From 1140c228abe609750345a220535952ab6fd62a0f Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Wed, 24 Mar 2021 11:16:49 +0000 Subject: [PATCH] fuzzing: Add fuzz tests for functions which parse paths Signed-off-by: Philip Withnall --- fuzzing/fuzz_canonicalize_filename.c | 19 +++++++++++++++++ fuzzing/fuzz_paths.c | 32 ++++++++++++++++++++++++++++ fuzzing/meson.build | 2 ++ 3 files changed, 53 insertions(+) create mode 100644 fuzzing/fuzz_canonicalize_filename.c create mode 100644 fuzzing/fuzz_paths.c diff --git a/fuzzing/fuzz_canonicalize_filename.c b/fuzzing/fuzz_canonicalize_filename.c new file mode 100644 index 000000000..86b323ef9 --- /dev/null +++ b/fuzzing/fuzz_canonicalize_filename.c @@ -0,0 +1,19 @@ +#include "fuzz.h" + +int +LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +{ + unsigned char *nul_terminated_data = NULL; + gchar *canonicalized = NULL; + + fuzz_set_logging_func (); + + /* ignore @size (g_canonicalize_filename() doesn’t support it); ensure @data is nul-terminated */ + nul_terminated_data = (unsigned char *) g_strndup ((const gchar *) data, size); + canonicalized = g_canonicalize_filename ((const gchar *) nul_terminated_data, "/"); + g_free (nul_terminated_data); + + g_free (canonicalized); + + return 0; +} diff --git a/fuzzing/fuzz_paths.c b/fuzzing/fuzz_paths.c new file mode 100644 index 000000000..1c866445f --- /dev/null +++ b/fuzzing/fuzz_paths.c @@ -0,0 +1,32 @@ +#include "fuzz.h" + +int +LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +{ + unsigned char *nul_terminated_data = NULL; + const gchar *skipped_root; + gchar *basename = NULL, *dirname = NULL; + + fuzz_set_logging_func (); + + /* ignore @size (none of the functions support it); ensure @data is nul-terminated */ + nul_terminated_data = (unsigned char *) g_strndup ((const gchar *) data, size); + + g_path_is_absolute ((const gchar *) nul_terminated_data); + + skipped_root = g_path_skip_root ((const gchar *) nul_terminated_data); + g_assert (skipped_root == NULL || skipped_root >= (const gchar *) nul_terminated_data); + g_assert (skipped_root == NULL || skipped_root <= (const gchar *) nul_terminated_data + size); + + basename = g_path_get_basename ((const gchar *) nul_terminated_data); + g_assert (strlen (basename) <= size); + + dirname = g_path_get_dirname ((const gchar *) nul_terminated_data); + g_assert (strlen (dirname) <= size); + + g_free (nul_terminated_data); + g_free (dirname); + g_free (basename); + + return 0; +} diff --git a/fuzzing/meson.build b/fuzzing/meson.build index a40321200..32e6c4269 100644 --- a/fuzzing/meson.build +++ b/fuzzing/meson.build @@ -1,5 +1,6 @@ fuzz_targets = [ 'fuzz_bookmark', + 'fuzz_canonicalize_filename', 'fuzz_date_parse', 'fuzz_date_time_new_from_iso8601', 'fuzz_dbus_message', @@ -9,6 +10,7 @@ fuzz_targets = [ 'fuzz_key', 'fuzz_network_address_parse', 'fuzz_network_address_parse_uri', + 'fuzz_paths', 'fuzz_uri_escape', 'fuzz_uri_parse', 'fuzz_uri_parse_params',