Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,170 Commits 195 Branches 0 Tags 124 MiB
Commit Graph

4560 Commits

Author SHA1 Message Date
Martijn van Beurden afdf1caa5d
flac: only disable signed integer sanitizing on decoder fuzzers (#7687) 
oss-fuzz has reported numerous signed integer overflow problems
in flac that cannot be reasonably fixed. The problem is that
flac uses some math that is numerically unstable when fed with
random data, and as these are only audio samples, this overflow
is not a problem. Therefore, I added
`__attribute__((no_sanitize("signed-integer-overflow")))` to a few
functions in the flac sources.

However, while a decoder fed with random data has this problem,
an decoder that is being used to verify an encoder fed with random
data should never overflow. As the same functions are used, the
flac sources should be compiled twice: once with the mentioned
attributes for the decoder fuzzers, and once without them for the
encoder fuzzers.

Note that the define passed in this code is not yet integrated in
libflac, but this change should happen first or else the old
bugs appear again
 2022-05-09 16:39:59 -04:00
Robert Löhning 688737e846
[qt] Clone qtimageformats (#7684) 
To actually test it, changes in the build script are needed.
 2022-05-09 20:59:01 +01:00
DavidKorczynski a2363da0b2
flask: add jinja compiler fuzzers (#7685) 
* flask: add jinja compiler fuzzers

* nit
 2022-05-09 19:22:00 +01:00
Catena cyber 57c715ebcd
ngolo-fuzzing: fix coverage build (#7682) 2022-05-09 11:38:45 +01:00
vargen 64fbe7d12c
[slf4j-api] initial integration (#7644) 2022-05-09 16:11:58 +10:00
vargen 4d92ad4ac5
Initial integration files for xstream (#7642) 
* Initial integration files for xstream

* Updated project.yaml
 2022-05-09 16:11:49 +10:00
psy c67838b2f5
Initial integration (#7678) 2022-05-09 16:11:28 +10:00
Zied Aouini 61c1a70e26
Add NFStream project. (#7632) 2022-05-06 09:28:19 -04:00
DavidKorczynski 1fb8774663
cbor-java: initial integration (#6788) 
* cbor-java: initial integration

* update maintainer email and to 2022

* nit
 2022-05-06 14:14:17 +10:00
Catena cyber f20bc9ad0d
Adds python project requests (#4918) 
* Adds python project requests

* try CI to pass

* fixup using compile_python_fuzzer

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2022-05-06 10:39:51 +10:00
DavidKorczynski 083342f301
flask: add flask-cors extension (#7676) 
* flask: add cors extension

* give more appropriate function name

* add license header

* nit
 2022-05-05 23:37:25 +01:00
Kevin Leimkuhler 6e40b86c59
Change build script location for linkerd2 fuzzing (#7609) 
* Change build script location for linkerd2 fuzzing

Signed-off-by: @kleimkuhler <kleimkuhler@icloud.com>

* Bump CLA

Signed-off-by: @kleimkuhler <kleimkuhler@icloud.com>

* Run compile_go_fuzzer from build.sh

Signed-off-by: Kevin Leimkuhler <kleimkuhler@icloud.com>

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2022-05-05 20:50:12 +01:00
DavidKorczynski 97ad471f06
pyxdg: extend fuzzer and add corpus+dict (#7674) 
* pyxdg: extend fuzzer and add corpus+dict

The extension is mainly to force xml checking before its passed into the
pyxdg library. The problem I had was any code in xml would not be
instrumented, so coverage could not be used to explore correct xml
files. I did a minor guard to use lxml instead to check xml validity, as
this could be instrumented proper. Gains are significant.

* try to fix fuzzer not part of pyxdg

* nit

* nit

* fix build failure
 2022-05-05 12:18:32 +01:00
Catena cyber b794402fc4
ngolo-fuzzing get some coverage (#7673) 
* ngolo-fuzzing get some coverage

With the fuzz targets which work already.

The LPM fuzz targets do not support coverage yet...

* ngolo: do not take bufio for io
 2022-05-05 11:31:51 +01:00
DavidKorczynski c2410db1f2
flask: extend fuzzers (#7672) 
Following the addition of coverage visualisation it's now easier to
detect missing pieces. This extends flask fuzzing to cover missing
areas. A nice next step in flask fuzzing is to create more end-to-end
fuzzers.
 2022-05-04 23:04:02 +01:00
Niels Lohmann 5a889cfdf5
fix build: adjust tests directory (#7671) 
In https://github.com/nlohmann/json/pull/3462 we renamed the folder "test" to "tests".
 2022-05-04 20:35:53 +01:00
Vincent Rabaud 2369a6a818
Add a few more contributors (#7669) 2022-05-04 16:55:12 +01:00
DavidKorczynski cfbb50e67e
aiohttp: add multipart and payload fuzzer (#7666) 2022-05-04 11:55:22 +01:00
Roman Wagner 2ca4f199f0
add project maintainer email address (#7665) 2022-05-04 10:50:01 +01:00
Piotr Sikora 05365732a2
[abseil-cpp] Add missing @bazel_skylib dependency. (#7664) 
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
 2022-05-03 14:07:00 -05:00
DavidKorczynski 400ee9cf42
ecdsa-python: initial integration (#7498) 
* ecdsa-python: initial integration

