OSS-Fuzz integration updates (#219)

* fix build

* CIFuzz integration

* update fuzzer

* undo changes to build

* ossfuzz.sh: fix copy path

diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml
new file mode 100644 (file)
index 0000000..afd79be
--- /dev/null
+++ b/.github/workflows/ci-fuzz.yml
@@ -0,0 +1,23 @@
+name: CIFuzz
+on: [pull_request]
+jobs:
+  Fuzzing:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Build Fuzzers
+      uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'utf8proc'
+        dry-run: false
+    - name: Run Fuzzers
+      uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'utf8proc'
+        fuzz-seconds: 600
+        dry-run: false
+    - name: Upload Crash
+      uses: actions/upload-artifact@v1
+      if: failure()
+      with:
+        name: artifacts
+        path: ./out/artifacts
\ No newline at end of file

diff --git a/test/fuzzer.c b/test/fuzzer.c
index cc91e6720f92bfa11c227824eecda3e18a9518f1..1e02f3395baa3c6a97288c5baee93e62853743b6 100644 (file)
--- a/test/fuzzer.c
+++ b/test/fuzzer.c
@@ -1,4 +1,5 @@
 #include <utf8proc.h>
+#include <string.h>
 
 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
@@ -6,6 +7,61 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 
     if(data[size-1] != '\0') return 0;
 
+    const uint8_t* ptr = data;
+    utf8proc_int32_t c = 0;
+    utf8proc_option_t options;
+    utf8proc_ssize_t ret, bytes = 0;
+    size_t len = strlen((const char*)data);
+    
+    while(bytes != len)
+    {
+        ret = utf8proc_iterate(ptr, -1, &c);
+        
+        if(ret < 0 || ret == 0) break;
+        
+        bytes += ret;
+        ptr += ret;
+
+        utf8proc_tolower(c);
+        utf8proc_toupper(c);
+        utf8proc_totitle(c);
+        utf8proc_islower(c);
+        utf8proc_isupper(c);
+        utf8proc_charwidth(c);
+        utf8proc_category(c);
+        utf8proc_category_string(c);
+        utf8proc_codepoint_valid(c);
+    }
+    
+    utf8proc_int32_t *copy = size >= 4 ? NULL : malloc(size);
+    
+    if(copy)
+    {
+        size /= 4;
+        
+        options = UTF8PROC_STRIPCC | UTF8PROC_NLF2LS | UTF8PROC_NLF2PS;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+        
+        options = UTF8PROC_STRIPCC | UTF8PROC_NLF2LS;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+        
+        options = UTF8PROC_STRIPCC | UTF8PROC_NLF2PS;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+        
+        options = UTF8PROC_STRIPCC;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+        
+        options = 0;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+        
+        free(copy);
+    }
+
     free(utf8proc_NFD(data));
     free(utf8proc_NFC(data));
     free(utf8proc_NFKD(data));

diff --git a/test/ossfuzz.sh b/test/ossfuzz.sh
index 8a127a3135e4599751b03615017cbdaef6a804aa..3e3b33b049ac7d0cbd2ebf4e7b687e54fde8f4d6 100755 (executable)
--- a/test/ossfuzz.sh
+++ b/test/ossfuzz.sh
@@ -7,7 +7,7 @@ cd build
 cmake .. -DUTF8PROC_ENABLE_TESTING=ON -DLIB_FUZZING_ENGINE="$LIB_FUZZING_ENGINE"
 make -j$(nproc)
 
-cp $SRC/utf8proc/build/fuzzer utf8proc_fuzzer
+cp $SRC/utf8proc/build/fuzzer $OUT/utf8proc_fuzzer
 
 find $SRC/utf8proc/test -name "*.txt" | \
      xargs zip $OUT/utf8proc_fuzzer_seed_corpus.zip