[llvm] r283024 - [libFuzzer] add fuzzer test for libxml2, finds https://bugzilla.gnome.org/show_bug.cgi?id=751631
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Sat Oct 1 00:37:40 PDT 2016
Author: kcc
Date: Sat Oct 1 02:37:40 2016
New Revision: 283024
URL: http://llvm.org/viewvc/llvm-project?rev=283024&view=rev
Log:
[libFuzzer] add fuzzer test for libxml2, finds https://bugzilla.gnome.org/show_bug.cgi?id=751631
Added:
llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/
llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/build.sh (with props)
llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/target.cc
llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/test.sh (with props)
Added: llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/build.sh
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/build.sh?rev=283024&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/build.sh (added)
+++ llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/build.sh Sat Oct 1 02:37:40 2016
@@ -0,0 +1,13 @@
+#!/bin/bash
+. $(dirname $0)/../common.sh
+
+build_lib() {
+ rm -rf BUILD
+ cp -rf SRC BUILD
+ (cd BUILD && ./autogen.sh && CXX="clang++ $FUZZ_CXXFLAGS" CC="clang $FUZZ_CXXFLAGS" CCLD="clang++ $FUZZ_CXXFLAGS" ./configure && make -j $JOBS)
+}
+
+get_git_tag git://git.gnome.org/libxml2 v2.9.2 SRC
+build_lib
+build_libfuzzer
+clang++ -std=c++11 $SCRIPT_DIR/target.cc $FUZZ_CXXFLAGS -I BUILD/include BUILD/.libs/libxml2.a libFuzzer.a -lz -o $EXECUTABLE_NAME_BASE
Propchange: llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/build.sh
------------------------------------------------------------------------------
svn:executable = *
Added: llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/target.cc
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/target.cc?rev=283024&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/target.cc (added)
+++ llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/target.cc Sat Oct 1 02:37:40 2016
@@ -0,0 +1,16 @@
+#include <string>
+#include <vector>
+#include "libxml/xmlversion.h"
+#include "libxml/parser.h"
+#include "libxml/HTMLparser.h"
+#include "libxml/tree.h"
+
+void ignore (void * ctx, const char * msg, ...) {}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+ xmlSetGenericErrorFunc(NULL, &ignore);
+ if (auto doc = xmlReadMemory(reinterpret_cast<const char *>(data), size,
+ "noname.xml", NULL, 0))
+ xmlFreeDoc(doc);
+ return 0;
+}
Added: llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/test.sh
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/test.sh?rev=283024&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/test.sh (added)
+++ llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/test.sh Sat Oct 1 02:37:40 2016
@@ -0,0 +1,9 @@
+#!/bin/bash
+set -x
+. $(dirname $0)/../common.sh
+
+get_git_revision https://github.com/mcarpenter/afl be3e88d639da5350603f6c0fee06970128504342 afl
+rm -rf $CORPUS
+mkdir $CORPUS
+[ -e $EXECUTABLE_NAME_BASE ] && ./$EXECUTABLE_NAME_BASE -artifact_prefix=$CORPUS/ -jobs=$JOBS -dict=afl/dictionaries/xml.dict -workers=$JOBS $CORPUS
+grep "AddressSanitizer: heap-buffer-overflow" fuzz-0.log
Propchange: llvm/trunk/lib/Fuzzer/fuzzer-test-suite/libxml2-v2.9.2/test.sh
------------------------------------------------------------------------------
svn:executable = *
More information about the llvm-commits
mailing list