From df7374495d0234c94d17370833faa046b1444c77 Mon Sep 17 00:00:00 2001 From: AdamKorcz Date: Fri, 29 Jul 2022 14:03:22 +0100 Subject: [PATCH] Add Atheris fuzzers Signed-off-by: AdamKorcz --- .clusterfuzzlite/Dockerfile | 4 +++ .clusterfuzzlite/build.sh | 18 +++++++++++++ .clusterfuzzlite/project.yaml | 1 + .github/workflows/cflite.yml | 29 +++++++++++++++++++++ tests/fuzzing/fuzz_LightScriptCellReader.py | 21 +++++++++++++++ tests/fuzzing/fuzz_RMarkdownCellReader.py | 20 ++++++++++++++ 6 files changed, 93 insertions(+) create mode 100644 .clusterfuzzlite/Dockerfile create mode 100755 .clusterfuzzlite/build.sh create mode 100644 .clusterfuzzlite/project.yaml create mode 100644 .github/workflows/cflite.yml create mode 100644 tests/fuzzing/fuzz_LightScriptCellReader.py create mode 100644 tests/fuzzing/fuzz_RMarkdownCellReader.py diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile new file mode 100644 index 000000000..3261982f1 --- /dev/null +++ b/.clusterfuzzlite/Dockerfile @@ -0,0 +1,4 @@ +FROM gcr.io/oss-fuzz-base/base-builder-python +COPY . $SRC/jupytext +WORKDIR jupytext +COPY .clusterfuzzlite/build.sh $SRC/ diff --git a/.clusterfuzzlite/build.sh b/.clusterfuzzlite/build.sh new file mode 100755 index 000000000..0d26fd257 --- /dev/null +++ b/.clusterfuzzlite/build.sh @@ -0,0 +1,18 @@ +#!/bin/bash -eu +pip3 install --upgrade pip +pip3 install . + +for fuzzer in $(find $SRC -name 'fuzz_*.py'); do + fuzzer_basename=$(basename -s .py $fuzzer) + fuzzer_package=${fuzzer_basename}.pkg + pyinstaller --distpath $OUT --onefile --name $fuzzer_package $fuzzer + + # Create execution wrapper. + echo "#!/bin/sh +# LLVMFuzzerTestOneInput for fuzzer detection. +this_dir=\$(dirname \"\$0\") +LD_PRELOAD=\$this_dir/sanitizer_with_fuzzer.so \ +ASAN_OPTIONS=\$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=\$this_dir/llvm-symbolizer:detect_leaks=0 \ +\$this_dir/$fuzzer_package \$@" > $OUT/$fuzzer_basename + chmod +x $OUT/$fuzzer_basename +done diff --git a/.clusterfuzzlite/project.yaml b/.clusterfuzzlite/project.yaml new file mode 100644 index 000000000..d1ad0ae50 --- /dev/null +++ b/.clusterfuzzlite/project.yaml @@ -0,0 +1 @@ +language: python diff --git a/.github/workflows/cflite.yml b/.github/workflows/cflite.yml new file mode 100644 index 000000000..ecd6c6248 --- /dev/null +++ b/.github/workflows/cflite.yml @@ -0,0 +1,29 @@ +name: ClusterFuzzLite PR fuzzing +on: + workflow_dispatch: + pull_request: + paths: + - '**' +permissions: read-all +jobs: + PR: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + sanitizer: [address] + steps: + - name: Build Fuzzers (${{ matrix.sanitizer }}) + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + sanitizer: ${{ matrix.sanitizer }} + language: python + - name: Run Fuzzers (${{ matrix.sanitizer }}) + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 400 + mode: 'code-change' + sanitizer: ${{ matrix.sanitizer }} diff --git a/tests/fuzzing/fuzz_LightScriptCellReader.py b/tests/fuzzing/fuzz_LightScriptCellReader.py new file mode 100644 index 000000000..12c89f60f --- /dev/null +++ b/tests/fuzzing/fuzz_LightScriptCellReader.py @@ -0,0 +1,21 @@ +import sys + +import atheris + +with atheris.instrument_imports(): + from jupytext.cell_reader import LightScriptCellReader + +def TestOneInput(data): + fdp = atheris.FuzzedDataProvider(data) + text = fdp.ConsumeString(len(data)) + lines = text.splitlines() + _ = LightScriptCellReader().read(lines) + + + +def main(): + atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main() diff --git a/tests/fuzzing/fuzz_RMarkdownCellReader.py b/tests/fuzzing/fuzz_RMarkdownCellReader.py new file mode 100644 index 000000000..52e9a7f08 --- /dev/null +++ b/tests/fuzzing/fuzz_RMarkdownCellReader.py @@ -0,0 +1,20 @@ +import sys + +import atheris + +with atheris.instrument_imports(): + from jupytext.cell_reader import RMarkdownCellReader + +def TestOneInput(data): + fdp = atheris.FuzzedDataProvider(data) + text = fdp.ConsumeString(len(data)) + lines = text.splitlines() + _ = RMarkdownCellReader().read(lines) + + +def main(): + atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) + atheris.Fuzz() + +if __name__ == "__main__": + main()