diff options
author | John MacFarlane <jgm@berkeley.edu> | 2017-06-27 23:03:53 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-06-27 23:03:53 +0200 |
commit | 153116f7fd955bbcfee5fe80996a4619c7a343c3 (patch) | |
tree | 8bbe02cdfdd4720cce9c69f2f552775338f66038 /test | |
parent | 00291fd1811eba348f649f74f4c727625f0be945 (diff) | |
parent | a2f1f76dc38a34d0e3d97f75d1fee527931b6e8a (diff) |
Merge pull request #209 from philipturnbull/libFuzzer
Add libFuzzer harness for oss-fuzz
Diffstat (limited to 'test')
52 files changed, 81 insertions, 48 deletions
diff --git a/test/afl_dictionary/asterisk b/test/afl_dictionary/asterisk deleted file mode 100644 index f59ec20..0000000 --- a/test/afl_dictionary/asterisk +++ /dev/null @@ -1 +0,0 @@ -*
\ No newline at end of file diff --git a/test/afl_dictionary/attr_generic b/test/afl_dictionary/attr_generic deleted file mode 100644 index d84e4b2..0000000 --- a/test/afl_dictionary/attr_generic +++ /dev/null @@ -1 +0,0 @@ - a="1"
\ No newline at end of file diff --git a/test/afl_dictionary/attr_href b/test/afl_dictionary/attr_href deleted file mode 100644 index cbb9775..0000000 --- a/test/afl_dictionary/attr_href +++ /dev/null @@ -1 +0,0 @@ - href="1"
\ No newline at end of file diff --git a/test/afl_dictionary/attr_xml_lang b/test/afl_dictionary/attr_xml_lang deleted file mode 100644 index 6dab3e9..0000000 --- a/test/afl_dictionary/attr_xml_lang +++ /dev/null @@ -1 +0,0 @@ - xml:lang="1"
\ No newline at end of file diff --git a/test/afl_dictionary/attr_xmlns b/test/afl_dictionary/attr_xmlns deleted file mode 100644 index 168863a..0000000 --- a/test/afl_dictionary/attr_xmlns +++ /dev/null @@ -1 +0,0 @@ - xmlns="1"
\ No newline at end of file diff --git a/test/afl_dictionary/backslash b/test/afl_dictionary/backslash deleted file mode 100644 index b7d5379..0000000 --- a/test/afl_dictionary/backslash +++ /dev/null @@ -1 +0,0 @@ -\
\ No newline at end of file diff --git a/test/afl_dictionary/backtick b/test/afl_dictionary/backtick deleted file mode 100644 index 64845fb..0000000 --- a/test/afl_dictionary/backtick +++ /dev/null @@ -1 +0,0 @@ -`
\ No newline at end of file diff --git a/test/afl_dictionary/colon b/test/afl_dictionary/colon deleted file mode 100644 index 22ded55..0000000 --- a/test/afl_dictionary/colon +++ /dev/null @@ -1 +0,0 @@ -:
\ No newline at end of file diff --git a/test/afl_dictionary/dashes b/test/afl_dictionary/dashes deleted file mode 100644 index 73b314f..0000000 --- a/test/afl_dictionary/dashes +++ /dev/null @@ -1 +0,0 @@ ----
\ No newline at end of file diff --git a/test/afl_dictionary/double_quote b/test/afl_dictionary/double_quote deleted file mode 100644 index 9d68933..0000000 --- a/test/afl_dictionary/double_quote +++ /dev/null @@ -1 +0,0 @@ -"
\ No newline at end of file diff --git a/test/afl_dictionary/entity_builtin b/test/afl_dictionary/entity_builtin deleted file mode 100644 index 1489a83..0000000 --- a/test/afl_dictionary/entity_builtin +++ /dev/null @@ -1 +0,0 @@ -<
\ No newline at end of file diff --git a/test/afl_dictionary/entity_decimal b/test/afl_dictionary/entity_decimal deleted file mode 100644 index 7b997f6..0000000 --- a/test/afl_dictionary/entity_decimal +++ /dev/null @@ -1 +0,0 @@ -
\ No newline at end of file diff --git a/test/afl_dictionary/entity_external b/test/afl_dictionary/entity_external deleted file mode 100644 index f626a66..0000000 --- a/test/afl_dictionary/entity_external +++ /dev/null @@ -1 +0,0 @@ -&a;
\ No newline at end of file diff --git a/test/afl_dictionary/entity_hex b/test/afl_dictionary/entity_hex deleted file mode 100644 index 8766028..0000000 --- a/test/afl_dictionary/entity_hex +++ /dev/null @@ -1 +0,0 @@ -
\ No newline at end of file diff --git a/test/afl_dictionary/equals b/test/afl_dictionary/equals deleted file mode 100644 index 7193984..0000000 --- a/test/afl_dictionary/equals +++ /dev/null @@ -1 +0,0 @@ -===
\ No newline at end of file diff --git a/test/afl_dictionary/exclamation b/test/afl_dictionary/exclamation deleted file mode 100644 index 74e0f12..0000000 --- a/test/afl_dictionary/exclamation +++ /dev/null @@ -1 +0,0 @@ -!
