From 7644bf41d542deb370ab1ca1e5935820aff04f3d Mon Sep 17 00:00:00 2001 From: David Korczynski Date: Sat, 24 Jun 2023 07:10:24 -0700 Subject: [PATCH] oss-fuzz: Add raw fuzzer Signed-off-by: David Korczynski --- oss-fuzz/Makefile | 6 +++++- oss-fuzz/raw_fuzzer.cpp | 48 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 oss-fuzz/raw_fuzzer.cpp diff --git a/oss-fuzz/Makefile b/oss-fuzz/Makefile index b3a9b6ce9a6..3f09eacecd0 100644 --- a/oss-fuzz/Makefile +++ b/oss-fuzz/Makefile @@ -8,12 +8,16 @@ CPPCHECK_DIR=.. INCLUDE_DIR=-I ${CPPCHECK_DIR}/lib -I ${CPPCHECK_DIR}/externals/picojson -I ${CPPCHECK_DIR}/externals/simplecpp -I ${CPPCHECK_DIR}/externals/tinyxml2 -I ${CPPCHECK_DIR}/externals SRC_FILES=main.cpp type2.cpp ${CPPCHECK_DIR}/externals/simplecpp/simplecpp.cpp ${CPPCHECK_DIR}/externals/tinyxml2/tinyxml2.cpp ${CPPCHECK_DIR}/lib/*.cpp +RAW_FUZZER_SRC_FILES=raw_fuzzer.cpp ${CPPCHECK_DIR}/externals/simplecpp/simplecpp.cpp ${CPPCHECK_DIR}/externals/tinyxml2/tinyxml2.cpp ${CPPCHECK_DIR}/lib/*.cpp -all: oss-fuzz-client translate +all: oss-fuzz-client translate raw_fuzzer oss-fuzz-client: main.cpp type2.cpp type2.h ${CXX} -std=c++11 -g ${CXXFLAGS} -o oss-fuzz-client ${INCLUDE_DIR} ${SRC_FILES} ${LIB_FUZZING_ENGINE} +raw_fuzzer: raw_fuzzer.cpp + ${CXX} -std=c++11 -g ${CXXFLAGS} -o raw_fuzzer ${INCLUDE_DIR} ${RAW_FUZZER_SRC_FILES} ${LIB_FUZZING_ENGINE} + translate: translate.cpp type2.cpp type2.h ${CXX} -std=c++11 -g ${CXXFLAGS} -o translate type2.cpp translate.cpp diff --git a/oss-fuzz/raw_fuzzer.cpp b/oss-fuzz/raw_fuzzer.cpp new file mode 100644 index 00000000000..d6bd01b959a --- /dev/null +++ b/oss-fuzz/raw_fuzzer.cpp @@ -0,0 +1,48 @@ +/* + * Cppcheck - A tool for static C/C++ code analysis + * Copyright (C) 2007-2023 Cppcheck team. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include "cppcheck.h" + +enum class Color; + +class DummyErrorLogger : public ErrorLogger { +public: + void reportOut(const std::string& /*outmsg*/, Color /*c*/) override {} + void reportErr(const ErrorMessage& /*msg*/) override {} + void reportProgress(const std::string& /*filename*/, + const char /*stage*/[], + const std::size_t /*value*/) override {} // FN +}; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t dataSize); + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t dataSize) +{ + if (dataSize < 10000) { + std::string code(reinterpret_cast(data), dataSize); + + DummyErrorLogger errorLogger; + CppCheck cppcheck(errorLogger, false, nullptr); + cppcheck.settings().addEnabled("all"); + cppcheck.settings().certainty.setEnabled(Certainty::inconclusive, true); + cppcheck.check("test.cpp", code); + } + return 0; +} + +