diff options
author | Chris Wolfe <chriswwolfe@gmail.com> | 2018-02-05 19:24:51 -0600 |
---|---|---|
committer | Chris Wolfe <chriswwolfe@gmail.com> | 2018-02-05 19:26:24 -0600 |
commit | 1e0815083881f509893d320c87d0d470cad35d2d (patch) | |
tree | 3a57289c224e277eb1f3df86b9d2daf1576d03e0 /fuzz | |
parent | f8eb1dec64440d68149ce6ac70756af18a90bfb9 (diff) | |
download | json-c-1e0815083881f509893d320c87d0d470cad35d2d.tar.gz |
pull in fuzzers, add CI scripts later
Diffstat (limited to 'fuzz')
-rw-r--r-- | fuzz/README.md | 6 | ||||
-rwxr-xr-x | fuzz/build.sh | 30 | ||||
-rw-r--r-- | fuzz/tokener_parse_ex_fuzzer.cc | 13 | ||||
-rw-r--r-- | fuzz/tokener_parse_ex_fuzzer.dict | 18 |
4 files changed, 67 insertions, 0 deletions
diff --git a/fuzz/README.md b/fuzz/README.md new file mode 100644 index 0000000..237c1da --- /dev/null +++ b/fuzz/README.md @@ -0,0 +1,6 @@ +# Fuzzers + +This directory contains fuzzers that +target [llvm's LibFuzzer](https://llvm.org/docs/LibFuzzer.html). They are built +and run automatically by +Google's [OSS-Fuzz](https://github.com/google/oss-fuzz/) infrastructure. diff --git a/fuzz/build.sh b/fuzz/build.sh new file mode 100755 index 0000000..30c3f77 --- /dev/null +++ b/fuzz/build.sh @@ -0,0 +1,30 @@ +#!/bin/bash -eu +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +./autogen.sh +./configure --enable-static --disable-shared +make -j$(nproc) all +ar rc json_c.a *.o + +cp $SRC/*.dict $OUT/ + +for f in $SRC/*_fuzzer.cc; do + fuzzer=$(basename "$f" _fuzzer.cc) + $CXX $CXXFLAGS -std=c++11 -I$SRC/json-c \ + $SRC/${fuzzer}_fuzzer.cc -o $OUT/${fuzzer}_fuzzer \ + -lFuzzingEngine $SRC/json-c/json_c.a +done diff --git a/fuzz/tokener_parse_ex_fuzzer.cc b/fuzz/tokener_parse_ex_fuzzer.cc new file mode 100644 index 0000000..c0a1c3d --- /dev/null +++ b/fuzz/tokener_parse_ex_fuzzer.cc @@ -0,0 +1,13 @@ +#include <stdint.h> + +#include <json.h> + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + const char *data1 = reinterpret_cast<const char *>(data); + json_tokener *tok = json_tokener_new(); + json_object *obj = json_tokener_parse_ex(tok, data1, size); + + json_object_put(obj); + json_tokener_free(tok); + return 0; +} diff --git a/fuzz/tokener_parse_ex_fuzzer.dict b/fuzz/tokener_parse_ex_fuzzer.dict new file mode 100644 index 0000000..23c6fa2 --- /dev/null +++ b/fuzz/tokener_parse_ex_fuzzer.dict @@ -0,0 +1,18 @@ +"{" +"}" +"," +"[" +"]" +"," +":" +"e" +"e+" +"e-" +"E" +"E+" +"E-" +"\"" +"null" +"1" +"1.234" +"3e4" |