\ No newline at end of file diff --git a/test/afl_dictionary/greater_than b/test/afl_dictionary/greater_than deleted file mode 100644 index 0817502..0000000 --- a/test/afl_dictionary/greater_than +++ /dev/null @@ -1 +0,0 @@ ->
\ No newline at end of file diff --git a/test/afl_dictionary/hash b/test/afl_dictionary/hash deleted file mode 100644 index 4287ca8..0000000 --- a/test/afl_dictionary/hash +++ /dev/null @@ -1 +0,0 @@ -#
\ No newline at end of file diff --git a/test/afl_dictionary/hyphen b/test/afl_dictionary/hyphen deleted file mode 100644 index e69de29..0000000 --- a/test/afl_dictionary/hyphen +++ /dev/null diff --git a/test/afl_dictionary/indent b/test/afl_dictionary/indent deleted file mode 100644 index 136d063..0000000 --- a/test/afl_dictionary/indent +++ /dev/null @@ -1 +0,0 @@ -
\ No newline at end of file diff --git a/test/afl_dictionary/left_bracket b/test/afl_dictionary/left_bracket deleted file mode 100644 index 8e2f0be..0000000 --- a/test/afl_dictionary/left_bracket +++ /dev/null @@ -1 +0,0 @@ -[
\ No newline at end of file diff --git a/test/afl_dictionary/left_paren b/test/afl_dictionary/left_paren deleted file mode 100644 index f46d387..0000000 --- a/test/afl_dictionary/left_paren +++ /dev/null @@ -1 +0,0 @@ -(
\ No newline at end of file diff --git a/test/afl_dictionary/less_than b/test/afl_dictionary/less_than deleted file mode 100644 index c5fa784..0000000 --- a/test/afl_dictionary/less_than +++ /dev/null @@ -1 +0,0 @@ -<
\ No newline at end of file diff --git a/test/afl_dictionary/plus b/test/afl_dictionary/plus deleted file mode 100644 index 9b26e9b..0000000 --- a/test/afl_dictionary/plus +++ /dev/null @@ -1 +0,0 @@ -+
\ No newline at end of file diff --git a/test/afl_dictionary/right_bracket b/test/afl_dictionary/right_bracket deleted file mode 100644 index 54caf60..0000000 --- a/test/afl_dictionary/right_bracket +++ /dev/null @@ -1 +0,0 @@ -]
\ No newline at end of file diff --git a/test/afl_dictionary/right_paren b/test/afl_dictionary/right_paren deleted file mode 100644 index e8a0f87..0000000 --- a/test/afl_dictionary/right_paren +++ /dev/null @@ -1 +0,0 @@ -)
\ No newline at end of file diff --git a/test/afl_dictionary/single_quote b/test/afl_dictionary/single_quote deleted file mode 100644 index ad2823b..0000000 --- a/test/afl_dictionary/single_quote +++ /dev/null @@ -1 +0,0 @@ -'
\ No newline at end of file diff --git a/test/afl_dictionary/string_any b/test/afl_dictionary/string_any deleted file mode 100644 index bcd7dd4..0000000 --- a/test/afl_dictionary/string_any +++ /dev/null @@ -1 +0,0 @@ -ANY
\ No newline at end of file diff --git a/test/afl_dictionary/string_brackets b/test/afl_dictionary/string_brackets deleted file mode 100644 index 0637a08..0000000 --- a/test/afl_dictionary/string_brackets +++ /dev/null @@ -1 +0,0 @@ -[]
\ No newline at end of file diff --git a/test/afl_dictionary/string_cdata b/test/afl_dictionary/string_cdata deleted file mode 100644 index 9d6d94e..0000000 --- a/test/afl_dictionary/string_cdata +++ /dev/null @@ -1 +0,0 @@ -CDATA
\ No newline at end of file diff --git a/test/afl_dictionary/string_dashes b/test/afl_dictionary/string_dashes deleted file mode 100644 index 7489acc..0000000 --- a/test/afl_dictionary/string_dashes +++ /dev/null @@ -1 +0,0 @@ ---
