Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,003 Commits 195 Branches 0 Tags 125 MiB
Commit Graph

8003 Commits

Author SHA1 Message Date
Patrice.S f0b22db527
spring-websocket: initial integration (#8712) 2022-10-07 10:08:32 -07:00
AdamKorcz 9415dd79b4
fabric: add more fuzzers (#8713) 
Adds more fuzzers for hyperledger fabric.

Signed-off-by: AdamKorcz <adam@adalogics.com>

Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-10-07 18:00:18 +01:00
Julien Voisin 1328379d34
Don't allow libmagic to fork (#8710) 
Having libmagic fork and call `exit` in the children angers and saddens
oss-fuzz's infra.

Co-authored-by: Julien Voisin <jvoisin@google.com>
 2022-10-07 14:18:52 +01:00
Arjun 98615176fb
[GPSD] remove FuzzLibgps and some bloat (#8707) 
Well, It was a mistake from my side.
inside ```gps_unpack``` is actually ```libgps_json_unpack``` function
call.

[source
code](dc7ff7fc4f/libgps/libgps_sock.c (L402))

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>
 2022-10-07 13:36:11 +01:00
Arjun 35618589fc
[ntpsec]remove bad Harness FuzzLeapsec.c, change min and max size (#8708) 
Remove bad Harness.
fix size of input. 

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>
 2022-10-07 12:51:04 +01:00
Arjun 709d057f3c
[pupnp] shift files (#8705) 
files are in the main repo https://github.com/pupnp/pupnp/pull/417

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>
 2022-10-07 10:16:06 +01:00
Nick Rabinowitz e6987e16ab
[h3] Add @nrabinowitz to the list of H3 maintainers (#8700) 
Adds [nrabinowitz](https://github.com/nrabinowitz) to the list of
maintainers for https://github.com/uber/h3

cc @isaacbrodsky
 2022-10-06 19:44:44 +00:00
Connal de Souza 87008c74aa
Update example_flush_fuzzer.c (#8688) 
Update zlib InflateSync() fuzzer to work with newer zlib versions
(1.1.12+), as well as old ones. See
0d36ec47f3 (diff-ee2056925e4c37440ea48152cc692dd2f33019dfe6a2d688787751a9af8f8282)
 2022-10-06 18:50:04 +00:00
Jonathan Tatum a442ef149d
Set parser recursion limit for fuzz tests. (#8673) 
Very large inputs that generate large ASTs can cause some of the
sanitizers to timeout. Setting a smaller complexity limit should help
filter out those cases.

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2022-10-06 15:27:56 +00:00
manunio 820e17343c
ron: initial integration (#8676) 
Hi, [RON](https://github.com/ron-rs/ron) is a simple readable data
serialization format that looks similar to Rust syntax. It's designed to
support all of [Serde's data model](https://serde.rs/data-model.html),
so structs, enums, tuples, arrays, generic maps, and primitive values.
- It has 3 million+ downloads as per
[crates.io](https://crates.io/crates/ron).
- It's being used by projects like:
  - [bevy](https://github.com/bevyengine/bevy)
  - [egui](https://github.com/emilk/egui)
  - [Fyrox](https://github.com/FyroxEngine/Fyrox)
  - [orbtk](https://github.com/redox-os/orbtk)
  - [wgpu](https://github.com/gfx-rs/wgpu)
  - [gitui](https://github.com/extrawurst/gitui)
  - [insta](https://github.com/mitsuhiko/insta)
  - [serde_with](https://github.com/jonasbb/serde_with)
 2022-10-06 10:52:13 -04:00
code-terror 1012b35cf1
Initial integration serde_urlencoded (#8680) 
serde_urlencoded is a major rust package that 44 million package
downloads.It is used in many rust web services as a dependency. It is
downloaded 90 thousand times every day.
 2022-10-06 10:50:16 -04:00
Julien Voisin cf0808d299
Make use of libarchive uuencoded testfiles (#8686) 
Please do squash me :)

Co-authored-by: Julien Voisin <jvoisin@google.com>
Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2022-10-06 10:44:35 -04:00
Roman Wagner 6eb94780fe
[hsqldb] fix typo (#8689) 
@kyakdan
 2022-10-06 10:43:51 -04:00
DavidKorczynski 40490c3c8d
minizip: fix build (#8693) 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51117
 2022-10-06 13:30:51 +01:00
DavidKorczynski db0032db88
sleuthkit: fix build (#8694) 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51119
 2022-10-06 13:30:40 +01:00
Arthur Chan 208b63202a
[git]: Set GIT_CONFIG_SYSTEM environment variable (#8691) 
Set GIT_CONFIG_SYSTEM environment variable to local template to avoid
git accessing inaccessible default location.
 2022-10-06 12:25:23 +01:00
Milan Broz 6258bbdadb
[cryptsetup] Initial integration for cryptsetup (#8672) 
This patch adds fuzzers built for the upstream cryptsetup project.

