Merge pull request #21978 from markdroth/fuzzer_flag_fix

Fix flag processing breakage from #18853.
pull/22173/head
Mark D. Roth 5 years ago committed by GitHub
commit 729fd16dc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 1
      test/core/compression/message_compress_corpus/dummy
  2. 1
      test/core/compression/message_decompress_corpus/dummy
  3. 1
      test/core/compression/stream_compression_corpus/dummy
  4. 1
      test/core/compression/stream_decompression_corpus/dummy
  5. 4
      test/core/slice/b64_decode_fuzzer.cc
  6. 34
      test/core/util/fuzzer_corpus_test.cc

@ -19,6 +19,8 @@
#include <stdbool.h> #include <stdbool.h>
#include <stdint.h> #include <stdint.h>
#include <grpc/grpc.h>
#include "src/core/lib/slice/b64.h" #include "src/core/lib/slice/b64.h"
bool squelch = true; bool squelch = true;
@ -26,9 +28,11 @@ bool leak_check = true;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
if (size < 1) return 0; if (size < 1) return 0;
grpc_init();
const bool url_safe = static_cast<uint8_t>(0x100) < data[0]; const bool url_safe = static_cast<uint8_t>(0x100) < data[0];
grpc_slice res = grpc_base64_decode_with_len( grpc_slice res = grpc_base64_decode_with_len(
reinterpret_cast<const char*>(data + 1), size - 1, url_safe); reinterpret_cast<const char*>(data + 1), size - 1, url_safe);
grpc_slice_unref(res); grpc_slice_unref(res);
grpc_shutdown_blocking();
return 0; return 0;
} }

@ -26,6 +26,8 @@
#include <stdio.h> #include <stdio.h>
#include <sys/types.h> #include <sys/types.h>
#include <grpc/grpc.h>
#include "src/core/lib/gpr/env.h" #include "src/core/lib/gpr/env.h"
#include "src/core/lib/iomgr/load_file.h" #include "src/core/lib/iomgr/load_file.h"
#include "test/core/util/test_config.h" #include "test/core/util/test_config.h"
@ -48,15 +50,24 @@ DEFINE_string(directory, "", "Use this directory as test data");
class FuzzerCorpusTest : public ::testing::TestWithParam<std::string> {}; class FuzzerCorpusTest : public ::testing::TestWithParam<std::string> {};
TEST_P(FuzzerCorpusTest, RunOneExample) { TEST_P(FuzzerCorpusTest, RunOneExample) {
// Need to call grpc_init() here to use a slice, but need to shut it
// down before calling LLVMFuzzerTestOneInput(), because most
// implementations of that function will initialize and shutdown gRPC
// internally.
grpc_init();
gpr_log(GPR_DEBUG, "Example file: %s", GetParam().c_str()); gpr_log(GPR_DEBUG, "Example file: %s", GetParam().c_str());
grpc_slice buffer; grpc_slice buffer;
squelch = false; squelch = false;
leak_check = false; leak_check = false;
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file", GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(GetParam().c_str(), 0, &buffer))); grpc_load_file(GetParam().c_str(), 0, &buffer)));
LLVMFuzzerTestOneInput(GRPC_SLICE_START_PTR(buffer), size_t length = GRPC_SLICE_LENGTH(buffer);
GRPC_SLICE_LENGTH(buffer)); void* data = gpr_malloc(length);
memcpy(data, GPR_SLICE_START_PTR(buffer), length);
grpc_slice_unref(buffer); grpc_slice_unref(buffer);
grpc_shutdown_blocking();
LLVMFuzzerTestOneInput(static_cast<uint8_t*>(data), length);
gpr_free(data);
} }
class ExampleGenerator class ExampleGenerator
@ -72,19 +83,21 @@ class ExampleGenerator
if (!FLAGS_file.empty()) examples_.push_back(FLAGS_file); if (!FLAGS_file.empty()) examples_.push_back(FLAGS_file);
if (!FLAGS_directory.empty()) { if (!FLAGS_directory.empty()) {
char* test_srcdir = gpr_getenv("TEST_SRCDIR"); char* test_srcdir = gpr_getenv("TEST_SRCDIR");
gpr_log(GPR_DEBUG, "test_srcdir=\"%s\"", test_srcdir);
std::string directory = FLAGS_directory;
if (test_srcdir != nullptr) { if (test_srcdir != nullptr) {
FLAGS_directory = test_srcdir + directory =
std::string("/com_github_grpc_grpc/") + test_srcdir + std::string("/com_github_grpc_grpc/") + directory;
FLAGS_directory;
} }
gpr_log(GPR_DEBUG, "Using corpus directory: %s", directory.c_str());
DIR* dp; DIR* dp;
struct dirent* ep; struct dirent* ep;
dp = opendir(FLAGS_directory.c_str()); dp = opendir(directory.c_str());
if (dp != nullptr) { if (dp != nullptr) {
while ((ep = readdir(dp)) != nullptr) { while ((ep = readdir(dp)) != nullptr) {
if (ep->d_type == DT_REG) { if (strcmp(ep->d_name, ".") != 0 && strcmp(ep->d_name, "..") != 0) {
examples_.push_back(FLAGS_directory + "/" + ep->d_name); examples_.push_back(directory + "/" + ep->d_name);
} }
} }
@ -96,6 +109,9 @@ class ExampleGenerator
gpr_free(test_srcdir); gpr_free(test_srcdir);
} }
} }
// Make sure we don't succeed without doing anything, which caused
// us to be blind to our fuzzers not running for 9 months.
GPR_ASSERT(!examples_.empty());
} }
mutable std::vector<std::string> examples_; mutable std::vector<std::string> examples_;
@ -146,8 +162,8 @@ INSTANTIATE_TEST_SUITE_P(
int main(int argc, char** argv) { int main(int argc, char** argv) {
grpc::testing::TestEnvironment env(argc, argv); grpc::testing::TestEnvironment env(argc, argv);
::testing::InitGoogleTest(&argc, argv);
grpc::testing::InitTest(&argc, &argv, true); grpc::testing::InitTest(&argc, &argv, true);
::testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS(); return RUN_ALL_TESTS();
} }

Loading…
Cancel
Save