Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more standalone fuzzing harnesses #64

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Add more standalone fuzzing harnesses #64

wants to merge 12 commits into from

Commits on Oct 16, 2022

  1. fuzz_{base64,altsvc}: fuzz base64 decoder/encoder and Alt-Svc parsing

    @elopez
    elopez committed Oct 16, 2022
    Configuration menu
    Copy the full SHA
    e7ffaa6 View commit details
    Browse the repository at this point in the history

  2. fuzz_doh: fuzz DNS-over-HTTPS response decoding

    @elopez
    elopez committed Oct 16, 2022
    Configuration menu
    Copy the full SHA
    ce8927d View commit details
    Browse the repository at this point in the history

  3. corpora: add altsvc, base64, and doh input seeds

    @elopez
    elopez committed Oct 16, 2022
    Configuration menu
    Copy the full SHA
    36dfe96 View commit details
    Browse the repository at this point in the history

Commits on Nov 2, 2022

  1. fuzz_targets: update list of fuzzers 

    That list is used by oss-fuzz, and probably somewhere else. Add
the new altsvc, base64 and doh fuzzers to it.
    @AdvenamTacet @elopez
    AdvenamTacet authored and elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    617266b View commit details
    Browse the repository at this point in the history

  2. fuzz_{base64,doh}: curl lib includes for standalone harnesses 

    This patch adds `-I` flag to compilation flags for
standalone harnesses in Makefile.am.
Variable CURLDIR is used to determine include path.
This patch sets CURLDIR envvar in ossfuzz.sh, but name is taken
from mainline.sh.
That makes dependencies work with oss-fuzz.
It should also make it work with mainline.sh
    @AdvenamTacet @elopez
    AdvenamTacet authored and elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    dbeae55 View commit details
    Browse the repository at this point in the history

  3. codecoverage: also export CURLDIR during code coverage collection 

    This fixes coverage collection for standalone harnesses.
    @elopez
    elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    623a6a9 View commit details
    Browse the repository at this point in the history

  4. fuzz_parsedate: fuzz date parsing with Curl_getdate_capped 

    Real target is function parsedate from parsedate.c
The harness was written by Peter Goodman.
    @AdvenamTacet @elopez
    AdvenamTacet authored and elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    2ccbc11 View commit details
    Browse the repository at this point in the history

  5. fuzz_parsedate: add initial inputs 

    Basic test inputs for parse-date.
    @AdvenamTacet @elopez
    AdvenamTacet authored and elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    92ea8c7 View commit details
    Browse the repository at this point in the history

  6. fuzz_escape: fuzzing (un)escape functions 

    It does check if orginal string and unescaped data are same.

Functions fuzzed:
- curl_easy_escape
- curl_easy_unescape
    @AdvenamTacet @elopez
    AdvenamTacet authored and elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    3181980 View commit details
    Browse the repository at this point in the history

  7. fuzz_escape: add escape inputs 

    Simple inputs for escape fuzzer
    @AdvenamTacet @elopez
    AdvenamTacet authored and elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    ef8e707 View commit details
    Browse the repository at this point in the history

  8. gitignore: add new fuzzer artifacts to the list 

    Co-authored-by: Kelly Kaoudis <[email protected]>
    @elopez @kaoudis
    elopez and kaoudis committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    dd7905a View commit details
    Browse the repository at this point in the history

  9. mainline.sh: enable fuzzing instrumentation with build 

    This makes it easier to debug crashes.
    @elopez
    elopez committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    e746887 View commit details
    Browse the repository at this point in the history