Initially, we try to fuzz LUKS2 on-disk format using various binary and
JSON header modification methods.
This produces basic coverage on on-disk header parsing code.

Fuzzers for other formats like LUKS1 will be added later.

Currently, we enable only binary fuzzer and plain JSON mutator with a
pre-generated corpus from previous experiments.

Changes based on Daniel Zatovic's work.

Signed-off-by: Milan Broz <gmazyland@gmail.com>
 2022-10-05 11:59:05 -07:00
Julien Voisin e74acd6a70
Make use of liblzo2 in libarchive (#8685) 
Co-authored-by: Julien Voisin <jvoisin@google.com>
 2022-10-05 15:34:26 +01:00
Julien Voisin 34975fed83
Add weird files to clamav's corpus (#8684) 
Co-authored-by: Julien Voisin <jvoisin@google.com>
 2022-10-05 15:31:52 +01:00
Julien Voisin 0a8a100e8d
Improve a bit libarchive's corpus (#8683) 
- Add corkami's repository of weird formats/archives
- Speed up compilation a bit

Co-authored-by: Julien Voisin <jvoisin@google.com>
 2022-10-05 11:20:41 +01:00
Daiki AMINAKA 2f75288878
Fix link issue (#8677) 
- cmake 3.16 (default version) might not work as expected with -Static
option
- Specifying exactly three option `-DisableTest -DisableTools
-DisablePerf` doesn't generate libmsquic.a, then link error for fuzzing
code
 2022-10-05 09:48:08 +01:00
Arjun d76fb7d579
[GPSD] fix json bugs. (#8669) 
Fix of https://github.com/google/oss-fuzz/issues/8666
Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>
 2022-10-04 12:51:54 -07:00
Alexander Bulekov 228e432d2c
qemu: add libslirp dependency (#8674) 
This should fix the build

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
 2022-10-04 15:39:34 -04:00
Andrew Bartlett 6de85e9a9d
Add abartlet's primary e-mail to Samba project (#8675) 
Add primary email for Andrew Bartlett to the Samba Project to allow
GitHub authentication
 2022-10-04 15:39:04 -04:00
Arthur Chan cc6bd316b8
[git]: Remove git system config and add debug message (#8671) 
Reset git system config for each iteration and print debug message of
folder construction.
Allowing error message to display.
 2022-10-04 17:16:23 +01:00
Even Rouault 2a6157ccf5
[mapserver] Disable memory sanitizer (#8667) 
It causes false positives due to a number of mapserver dependencies not
being rebuilt with it.
Also rely on default settings for the sanitizers and fuzzing_engines
section
 2022-10-04 11:45:43 -04:00
Jacek Trossen 54732b5db5
[spring-shell] initial integration spring-shell-core (#8639) 2022-10-04 09:32:22 -04:00
Oliver Chang a5562d72c3
Disable ubsan for gpsd (#8668) 
The maintainer does not want these reports.

Fixes https://github.com/google/oss-fuzz/issues/8658
 2022-10-04 17:14:40 +11:00
Arjun 987d9c939c
[pupnp] initial integration (#8603) 
Hello, @mrjimenez
Any thoughts on PR?

Other harnesses are not included due to test failure of :

[test_UpnpHttpHeaderList.cpp](https://github.com/pupnp/pupnp/blob/branch-1.14.x/gtest/test_UpnpHttpHeaderList.cpp)

[test_upnpapi.cpp](https://github.com/pupnp/pupnp/blob/branch-1.14.x/gtest/test_upnpapi.cpp)

