen.py (L250-L260)
- Improvements to the Sink analyser for detecting e.g. code injections:
https://fuzz-introspector.readthedocs.io/en/latest/user-guides/analyse-sink-function.html
- Various improvements to the java frontend

Signed-off-by: David Korczynski <david@adalogics.com>

Signed-off-by: David Korczynski <david@adalogics.com>
 2023-02-23 13:00:19 +11:00
DavidKorczynski 8c66f08246
tensorflow: enable all fuzztest fuzzers (#9780) 
Signed-off-by: David Korczynski <david@adalogics.com>
 2023-02-22 13:37:15 +00:00