Mercurial: contrib/fuzz/manifest.cc@170cd2a5a1da (annotated)

40053 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	1	#include <Python.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	2	#include <assert.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	3	#include <stdlib.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	4	#include <unistd.h>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	5
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	6	#include <string>
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	7
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	8	extern "C" {
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	9
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	10	/* TODO: use Python 3 for this fuzzing? */
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	11	PyMODINIT_FUNC initparsers(void);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	12
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	13	static char cpypath[8192] = "\0";
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	14
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	15	extern "C" int LLVMFuzzerInitialize(int argc, char **argv)
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	16	{
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	17	const std::string subdir = "/sanpy/lib/python2.7";
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	18	/* HACK ALERT: we need a full Python installation built without
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	19	pymalloc and with ASAN, so we dump one in
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	20	$OUT/sanpy/lib/python2.7. This helps us wire that up. */
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	21	std::string selfpath(*argv[0]);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	22	std::string pypath;
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	23	auto pos = selfpath.rfind("/");
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	24	if (pos == std::string::npos) {
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	25	char wd[8192];
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	26	getcwd(wd, 8192);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	27	pypath = std::string(wd) + subdir;
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	28	} else {
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	29	pypath = selfpath.substr(0, pos) + subdir;
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	30	}
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	31	strncpy(cpypath, pypath.c_str(), pypath.size());
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	32	setenv("PYTHONPATH", cpypath, 1);
40146 adfe4bb53a47 fuzz: try setting PYTHONNOUSERSITE=1 to avoid loading site-packages Augie Fackler <augie@google.com> parents: 40100 diff changeset	33	setenv("PYTHONNOUSERSITE", "1", 1);
40280 170cd2a5a1da fuzz: try even harder to prevent Python from looking up usernames Augie Fackler <augie@google.com> parents: 40146 diff changeset	34	/* prevent Python from looking up users in the fuzz environment */
170cd2a5a1da fuzz: try even harder to prevent Python from looking up usernames Augie Fackler <augie@google.com> parents: 40146 diff changeset	35	setenv("PYTHONUSERBASE", cpypath, 1);
40053 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	36	Py_SetPythonHome(cpypath);
40089 3418f83c8874 fuzzers: init Python in LLVMFuzzerInitialize and intentionally leak it Augie Fackler <augie@google.com> parents: 40053 diff changeset	37	Py_InitializeEx(0);
40053 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	38	return 0;
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	39	}
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	40
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	41	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	42	{
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	43	initparsers();
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	44	PyObject *mtext =
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	45	PyBytes_FromStringAndSize((const char *)Data, (Py_ssize_t)Size);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	46	PyObject *mainmod = PyImport_AddModule("__main__");
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	47	PyObject *globals = PyModule_GetDict(mainmod);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	48	PyObject *locals = PyDict_New();
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	49	PyDict_SetItemString(locals, "mdata", mtext);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	50	PyCodeObject *code =
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	51	(PyCodeObject *)Py_CompileString(R"py(
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	52	from parsers import lazymanifest
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	53	try:
40100 ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40089 diff changeset	54	lm = lazymanifest(mdata)
40053 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	55	# iterate the whole thing, which causes the code to fully parse
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	56	# every line in the manifest
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	57	list(lm.iterentries())
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	58	lm[b'xyzzy'] = (b'\0' * 20, 'x')
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	59	# do an insert, text should change
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	60	assert lm.text() != mdata, "insert should change text and didn't: %r %r" % (lm.text(), mdata)
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	61	del lm[b'xyzzy']
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	62	# should be back to the same
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	63	assert lm.text() == mdata, "delete should have restored text but didn't: %r %r" % (lm.text(), mdata)
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	64	except Exception as e:
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	65	pass
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	66	# uncomment this print if you're editing this Python code
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	67	# to debug failures.
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	68	# print e
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	69	)py",
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	70	"fuzzer", Py_file_input);
40100 ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40089 diff changeset	71	PyObject *res = PyEval_EvalCode(code, globals, locals);
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40089 diff changeset	72	if (!res) {
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40089 diff changeset	73	PyErr_Print();
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40089 diff changeset	74	}
ca4a32d0a4d6 fuzz: report error if Python code raised exception Yuya Nishihara <yuya@tcha.org> parents: 40089 diff changeset	75	Py_XDECREF(res);
40053 8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	76	Py_DECREF(code);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	77	Py_DECREF(locals);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	78	Py_DECREF(mtext);
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	79	return 0; // Non-zero return values are reserved for future use.
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	80	}
8c692a6b5ad1 fuzz: new fuzzer for cext/manifest.c Augie Fackler <augie@google.com> parents: diff changeset	81	}

author	Augie Fackler <augie@google.com>
	Sun, 14 Oct 2018 04:11:35 -0400
changeset 40280	170cd2a5a1da
parent 40146	adfe4bb53a47
child 40373	c3ab0a89331d
permissions	-rw-r--r--