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>
 2022-10-03 17:37:17 -04:00
manunio f446296f6d
toml_edit: Fixes build error (#8665) 
Hi, This fixes build error caused by toml_edit fuzz refactoring.
 2022-10-03 21:40:20 +01:00
Arthur Chan dcbdb3b919
[git]: increase code coverage (#8662) 
Fix error handling and increase base seed size to avoid early ending
from errors.
 2022-10-03 21:39:39 +01:00
Even Rouault 134d65a556
[MapServer] Update contacts (#8663) 
- Remove Max Kellerman who is not in the project team and has indicated
not being interested to receive messages
- Add Steve Lime, who is the project lead (cf
https://www.osgeo.org/foundation-news/steve-lime/)
 2022-10-03 15:51:16 +00:00
aschaich 7bca21f229
[maven] Initial Integration for maven-core (#8636) 2022-10-03 11:44:57 -04:00
Patrice.S 45118f4383
spring-webflux: initial integration (#8642) 2022-10-03 11:44:17 -04:00
aschaich fed69f50cf
[jaxb] Initial Integration for jaxb-impl (#8438) 
Co-authored-by: Khaled Yakdan <yakdan@code-intelligence.de>
 2022-10-03 11:43:18 -04:00
jonathanmetzman 06479b3d94
Reland 6088406 (#8664) 
This relands 6088406 (https://github.com/google/oss-fuzz/pull/8524)
This reverts commit 940112608a.
CC @manunio
 2022-10-03 11:40:49 -04:00
Matthew Waters 328dcf3e88
gstreamer: fix build by updating meson to latest stable release (0.63.2) (#8660) 
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51814
 2022-10-03 11:22:00 +01:00
DavidKorczynski 9808e992e8
git: refine set up (#8656) 
- Match with latest upstream changes where some fuzzing PRs have gone
through
(600f45a53b)
- Add checks on return values from cmd_add and cmd_git to avoid
proceeding in the event something erroneous happen
- Refine fuzz-cmd-diff
- Add leak detection
- Adds some patching in the git code to avoid exit. This should be okay
-- at least the fuzzers continue to run on my system. Let's see if down
the line some type of state gets cluttered.

This makes the diff and command fuzzer run well on my machine and we
have no dependencies on executables on the platform besides standard
linux utilities.

Signed-off-by: David Korczynski <david@adalogics.com>

Signed-off-by: David Korczynski <david@adalogics.com>
 2022-10-01 20:38:58 +01:00
cgzones d34472a794
[selinux] replace PCRE by PCRE2 (#8655) 
The SELinux userspace has been ported to default to build with PCRE2[1].

[1]:
4ffe2dfc78
 2022-10-01 20:13:37 +01:00
DavidKorczynski c4c9d98c3b
apache-httpd, libyang: fix pcre2 location (#8654) 
pcre2 is now on Github. Fixes both builds.
 2022-10-01 17:03:06 +01:00
DavidKorczynski 1941c0520c
pyxdg: enable pysecsan (#8653) 
Enabling pysecsan for 2 of the fuzzers.

Signed-off-by: David Korczynski <david@adalogics.com>

Signed-off-by: David Korczynski <david@adalogics.com>
 2022-10-01 17:02:51 +01:00
Philip Hazel 01767166c4
The PCRE2 repo has moved (#8651) 
The PCRE2 repo moved to GitHub some time ago; I updated the oss-fuzz
files but didn't properly create a pull request. Here it is.
 2022-10-01 11:15:07 +01:00
Hayden B 294455645d
Update sigstore contacts to be individual members (#8648) 
Groups do not seem to grant access to the issues.
 2022-09-30 16:07:30 -07:00
Arjun 61db710849
[gpsd] initial integration (#8548) 
New: https://github.com/google/oss-fuzz/pull/8493

Signed-off-by: 0x34d <ajsinghyadav00@gmail.com>
 2022-09-30 12:29:51 -04:00
Arthur Chan cbd51c9463
[git]: Remove system() call in code (#8644) 
Remove system() call in code
 2022-09-30 16:05:20 +00:00
Arthur Chan 42e24f9460
[oauth2]: Fix unicode error (#8643) 
Fix unicode error for issue
51990 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51990)
 2022-09-30 17:01:57 +01:00
aschaich 83239fb966
[okhttp] Add fuzz target for LoggingInterceptor (#8618) 
Pending until #8617 is merged
 2022-09-30 11:52:05 -04:00
Arthur Chan 296b7b1b29
[Kafka]: Fix issue 51986 51996 (#8641) 
Fix two issues for kafka fuzzing
51986 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51986)
51996 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51996)
 2022-09-30 15:16:57 +01:00
Arthur Chan 43c4d9a53a
[git]: Fix git diff version status (#8640) 
Fix memory clearing logic for cmd fuzzers
Also solve issue 52003
(https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52003)
 2022-09-30 14:29:29 +01:00
Even Rouault f19570e605
[Mapserver] Adapt for upstream changes of https://github.com/MapServer/MapServer/pull/6636 (#8637) 
build.sh and mapfuzzer.c are moved into
https://github.com/MapServer/MapServer repository
 2022-09-30 13:28:48 +01:00