glib/fuzzing/fuzz_uri_escape.c

/*
 * Copyright 2020 Endless OS Foundation, LLC
 * Copyright 2020 Red Hat, Inc.
 *
 * SPDX-License-Identifier: LGPL-2.1-or-later
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 */

#include "fuzz.h"

static void
test_bytes (const guint8 *data,
            gsize         size)
{
  GError *error = NULL;
  GBytes *unescaped_bytes = NULL;
  gchar *escaped_string = NULL;

  if (size > G_MAXSSIZE)
    return;

  unescaped_bytes = g_uri_unescape_bytes ((const gchar *) data, (gssize) size, NULL, &error);
  if (unescaped_bytes == NULL)
    {
      g_assert_nonnull (error);
      g_clear_error (&error);
      return;
    }

  escaped_string = g_uri_escape_bytes (g_bytes_get_data (unescaped_bytes, NULL),
                                       g_bytes_get_size (unescaped_bytes),
                                       NULL);
  g_bytes_unref (unescaped_bytes);

  if (escaped_string == NULL)
    return;

  g_free (escaped_string);
}

static void
test_string (const guint8 *data,
             gsize         size)
{
  gchar *unescaped_string = NULL;
  gchar *escaped_string = NULL;

  unescaped_string = g_uri_unescape_segment ((const gchar *) data, (const gchar *) data + size, NULL);
  if (unescaped_string == NULL)
    return;

  escaped_string = g_uri_escape_string (unescaped_string, NULL, TRUE);
  g_free (unescaped_string);

  if (escaped_string == NULL)
    return;

  g_free (escaped_string);
}

int
LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
{
  fuzz_set_logging_func ();

  /* Bytes form */
  test_bytes (data, size);

  /* String form (doesn’t do %-decoding) */
  test_string (data, size);

  return 0;
}
-												fuzzing: Add copyright/licensing headers to fuzzing files

The files have only been touched by a subset of three people: pdknsk,
Philip Withnall, and Marc-André Lureau. Their copyrights are assigned to
pdknsk, Endless OS Foundation and Red Hat.

The default license for GLib at the time of writing these files was (and
still is) LGPL-2.1-or-later.

`driver.c` came from LLVM and is under a different license:
https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/fuzzer/standalone/StandaloneFuzzTargetMain.c.
That doesn’t affect the license of GLib overall, since it’s only used
for testing during development.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #1415

											
										
										
											2022-05-18 10:44:39 +02:00
+								/*
 								 * Copyright 2020 Endless OS Foundation, LLC
 								 * Copyright 2020 Red Hat, Inc.
 								 *
 								 * SPDX-License-Identifier: LGPL-2.1-or-later
 								 *
 								 * This library is free software; you can redistribute it and/or
 								 * modify it under the terms of the GNU Lesser General Public
 								 * License as published by the Free Software Foundation; either
 								 * version 2.1 of the License, or (at your option) any later version.
 								 *
 								 * This library is distributed in the hope that it will be useful,
 								 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 								 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 								 * Lesser General Public License for more details.
 								 *
 								 * You should have received a copy of the GNU Lesser General Public
 								 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 								 */
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
+								#include "fuzz.h"
-												fuzzing: Test g_uri_unescape_segment() as well as g_uri_unescape_bytes()

They have different `%`-encoding behaviour, and probably both deserve to
be tested.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

											
										
										
											2020-07-01 13:20:45 +02:00
+								static void
 								test_bytes (const guint8 *data,
 								            gsize         size)
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
+								{
-												uri: add a GError to the new g_uri_unescape_bytes()

Suggested-by: Matthias Clasen <mclasen@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

											
										
										
											2020-07-08 15:16:43 +02:00
+								  GError *error = NULL;
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
+								  GBytes *unescaped_bytes = NULL;
 								  gchar *escaped_string = NULL;
 								  if (size > G_MAXSSIZE)
-												fuzzing: Test g_uri_unescape_segment() as well as g_uri_unescape_bytes()

They have different `%`-encoding behaviour, and probably both deserve to
be tested.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

											
										
										
											2020-07-01 13:20:45 +02:00
+								    return;
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
-												uri: add a GError to the new g_uri_unescape_bytes()

Suggested-by: Matthias Clasen <mclasen@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

											
										
										
											2020-07-08 15:16:43 +02:00
+								  unescaped_bytes = g_uri_unescape_bytes ((const gchar *) data, (gssize) size, NULL, &error);
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
+								  if (unescaped_bytes == NULL)
-												uri: add a GError to the new g_uri_unescape_bytes()

Suggested-by: Matthias Clasen <mclasen@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

											
										
										
											2020-07-08 15:16:43 +02:00
+								    {
 								      g_assert_nonnull (error);
 								      g_clear_error (&error);
 								      return;
 								    }
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
 								  escaped_string = g_uri_escape_bytes (g_bytes_get_data (unescaped_bytes, NULL),
 								                                       g_bytes_get_size (unescaped_bytes),
 								                                       NULL);
 								  g_bytes_unref (unescaped_bytes);
 								  if (escaped_string == NULL)
-												fuzzing: Test g_uri_unescape_segment() as well as g_uri_unescape_bytes()

They have different `%`-encoding behaviour, and probably both deserve to
be tested.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

											
										
										
											2020-07-01 13:20:45 +02:00
+								    return;
 								  g_free (escaped_string);
 								}
 								static void
 								test_string (const guint8 *data,
 								             gsize         size)
 								{
 								  gchar *unescaped_string = NULL;
 								  gchar *escaped_string = NULL;
 								  unescaped_string = g_uri_unescape_segment ((const gchar *) data, (const gchar *) data + size, NULL);
 								  if (unescaped_string == NULL)
 								    return;
 								  escaped_string = g_uri_escape_string (unescaped_string, NULL, TRUE);
 								  g_free (unescaped_string);
 								  if (escaped_string == NULL)
 								    return;
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
 								  g_free (escaped_string);
-												fuzzing: Test g_uri_unescape_segment() as well as g_uri_unescape_bytes()

They have different `%`-encoding behaviour, and probably both deserve to
be tested.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

											
										
										
											2020-07-01 13:20:45 +02:00
+								}
 								int
 								LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
 								{
 								  fuzz_set_logging_func ();
 								  /* Bytes form */
 								  test_bytes (data, size);
 								  /* String form (doesn’t do %-decoding) */
 								  test_string (data, size);
-												fuzzing: Add fuzz tests for GUri parsing and escaping

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110

											
										
										
											2020-06-19 12:54:41 +02:00
 								  return 0;
 								}