\ No newline at end of file diff --git a/test/afl_dictionary/string_empty_dblquotes b/test/afl_dictionary/string_empty_dblquotes deleted file mode 100644 index 3cc762b..0000000 --- a/test/afl_dictionary/string_empty_dblquotes +++ /dev/null @@ -1 +0,0 @@ -""
\ No newline at end of file diff --git a/test/afl_dictionary/string_empty_quotes b/test/afl_dictionary/string_empty_quotes deleted file mode 100644 index 9423090..0000000 --- a/test/afl_dictionary/string_empty_quotes +++ /dev/null @@ -1 +0,0 @@ -''
\ No newline at end of file diff --git a/test/afl_dictionary/string_idrefs b/test/afl_dictionary/string_idrefs deleted file mode 100644 index dd37f9c..0000000 --- a/test/afl_dictionary/string_idrefs +++ /dev/null @@ -1 +0,0 @@ -IDREFS
\ No newline at end of file diff --git a/test/afl_dictionary/string_parentheses b/test/afl_dictionary/string_parentheses deleted file mode 100644 index dd626a0..0000000 --- a/test/afl_dictionary/string_parentheses +++ /dev/null @@ -1 +0,0 @@ -()
\ No newline at end of file diff --git a/test/afl_dictionary/string_pcdata b/test/afl_dictionary/string_pcdata deleted file mode 100644 index d2dd7f7..0000000 --- a/test/afl_dictionary/string_pcdata +++ /dev/null @@ -1 +0,0 @@ -#PCDATA
\ No newline at end of file diff --git a/test/afl_dictionary/tag_cdata b/test/afl_dictionary/tag_cdata deleted file mode 100644 index fac6255..0000000 --- a/test/afl_dictionary/tag_cdata +++ /dev/null @@ -1 +0,0 @@ -<![CDATA[
\ No newline at end of file diff --git a/test/afl_dictionary/tag_close b/test/afl_dictionary/tag_close deleted file mode 100644 index e8a17f4..0000000 --- a/test/afl_dictionary/tag_close +++ /dev/null @@ -1 +0,0 @@ -</a>
\ No newline at end of file diff --git a/test/afl_dictionary/tag_doctype b/test/afl_dictionary/tag_doctype deleted file mode 100644 index b771752..0000000 --- a/test/afl_dictionary/tag_doctype +++ /dev/null @@ -1 +0,0 @@ -<!DOCTYPE
\ No newline at end of file diff --git a/test/afl_dictionary/tag_element b/test/afl_dictionary/tag_element deleted file mode 100644 index 04ad1f5..0000000 --- a/test/afl_dictionary/tag_element +++ /dev/null @@ -1 +0,0 @@ -<!ELEMENT
\ No newline at end of file diff --git a/test/afl_dictionary/tag_entity b/test/afl_dictionary/tag_entity deleted file mode 100644 index ee9f1f3..0000000 --- a/test/afl_dictionary/tag_entity +++ /dev/null @@ -1 +0,0 @@ -<!ENTITY
\ No newline at end of file diff --git a/test/afl_dictionary/tag_notation b/test/afl_dictionary/tag_notation deleted file mode 100644 index 749f920..0000000 --- a/test/afl_dictionary/tag_notation +++ /dev/null @@ -1 +0,0 @@ -<!NOTATION
\ No newline at end of file diff --git a/test/afl_dictionary/tag_open b/test/afl_dictionary/tag_open deleted file mode 100644 index 6411313..0000000 --- a/test/afl_dictionary/tag_open +++ /dev/null @@ -1 +0,0 @@ -<a>
\ No newline at end of file diff --git a/test/afl_dictionary/tag_open_close b/test/afl_dictionary/tag_open_close deleted file mode 100644 index 4a12235..0000000 --- a/test/afl_dictionary/tag_open_close +++ /dev/null @@ -1 +0,0 @@ -<a />
\ No newline at end of file diff --git a/test/afl_dictionary/tag_open_exclamation b/test/afl_dictionary/tag_open_exclamation deleted file mode 100644 index 58adc03..0000000 --- a/test/afl_dictionary/tag_open_exclamation +++ /dev/null @@ -1 +0,0 @@ -<!
