fuzzers: add a new fuzzer for patch parsing

I was looking at this code anyway because the sr.ht people nerdsniped me, and it gave me that "I should fuzz this" feeling. So have a fuzzer!

fuzzers: add a new fuzzer for patch parsing
I was looking at this code anyway because the sr.ht people nerdsniped me, and it gave me that "I should fuzz this" feeling. So have a fuzzer!
92e011a7 · Augie Fackler · ef5a3851 · 92e011a7 · 92e011a7 · 92e011a7
Commit 92e011a7 authored Oct 15, 2019 by Augie Fackler
Hide whitespace changes
Inline Side-by-side

Showing with 96 additions and 0 deletions

fuzzers/corpora/patch_parse/edit-file.diff
+13 -0

fuzzers/corpora/patch_parse/patch_fuzzer-patch.diff
+45 -0

fuzzers/patch_parse_fuzzer.c
+38 -0

No files found.
--- a/fuzzers/corpora/patch_parse/edit-file.diff
+++ b/fuzzers/corpora/patch_parse/edit-file.diff
+diff --git a/fuzzers/patch_fuzzer.c b/fuzzers/patch_fuzzer.c
+index 76186b6fb..f7ce73ac8 100644
+--- a/fuzzers/patch_fuzzer.c
+++ b/fuzzers/patch_fuzzer.c
+@@ -32,7 +32,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+         git_patch* patch;
+         git_patch_options opts = {(uint32_t)data[0]};
+         int status = git_patch_from_buffer(&patch, (const char*)data+1, size-1, &opts);
+-        if (status == 0 && patch) {
+        if (patch) {
+                 git_patch_free(patch);
+         }
+         return 0;
--- a/fuzzers/corpora/patch_parse/patch_fuzzer-patch.diff
+++ b/fuzzers/corpora/patch_parse/patch_fuzzer-patch.diff
+diff --git a/fuzzers/patch_fuzzer.c b/fuzzers/patch_fuzzer.c
+new file mode 100644
+index 000000000..76186b6fb
+--- /dev/null
+++ b/fuzzers/patch_fuzzer.c
+@@ -0,0 +1,39 @@
+/*
+ * libgit2 patch fuzzer target.
+ *
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+
+#include "git2.h"
+#include "patch.h"
+#include "patch_parse.h"
+
+#define UNUSED(x) (void)(x)
+
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+        UNUSED(argc);
+        UNUSED(argv);
+
+        if (git_libgit2_init() < 0)
+                abort();
+
+        return 0;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+        if (size < 1) {
+                return 0;
+        }
+        git_patch* patch;
+        git_patch_options opts = {(uint32_t)data[0]};
+        int status = git_patch_from_buffer(&patch, (const char*)data+1, size-1, &opts);
+        if (status == 0 && patch) {
+                git_patch_free(patch);
+        }
+        return 0;
+}
--- a/fuzzers/patch_parse_fuzzer.c
+++ b/fuzzers/patch_parse_fuzzer.c
+/*
+ * libgit2 patch parser fuzzer target.
+ *
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+#include "git2.h"
+#include "patch.h"
+#include "patch_parse.h"
+#define UNUSED(x) (void)(x)
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+	UNUSED(argc);
+	UNUSED(argv);
+	if (git_libgit2_init() < 0)
+		abort();
+	return 0;
+}
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+	if (size) {
+		git_patch *patch = NULL;
+		git_patch_options opts = GIT_PATCH_OPTIONS_INIT;
+		opts.prefix_len = (uint32_t)data[0];
+		git_patch_from_buffer(&patch, (const char *)data + 1, size - 1,
+		                      &opts);
+		git_patch_free(patch);
+	}
+	return 0;
+}