hg-stable: contrib/fuzz/manifest.cc@7d5455b988ec (annotated)

40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	1	#include <Python.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	2	#include <assert.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	3	#include <stdlib.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	4	#include <unistd.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	5
41023 ef103c96ed33 fuzz: extract Python initialization to utility package Augie Fackler <augie@google.com> parents: 40373 diff changeset	6	#include "pyutil.h"
ef103c96ed33 fuzz: extract Python initialization to utility package Augie Fackler <augie@google.com> parents: 40373 diff changeset	7
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	8	#include <string>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	9
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	10	extern "C" {
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	11
43870 8766728dbce6 fuzz: add support for fuzzing under either Python 2 or 3 Augie Fackler <augie@google.com> parents: 41337 diff changeset	12	static PYCODETYPE *code;
40373 c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	13
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	14	extern "C" int LLVMFuzzerInitialize(int argc, char **argv)
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	15	{
41023 ef103c96ed33 fuzz: extract Python initialization to utility package Augie Fackler <augie@google.com> parents: 40373 diff changeset	16	contrib::initpy(*argv[0]);
43870 8766728dbce6 fuzz: add support for fuzzing under either Python 2 or 3 Augie Fackler <augie@google.com> parents: 41337 diff changeset	17	code = (PYCODETYPE *)Py_CompileString(R"py(
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	18	try:
43870 8766728dbce6 fuzz: add support for fuzzing under either Python 2 or 3 Augie Fackler <augie@google.com> parents: 41337 diff changeset	19	lm = parsers.lazymanifest(mdata)
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	20	# iterate the whole thing, which causes the code to fully parse
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	21	# every line in the manifest
41337 d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	22	for e, _, _ in lm.iterentries():
d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	23	# also exercise __getitem__ et al
d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	24	lm[e]
d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	25	e in lm
d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	26	(e + 'nope') in lm
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	27	lm[b'xyzzy'] = (b'\0' * 20, 'x')
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	28	# do an insert, text should change
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	29	assert lm.text() != mdata, "insert should change text and didn't: %r %r" % (lm.text(), mdata)
41337 d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	30	cloned = lm.filtercopy(lambda x: x != 'xyzzy')
d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	31	assert cloned.text() == mdata, 'cloned text should equal mdata'
d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	32	cloned.diff(lm)
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	33	del lm[b'xyzzy']
41337 d60bd5c71cbb fuzz: exercise more of the lazymanifest code Augie Fackler <raf@durin42.com> parents: 41336 diff changeset	34	cloned.diff(lm)
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	35	# should be back to the same
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	36	assert lm.text() == mdata, "delete should have restored text but didn't: %r %r" % (lm.text(), mdata)
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	37	except Exception as e:
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	38	pass
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	39	# uncomment this print if you're editing this Python code
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	40	# to debug failures.
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	41	# print e
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	42	)py",
43870 8766728dbce6 fuzz: add support for fuzzing under either Python 2 or 3 Augie Fackler <augie@google.com> parents: 41337 diff changeset	43	"fuzzer", Py_file_input);
40373 c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	44	return 0;
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	45	}
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	46
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	47	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	48	{
41336 44cd432aed9f fuzz: restrict manifest input size Augie Fackler <raf@durin42.com> parents: 41023 diff changeset	49	// Don't allow fuzzer inputs larger than 100k, since we'll just bog
44cd432aed9f fuzz: restrict manifest input size Augie Fackler <raf@durin42.com> parents: 41023 diff changeset	50	// down and not accomplish much.
44cd432aed9f fuzz: restrict manifest input size Augie Fackler <raf@durin42.com> parents: 41023 diff changeset	51	if (Size > 100000) {
44cd432aed9f fuzz: restrict manifest input size Augie Fackler <raf@durin42.com> parents: 41023 diff changeset	52	return 0;
44cd432aed9f fuzz: restrict manifest input size Augie Fackler <raf@durin42.com> parents: 41023 diff changeset	53	}
40373 c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	54	PyObject *mtext =
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	55	PyBytes_FromStringAndSize((const char *)Data, (Py_ssize_t)Size);
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	56	PyObject *locals = PyDict_New();
c3ab0a89331d fuzz: move many initialization steps into LLVMFuzzerInitialize Augie Fackler <augie@google.com> parents: 40280 diff changeset	57	PyDict_SetItemString(locals, "mdata", mtext);
41023 ef103c96ed33 fuzz: extract Python initialization to utility package Augie Fackler <augie@google.com> parents: 40373 diff changeset	58	PyObject *res = PyEval_EvalCode(code, contrib::pyglobals(), locals);
40101 ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40090 diff changeset	59	if (!res) {
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40090 diff changeset	60	PyErr_Print();
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40090 diff changeset	61	}
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40090 diff changeset	62	Py_XDECREF(res);
40054 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	63	Py_DECREF(locals);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	64	Py_DECREF(mtext);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	65	return 0; // Non-zero return values are reserved for future use.
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	66	}
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	67	}

author	Pierre-Yves David <pierre-yves.david@octobus.net>
	Fri, 06 Mar 2020 23:27:28 +0100
branch	stable
changeset 44201	7d5455b988ec
parent 43870	8766728dbce6
child 45006	0ff59434af72
permissions	-rw-r--r--