[fuzzer] Rename fuzzing dictionaries for `oss-fuzz` (#6318)

author Vladimir Glavnyy <31897320+vglavnyy@users.noreply.github.com>

Thu, 10 Dec 2020 22:02:01 +0000 (05:02 +0700)

committer GitHub <noreply@github.com>

Thu, 10 Dec 2020 22:02:01 +0000 (14:02 -0800)
author Vladimir Glavnyy <31897320+vglavnyy@users.noreply.github.com>
Thu, 10 Dec 2020 22:02:01 +0000 (05:02 +0700)
committer GitHub <noreply@github.com>
Thu, 10 Dec 2020 22:02:01 +0000 (14:02 -0800)
diff --git a/tests/fuzzer/CMakeLists.txt b/tests/fuzzer/CMakeLists.txt

index 85eddf8..a171eb0 100644 (file)
--- a/tests/fuzzer/CMakeLists.txt
+++ b/tests/fuzzer/CMakeLists.txt
@@ -136,7 +136,7 @@ target_link_libraries(verifier_fuzzer PRIVATE flatbuffers_fuzzed)
  add_executable(monster_fuzzer flatbuffers_monster_fuzzer.cc)
  target_link_libraries(monster_fuzzer PRIVATE flatbuffers_fuzzed)
  add_custom_command(
-  TARGET monster_fuzzer POST_BUILD
+  TARGET monster_fuzzer PRE_BUILD
    COMMAND ${CMAKE_COMMAND} -E copy
    ${CMAKE_SOURCE_DIR}/../monster_test.bfbs
    ${CMAKE_CURRENT_BINARY_DIR}/monster_test.bfbs)
diff --git a/tests/fuzzer/flatbuffers_monster_fuzzer.cc b/tests/fuzzer/flatbuffers_monster_fuzzer.cc

index 13bdef9..2b05048 100644 (file)
--- a/tests/fuzzer/flatbuffers_monster_fuzzer.cc
+++ b/tests/fuzzer/flatbuffers_monster_fuzzer.cc
@@ -26,6 +26,9 @@
  
  namespace {
  
+static constexpr size_t kMinInputLength = 1;
+static constexpr size_t kMaxInputLength = 99000;
+
  static constexpr uint8_t flags_strict_json = 0x80;
  static constexpr uint8_t flags_skip_unexpected_fields_in_json = 0x40;
  static constexpr uint8_t flags_allow_non_utf8 = 0x20;
@@ -83,7 +86,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  
    const std::string original(reinterpret_cast<const char *>(data), size);
    auto input = std::string(original.c_str());  // until '\0'
-  if (input.empty()) return 0;
+  if (input.size() < kMinInputLength || input.size() > kMaxInputLength)
+    return 0;
  
    flatbuffers::IDLOptions opts;
    opts.strict_json = (flags & flags_strict_json);
diff --git a/tests/fuzzer/flatbuffers_parser_fuzzer.cc b/tests/fuzzer/flatbuffers_parser_fuzzer.cc

index 26f9e9f..d4bbb0e 100644 (file)
--- a/tests/fuzzer/flatbuffers_parser_fuzzer.cc
+++ b/tests/fuzzer/flatbuffers_parser_fuzzer.cc
@@ -9,6 +9,9 @@
  #include "flatbuffers/idl.h"
  #include "test_init.h"
  
+static constexpr size_t kMinInputLength = 1;
+static constexpr size_t kMaxInputLength = 33000;
+
  static constexpr uint8_t flags_strict_json = 0x80;
  static constexpr uint8_t flags_skip_unexpected_fields_in_json = 0x40;
  static constexpr uint8_t flags_allow_non_utf8 = 0x20;
@@ -26,7 +29,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  
    const std::string original(reinterpret_cast<const char *>(data), size);
    auto input = std::string(original.c_str());  // until '\0'
-  if (input.empty()) return 0;
+  if (input.size() < kMinInputLength || input.size() > kMaxInputLength)
+    return 0;
  
    flatbuffers::IDLOptions opts;
    opts.strict_json = (flags & flags_strict_json);
diff --git a/tests/fuzzer/flatbuffers_scalar_fuzzer.cc b/tests/fuzzer/flatbuffers_scalar_fuzzer.cc

index fd128a3..faa069e 100644 (file)
--- a/tests/fuzzer/flatbuffers_scalar_fuzzer.cc
+++ b/tests/fuzzer/flatbuffers_scalar_fuzzer.cc
@@ -27,6 +27,9 @@
  #include "flatbuffers/idl.h"
  #include "test_init.h"
  
+static constexpr size_t kMinInputLength = 1;
+static constexpr size_t kMaxInputLength = 3000;
+
  static constexpr uint8_t flags_scalar_type = 0x0F;  // type of scalar value
  static constexpr uint8_t flags_quotes_kind = 0x10;  // quote " or '
  // reserved for future: json {named} or [unnamed]
@@ -241,7 +244,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
    // Guarantee 0-termination.
    const std::string original(reinterpret_cast<const char *>(data), size);
    auto input = std::string(original.c_str());  // until '\0'
-  if (input.empty()) return 0;
+  if (input.size() < kMinInputLength || input.size() > kMaxInputLength)
+    return 0;
  
    // Break comments in json to avoid complexity with regex matcher.
    // The string " 12345 /* text */" will be accepted if insert it to string
diff --git a/tests/fuzzer/monster_json.dict b/tests/fuzzer/monster_fuzzer.dict

similarity index 100%

rename from tests/fuzzer/monster_json.dict

rename to tests/fuzzer/monster_fuzzer.dict
diff --git a/tests/fuzzer/parser_fbs.dict b/tests/fuzzer/parser_fuzzer.dict

similarity index 100%

rename from tests/fuzzer/parser_fbs.dict

rename to tests/fuzzer/parser_fuzzer.dict
diff --git a/tests/fuzzer/scalar_json.dict b/tests/fuzzer/scalar_fuzzer.dict

similarity index 79%

rename from tests/fuzzer/scalar_json.dict

rename to tests/fuzzer/scalar_fuzzer.dict

index 7558dc3..3b2fbc8 100644 (file)
--- a/tests/fuzzer/scalar_json.dict
+++ b/tests/fuzzer/scalar_fuzzer.dict
@@ -10,6 +10,16 @@
  "0x"
  "-0x"
  "p"
+"0"
+"1"
+"2"
+"3"
+"4"
+"5"
+"6"
+"7"
+"8"
+"9"
  "a"
  "b"
  "c"
author	Vladimir Glavnyy <31897320+vglavnyy@users.noreply.github.com>
	Thu, 10 Dec 2020 22:02:01 +0000 (05:02 +0700)
committer	GitHub <noreply@github.com>
	Thu, 10 Dec 2020 22:02:01 +0000 (14:02 -0800)
tests/fuzzer/CMakeLists.txt		patch \| blob \| history
tests/fuzzer/flatbuffers_monster_fuzzer.cc		patch \| blob \| history
tests/fuzzer/flatbuffers_parser_fuzzer.cc		patch \| blob \| history
tests/fuzzer/flatbuffers_scalar_fuzzer.cc		patch \| blob \| history
tests/fuzzer/monster_fuzzer.dict	[moved from tests/fuzzer/monster_json.dict with 100% similarity]	patch \| blob \| history
tests/fuzzer/parser_fuzzer.dict	[moved from tests/fuzzer/parser_fbs.dict with 100% similarity]	patch \| blob \| history
tests/fuzzer/scalar_fuzzer.dict	[moved from tests/fuzzer/scalar_json.dict with 79% similarity]	patch \| blob \| history