* revert to old compilation style atm

* use latest build set up

* fix typo
 2022-05-03 10:11:45 +01:00
DavidKorczynski 94d8323e8f
python-rsa: initial integration (#7516) 
* python-rsa: initial integration

* add assert

* update to new build set up
 2022-05-03 10:05:01 +01:00
armandomontanez 4ce19aa195
pigweed: Update to new json format (#7658) 
Updates oss-fuzz to correctly parse Pigweed's updated CIPD JSON format
to fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44445. Also
restores bloaty to the list of required CIPD packages to allow
post-bootstrap checks to pass.
 2022-05-03 17:04:22 +10:00
Emmanuel Bourg 2dc98d5c95
jsign: fuzzing for exe, msi and cab files (#7656) 2022-05-03 12:21:56 +10:00
psy 45377fdef2
Update fuzz target to ignore class injection (#7657) 
see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47102
 2022-05-02 16:12:20 +01:00
DavidKorczynski d28259d4c7
lxml: refine and fix fuzzers (#7655) 2022-05-02 11:17:08 +00:00
Catena cyber bcf7972c03
ngolo-fuzzing: more generic arguments for fuzz targets building (#7653) 2022-05-02 12:08:26 +01:00
DavidKorczynski 3195128435
urllib3: set myself as primary contact (#7654) 
This is following discusisons in Ref: https://github.com/google/oss-fuzz/pull/7645
 2022-05-02 11:15:39 +01:00
Emmanuel Bourg e2edcfcbdd
jsign: initial integration (#7621) 2022-05-02 10:18:03 +10:00
Martijn van Beurden 9b1534c4f7
flac: Add second (more thorough) encoder fuzzer (#7647) 2022-05-01 23:47:36 +01:00
Marcono1234 3f6b1f1b27
Remove Maven debug logging for Gson build (#7649) 2022-05-01 23:46:39 +01:00
DavidKorczynski 2f3614bf1b
lxml: add three new fuzzers (#7646) 2022-04-30 11:45:36 +01:00
Adi (Suissa) Peleg fb44849508
envoy: add http_parser special external lib (#7637) 
Signed-off-by: Adi Suissa-Peleg <adip@google.com>
 2022-04-29 10:08:42 -05:00
DavidKorczynski ed040f46cb
flask: migrate fuzzers from previous PRs (#7639) 
jinja and werkzeug previous initial integration suggestions.

Ref: https://github.com/google/oss-fuzz/pull/4761
Ref: https://github.com/google/oss-fuzz/pull/4998
 2022-04-28 19:53:37 +01:00
Alastair Donaldson a33459e7ba
Update tint project to reflect new build requirements. (#7625) 
* Update tint project to reflect new build requirements.

* Fix build for i386.
 2022-04-28 19:01:08 +01:00
psy efa4e9cd5a
Change the fuzz target to XmlPullParserFactory & fix javadoc (#7638) 2022-04-28 09:55:26 -04:00
DavidKorczynski c351603b3d
infra: enable argument passing to compile_python_fuzzer (#7628) 
* infra: enable argument passing to compile_python_fuzzer

Enable passing arguments to pyinstaller. This is used by, e.g. Django.

Ref:
0cb820e5af (commitcomment-72063587)

* only unzip real files
 2022-04-28 09:38:43 +01:00
Nathan Moinvaziri 15198947a2
Update minizip project details (#7633) 
* [minizip] update repository url

* [minizip] update name of development branch

* [minizip] fix name of cmake fuzz test option
 2022-04-27 18:12:39 +00:00
DavidKorczynski 78c29a183f
icu,unrar: fix projects for fuzzintrospector (#7630) 
* icu: fix for fuzz-introspector

* unrar: fix for fuzz-introspector
 2022-04-27 15:22:19 +01:00
DavidKorczynski 44863db4c0
flask: initial integration (#7542) 
* flask: initial integration

* add dictionary
 2022-04-27 11:03:50 +01:00
salmonstriver 48ac879fb4
fix link path (#7627) 2022-04-27 10:08:00 +01:00
psy 3615c339c0
apache-commons-lang: Initial integration (#7608) 
* Initial integration

* Split fuzz target, add dict & corpus
 2022-04-27 13:44:05 +10:00
Adi (Suissa) Peleg b461889c70
envoy: add include directory to coverage (#7626) 
Signed-off-by: Adi Suissa-Peleg <adip@google.com>
 2022-04-26 08:55:49 -05:00
vargen 8fb48edd24
Apache commons-codec initial integration (#7596) 2022-04-26 17:36:41 +10:00
vargen 8a1103a34a
Initial integration files for apache commons-io (#7571) 2022-04-26 17:17:14 +10:00
Roman Wagner 55818d27b7
[apache-commons-jxpath] Initial Integration (#7582) 2022-04-26 17:14:12 +10:00
psy 184c04b70d
Initial integration (#7611) 2022-04-26 17:13:29 +10:00
psy 7a0502fb71
Initial integration (#7584) 2022-04-26 08:46:09 +10:00
psy 45d1d61baa
jackson-databind: Initial integration (#7610) 
* Initial integration

* Use 2.14 branch
 2022-04-26 08:43:21 +10:00
Roman Wagner 32fd138d10
[javassist] Initial Integration (#7619) 2022-04-26 08:42:52 +10:00