BigfootDev/flatbuffers
1
0
Fork 1
mirror of https://github.com/google/flatbuffers.git synced 2026-06-29 12:12:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

[fuzzer] Fix the binary schema loading in the monster_fuzzer (#6396)

Browse Source 
This commit should fix issue 29374 in oss-fuzz.
This commit is contained in:
Vladimir Glavnyy
2021-01-13 01:20:47 +07:00
committed by GitHub
parent 408cf58024
commit 7abe612b59
1 changed files with 25 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
tests/fuzzer/flatbuffers_monster_fuzzer.cc
View File

@@ -25,6 +25,13 @@
#include "flatbuffers/idl.h" #include "flatbuffers/idl.h"
#include "test_init.h" #include "test_init.h"
namespace fs = std::filesystem;
// Utility for test run.
OneTimeTestInit OneTimeTestInit::one_time_init_;
// The current executable path (see LLVMFuzzerInitialize).
static fs::path exe_path_;
namespace { namespace {
static constexpr size_t kMinInputLength = 1; static constexpr size_t kMinInputLength = 1;
@@ -34,28 +41,21 @@ static constexpr uint8_t flags_strict_json = 0x80;
static constexpr uint8_t flags_skip_unexpected_fields_in_json = 0x40; static constexpr uint8_t flags_skip_unexpected_fields_in_json = 0x40;
static constexpr uint8_t flags_allow_non_utf8 = 0x20; static constexpr uint8_t flags_allow_non_utf8 = 0x20;
bool TestFileExists(const char *file_name) { bool TestFileExists(fs::path file_path) {
namespace fs = std::filesystem; if (file_path.has_filename() && fs::exists(file_path)) return true;
const bool file_exists = flatbuffers::FileExists(file_name);
TEST_OUTPUT_LINE("@DEBUG: test file, exists: %d, name:'%s'", file_exists,
file_name);
if (file_exists) return true;
const auto cwd = fs::current_path(); TEST_OUTPUT_LINE("@DEBUG: file '%s' not found", file_path.c_str());
TEST_OUTPUT_LINE("@DEBUG: file '%s' not found with flatbuffers::FileExists()", for (const auto &entry : fs::directory_iterator(file_path.parent_path())) {
file_name); TEST_OUTPUT_LINE("@DEBUG: parent path entry: '%s'", entry.path().c_str());
TEST_OUTPUT_LINE("@DEBUG: CWD: '%s', fs::exists: %d", cwd.c_str(),
fs::exists(cwd / file_name));
for (const auto &entry : fs::directory_iterator(cwd)) {
TEST_OUTPUT_LINE("@DEBUG: CWD entry: '%s'", entry.path().c_str());
} }
return false; return false;
} }
std::string LoadBinarySchema(const char *file_name) { std::string LoadBinarySchema(const char *file_name) {
TEST_EQ(true, TestFileExists(file_name)); const auto file_path = exe_path_.parent_path() / file_name;
TEST_EQ(true, TestFileExists(file_path));
std::string schemafile; std::string schemafile;
TEST_EQ(true, flatbuffers::LoadFile(file_name, true, &schemafile)); TEST_EQ(true, flatbuffers::LoadFile(file_path.c_str(), true, &schemafile));
flatbuffers::Verifier verifier( flatbuffers::Verifier verifier(
reinterpret_cast<const uint8_t *>(schemafile.c_str()), schemafile.size()); reinterpret_cast<const uint8_t *>(schemafile.c_str()), schemafile.size());
@@ -87,8 +87,16 @@ std::string do_test(const flatbuffers::IDLOptions &opts,
}; };
} // namespace } // namespace
// Utility for test run. // https://google.github.io/oss-fuzz/further-reading/fuzzer-environment/
OneTimeTestInit OneTimeTestInit::one_time_init_; // Current working directory
// You should not make any assumptions about the current working directory of
// your fuzz target. If you need to load data files, please use argv[0] to get
// the directory where your fuzz target executable is located.
// You must not modify argv[0].
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
exe_path_ = (*argv)[0];
return 0;
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
// Reserve one byte for Parser flags and one byte for repetition counter. // Reserve one byte for Parser flags and one byte for repetition counter.