\ No newline at end of file diff --git a/test/afl_dictionary/tag_open_q b/test/afl_dictionary/tag_open_q deleted file mode 100644 index 2b4439c..0000000 --- a/test/afl_dictionary/tag_open_q +++ /dev/null @@ -1 +0,0 @@ -<?
\ No newline at end of file diff --git a/test/afl_dictionary/tag_sq2_close b/test/afl_dictionary/tag_sq2_close deleted file mode 100644 index facf683..0000000 --- a/test/afl_dictionary/tag_sq2_close +++ /dev/null @@ -1 +0,0 @@ -]]>
\ No newline at end of file diff --git a/test/afl_dictionary/tag_xml_q b/test/afl_dictionary/tag_xml_q deleted file mode 100644 index be32990..0000000 --- a/test/afl_dictionary/tag_xml_q +++ /dev/null @@ -1 +0,0 @@ -<?xml?>
\ No newline at end of file diff --git a/test/afl_dictionary/underscore b/test/afl_dictionary/underscore deleted file mode 100644 index c9cdc63..0000000 --- a/test/afl_dictionary/underscore +++ /dev/null @@ -1 +0,0 @@ -_
\ No newline at end of file diff --git a/test/cmark-fuzz.c b/test/cmark-fuzz.c new file mode 100644 index 0000000..f09db52 --- /dev/null +++ b/test/cmark-fuzz.c @@ -0,0 +1,28 @@ +#include <stdint.h> +#include <stdlib.h> +#include "cmark.h" + +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + int options = 0; + if (size > sizeof(options)) { + /* First 4 bytes of input are treated as options */ + int options = *(const int *)data; + + /* Mask off valid option bits */ + options = options & (CMARK_OPT_SOURCEPOS | CMARK_OPT_HARDBREAKS | CMARK_OPT_SAFE | CMARK_OPT_NOBREAKS | CMARK_OPT_NORMALIZE | CMARK_OPT_VALIDATE_UTF8 | CMARK_OPT_SMART); + + /* Remainder of input is the markdown */ + const char *markdown = (const char *)(data + sizeof(options)); + const size_t markdown_size = size - sizeof(options); + cmark_node *doc = cmark_parse_document(markdown, markdown_size, options); + + free(cmark_render_commonmark(doc, options, 80)); + free(cmark_render_html(doc, options)); + free(cmark_render_latex(doc, options, 80)); + free(cmark_render_man(doc, options, 80)); + free(cmark_render_xml(doc, options)); + + cmark_node_free(doc); + } + return 0; +} diff --git a/test/fuzzing_dictionary b/test/fuzzing_dictionary new file mode 100644 index 0000000..b06783c --- /dev/null +++ b/test/fuzzing_dictionary @@ -0,0 +1,49 @@ +asterisk="*" +attr_generic=" a=\"1\"" +attr_href=" href=\"1\"" +attr_xml_lang=" xml:lang=\"1\"" +attr_xmlns=" xmlns=\"1\"" +backslash="\\" +backtick="`" +colon=":" +dashes="---" +double_quote="\"" +entity_builtin="<" +entity_decimal="" +entity_external="&a;" +entity_hex="" +equals="===" +exclamation="!" +greater_than=">" +hash="#" +hyphen="-" +indent=" " +left_bracket="[" +left_paren="(" +less_than="<" +plus="+" +right_bracket="]" +right_paren=")" +single_quote="'" +string_any="ANY" +string_brackets="[]" +string_cdata="CDATA" +string_dashes="--" +string_empty_dblquotes="\"\"" +string_empty_quotes="''" +string_idrefs="IDREFS" +string_parentheses="()" +string_pcdata="#PCDATA" +tag_cdata="<![CDATA[" +tag_close="</a>" +tag_doctype="<!DOCTYPE" +tag_element="<!ELEMENT" +tag_entity="<!ENTITY" +tag_notation="<!NOTATION" +tag_open="<a>" +tag_open_close="<a />" +tag_open_exclamation="<!" +tag_open_q="<?" +tag_sq2_close="]]>" +tag_xml_q="<?xml?>" +underscore="_" diff --git a/test/run-cmark-fuzz b/test/run-cmark-fuzz new file mode 100755 index 0000000..75100b8 --- /dev/null +++ b/test/run-cmark-fuzz @@ -0,0 +1,4 @@ +#!/bin/bash -eu +CMARK_FUZZ="$1" +shift +ASAN_OPTIONS="quarantine_size_mb=10:detect_leaks=1" "${CMARK_FUZZ}" -max_len=256 -timeout=1 -dict=test/fuzzing_dictionary "$@" |