OSS-Fuzz initial integration (#216)

* add fuzz target

* update fuzzer

* add fuzzer to build with basic entry point

* add build script

* cleanup

* build fuzz target using cmake in oss-fuzz env

* ossfuzz.sh add newline

* update build

diff --git a/CMakeLists.txt b/CMakeLists.txt
index de7717cd1f0ca39d0e47da1ae39e697b777ac08a..e504d13dba142f8ac4a726486d031c26af1cebde 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -15,6 +15,7 @@ set(SO_PATCH 1)
 
 option(UTF8PROC_INSTALL "Enable installation of utf8proc" On)
 option(UTF8PROC_ENABLE_TESTING "Enable testing of utf8proc" Off)
+option(LIB_FUZZING_ENGINE "Fuzzing engine to link against" Off)
 
 add_library (utf8proc
   utf8proc.c
@@ -98,4 +99,12 @@ if(UTF8PROC_ENABLE_TESTING)
   target_link_libraries(normtest utf8proc)
   add_test(utf8proc.testgraphemetest graphemetest data/GraphemeBreakTest.txt)
   add_test(utf8proc.testnormtest normtest data/NormalizationTest.txt)
+  
+  if(LIB_FUZZING_ENGINE)
+    add_executable(fuzzer utf8proc.h test/fuzzer.c)
+    target_link_libraries(fuzzer ${LIB_FUZZING_ENGINE} utf8proc)
+  else()
+    add_executable(fuzzer utf8proc.h test/fuzz_main.c test/fuzzer.c)
+    target_link_libraries(fuzzer utf8proc)
+  endif()
 endif()

diff --git a/test/fuzz_main.c b/test/fuzz_main.c
new file mode 100644 (file)
index 0000000..7b0c22b
--- /dev/null
+++ b/test/fuzz_main.c
@@ -0,0 +1,54 @@
+#include <stdio.h>\r
+#include <stdlib.h>\r
+#include <stdint.h>\r
+\r
+/* Fuzz target entry point, works without libFuzzer */\r
+\r
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size);\r
+\r
+int main(int argc, char **argv)\r
+{\r
+    FILE *f;\r
+    char *buf = NULL;\r
+    long siz_buf;\r
+\r
+    if(argc < 2)\r
+    {\r
+        fprintf(stderr, "no input file\n");\r
+        goto err;\r
+    }\r
+\r
+    f = fopen(argv[1], "rb");\r
+    if(f == NULL)\r
+    {\r
+        fprintf(stderr, "error opening input file %s\n", argv[1]);\r
+        goto err;\r
+    }\r
+\r
+    fseek(f, 0, SEEK_END);\r
+\r
+    siz_buf = ftell(f);\r
+    rewind(f);\r
+\r
+    if(siz_buf < 1) goto err;\r
+\r
+    buf = (char*)malloc(siz_buf);\r
+    if(buf == NULL)\r
+    {\r
+        fprintf(stderr, "malloc() failed\n");\r
+        goto err;\r
+    }\r
+\r
+    if(fread(buf, siz_buf, 1, f) != 1)\r
+    {\r
+        fprintf(stderr, "fread() failed\n");\r
+        goto err;\r
+    }\r
+\r
+    (void)LLVMFuzzerTestOneInput((uint8_t*)buf, siz_buf);\r
+\r
+err:\r
+    free(buf);\r
+\r
+    return 0;\r
+}\r

diff --git a/test/fuzzer.c b/test/fuzzer.c
new file mode 100644 (file)
index 0000000..cc91e67
--- /dev/null
+++ b/test/fuzzer.c
@@ -0,0 +1,16 @@
+#include <utf8proc.h>
+
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    if(size < 1) return 0;
+
+    if(data[size-1] != '\0') return 0;
+
+    free(utf8proc_NFD(data));
+    free(utf8proc_NFC(data));
+    free(utf8proc_NFKD(data));
+    free(utf8proc_NFKC(data));
+    free(utf8proc_NFKC_Casefold(data));
+
+    return 0;
+}
\ No newline at end of file

diff --git a/test/ossfuzz.sh b/test/ossfuzz.sh
new file mode 100755 (executable)
index 0000000..8a127a3
--- /dev/null
+++ b/test/ossfuzz.sh
@@ -0,0 +1,13 @@
+#!/bin/bash -eu
+# This script is meant to be run by
+# https://github.com/google/oss-fuzz/blob/master/projects/utf8proc/Dockerfile
+
+mkdir build
+cd build
+cmake .. -DUTF8PROC_ENABLE_TESTING=ON -DLIB_FUZZING_ENGINE="$LIB_FUZZING_ENGINE"
+make -j$(nproc)
+
+cp $SRC/utf8proc/build/fuzzer utf8proc_fuzzer
+
+find $SRC/utf8proc/test -name "*.txt" | \
+     xargs zip $OUT/utf8proc_fuzzer_seed_corpus.zip