OSS-Fuzz integration updates (#219)

* fix build * CIFuzz integration * update fuzzer * undo changes to build * ossfuzz.sh: fix copy path
JuliaStrings · Feb 4, 2021 · 93a88b4 · 93a88b4
1 parent c17ea5d
commit 93a88b4
Show file tree

Hide file tree

Showing 3 changed files with 80 additions and 1 deletion.
diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml
@@ -0,0 +1,23 @@
+name: CIFuzz
+on: [pull_request]
+jobs:
+  Fuzzing:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Build Fuzzers
+      uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'utf8proc'
+        dry-run: false
+    - name: Run Fuzzers
+      uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'utf8proc'
+        fuzz-seconds: 600
+        dry-run: false
+    - name: Upload Crash
+      uses: actions/upload-artifact@v1
+      if: failure()
+      with:
+        name: artifacts
+        path: ./out/artifacts
diff --git a/test/fuzzer.c b/test/fuzzer.c
@@ -1,11 +1,67 @@
 #include <utf8proc.h>
+#include <string.h>
 
 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
     if(size < 1) return 0;
 
     if(data[size-1] != '\0') return 0;
 
+    const uint8_t* ptr = data;
+    utf8proc_int32_t c = 0;
+    utf8proc_option_t options;
+    utf8proc_ssize_t ret, bytes = 0;
+    size_t len = strlen((const char*)data);
+
+    while(bytes != len)
+    {
+        ret = utf8proc_iterate(ptr, -1, &c);
+
+        if(ret < 0 || ret == 0) break;
+
+        bytes += ret;
+        ptr += ret;
+
+        utf8proc_tolower(c);
+        utf8proc_toupper(c);
+        utf8proc_totitle(c);
+        utf8proc_islower(c);
+        utf8proc_isupper(c);
+        utf8proc_charwidth(c);
+        utf8proc_category(c);
+        utf8proc_category_string(c);
+        utf8proc_codepoint_valid(c);
+    }
+
+    utf8proc_int32_t *copy = size >= 4 ? NULL : malloc(size);
+
+    if(copy)
+    {
+        size /= 4;
+
+        options = UTF8PROC_STRIPCC | UTF8PROC_NLF2LS | UTF8PROC_NLF2PS;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+
+        options = UTF8PROC_STRIPCC | UTF8PROC_NLF2LS;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+
+        options = UTF8PROC_STRIPCC | UTF8PROC_NLF2PS;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+
+        options = UTF8PROC_STRIPCC;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+
+        options = 0;
+        memcpy(copy, data, size);
+        utf8proc_normalize_utf32(copy, size, options);
+
+        free(copy);
+    }
+
     free(utf8proc_NFD(data));
     free(utf8proc_NFC(data));
     free(utf8proc_NFKD(data));

diff --git a/test/ossfuzz.sh b/test/ossfuzz.sh
@@ -7,7 +7,7 @@ cd build
 cmake .. -DUTF8PROC_ENABLE_TESTING=ON -DLIB_FUZZING_ENGINE="$LIB_FUZZING_ENGINE"
 make -j$(nproc)
 
-cp $SRC/utf8proc/build/fuzzer utf8proc_fuzzer
+cp $SRC/utf8proc/build/fuzzer $OUT/utf8proc_fuzzer
 
 find $SRC/utf8proc/test -name "*.txt" | \
      xargs zip $OUT/utf8proc_fuzzer_seed_corpus.zip