From fbbd5bef5eecc853d619ccbc900d0f87815efae0 Mon Sep 17 00:00:00 2001 From: Kuang-che Wu Date: Sat, 1 Oct 2016 16:08:33 +0800 Subject: [PATCH] Add fuzzer for libchewing --- libchewing/Dockerfile | 21 +++++++++++++++++++ libchewing/Jenkinsfile | 23 +++++++++++++++++++++ libchewing/build.sh | 35 ++++++++++++++++++++++++++++++++ libchewing/chewing_fuzzer.c | 40 +++++++++++++++++++++++++++++++++++++ 4 files changed, 119 insertions(+) create mode 100644 libchewing/Dockerfile create mode 100644 libchewing/Jenkinsfile create mode 100755 libchewing/build.sh create mode 100644 libchewing/chewing_fuzzer.c diff --git a/libchewing/Dockerfile b/libchewing/Dockerfile new file mode 100644 index 000000000000..d457de603bbc --- /dev/null +++ b/libchewing/Dockerfile @@ -0,0 +1,21 @@ +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM ossfuzz/base-libfuzzer +MAINTAINER kcwu@csie.org +RUN apt-get install -y make autoconf automake libtool texinfo + +CMD /src/oss-fuzz/libchewing/build.sh diff --git a/libchewing/Jenkinsfile b/libchewing/Jenkinsfile new file mode 100644 index 000000000000..6fe2c20fa7ed --- /dev/null +++ b/libchewing/Jenkinsfile @@ -0,0 +1,23 @@ +// Copyright 2016 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +def libfuzzerBuild = fileLoader.fromGit('infra/libfuzzer-pipeline.groovy', + 'https://github.com/google/oss-fuzz.git', + 'master', null, '') + +libfuzzerBuild { + git = "https://github.com/chewing/libchewing.git" +} diff --git a/libchewing/build.sh b/libchewing/build.sh new file mode 100755 index 000000000000..f6a8812daea0 --- /dev/null +++ b/libchewing/build.sh @@ -0,0 +1,35 @@ +#!/bin/bash -eu +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +cd /src/libchewing + +# build the library. +./autogen.sh +./configure --disable-shared --enable-static --without-sqlite3 +make clean all + +# build your fuzzer(s) +make -C test CFLAGS="$CFLAGS -Dmain=stress_main -Drand=get_fuzz_input" stress.o + +./libtool --mode=link \ + $CC $CFLAGS \ + -o /out/chewing_fuzzer \ + /src/oss-fuzz/libchewing/chewing_fuzzer.c \ + test/stress.o test/libtesthelper.la src/libchewing.la $LDFLAGS /work/libfuzzer/*.o + +# install data files +make -C data pkgdatadir=/out install diff --git a/libchewing/chewing_fuzzer.c b/libchewing/chewing_fuzzer.c new file mode 100644 index 000000000000..4703c5e9b901 --- /dev/null +++ b/libchewing/chewing_fuzzer.c @@ -0,0 +1,40 @@ +#include +#include +#include +#include +#include + +static const uint8_t* fuzz_ptr; +static const uint8_t* fuzz_input; +static size_t fuzz_size; + +int stress_main(int argc, char** argv); + + int LLVMFuzzerInitialize(int* argc, char*** argv) { + char* exe_path = (*argv)[0]; + char* dir = dirname(exe_path); + // Assume data files are at the same location as executable. + setenv("CHEWING_PATH", dir, 0); + setenv("CHEWING_USER_PATH", dir, 0); + return 0; + } + +int get_fuzz_input() { + if (fuzz_ptr - fuzz_input >= fuzz_size) + return EOF; + return *fuzz_ptr++; +} + +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + fuzz_input = fuzz_ptr = data; + fuzz_size = size; + + const char *stress_argv[] = { + "./chewing_fuzzer", + "-extra", + "-loop", "1", + NULL, + }; + stress_main(4, (char**)stress_argv); + return 0; +}