Commit bcfa407912dde624cc64e9d19d0ad1eb10c62247
1 parent
e2c77bab
As a test suite, run stand-alone fuzzer on seed corpus
Temporarily skip fuzz tests on Windows. There are Windows-specific failures to address later.
Showing
3 changed files
with
58 additions
and
0 deletions
ChangeLog
| 1 | 2019-06-15 Jay Berkenbilt <ejb@ql.org> | 1 | 2019-06-15 Jay Berkenbilt <ejb@ql.org> |
| 2 | 2 | ||
| 3 | + * Do "ideal integration" with oss-fuzz. This includes adding a | ||
| 4 | + better fuzzer with a seed corpus and adding automated tests of the | ||
| 5 | + fuzzer with the test data. | ||
| 6 | + | ||
| 3 | * When parsing files, while reading an object, if there are too | 7 | * When parsing files, while reading an object, if there are too |
| 4 | many consecutive errors without enough intervening successes, give | 8 | many consecutive errors without enough intervening successes, give |
| 5 | up on the specific object. This reduces cases in which very badly | 9 | up on the specific object. This reduces cases in which very badly |
fuzz/qtest/fuzz.test
0 → 100644
| 1 | +#!/usr/bin/env perl | ||
| 2 | +require 5.008; | ||
| 3 | +use warnings; | ||
| 4 | +use strict; | ||
| 5 | +use Digest::SHA; | ||
| 6 | +use File::Basename; | ||
| 7 | + | ||
| 8 | +require TestDriver; | ||
| 9 | + | ||
| 10 | +my $td = new TestDriver('fuzz'); | ||
| 11 | + | ||
| 12 | +if (($^O eq 'MSWin32') || ($^O eq 'msys')) | ||
| 13 | +{ | ||
| 14 | + $td->emphasize("temporarily skipping fuzz tests in Windows"); | ||
| 15 | + $td->report(0); | ||
| 16 | + exit(0); | ||
| 17 | +} | ||
| 18 | + | ||
| 19 | +my @files = glob("../qpdf_fuzzer_seed_corpus/*"); | ||
| 20 | +my $n_test_files = 27; | ||
| 21 | +my $n_orig_files = 2559; | ||
| 22 | +my $n_files = $n_test_files + $n_orig_files; | ||
| 23 | + | ||
| 24 | +if (scalar(@files) != $n_files) | ||
| 25 | +{ | ||
| 26 | + die "wrong number of files seen in fuzz.test"; | ||
| 27 | +} | ||
| 28 | + | ||
| 29 | +foreach my $f (@files) | ||
| 30 | +{ | ||
| 31 | + my $sum = basename($f); | ||
| 32 | + $td->runtest("checksum $sum", | ||
| 33 | + {$td->STRING => get_sha1_checksum($f)}, | ||
| 34 | + {$td->STRING => $sum}); | ||
| 35 | + $td->runtest("fuzz check $sum", | ||
| 36 | + {$td->COMMAND => "qpdf_fuzzer $f"}, | ||
| 37 | + {$td->REGEXP => ".*$f successful\n", | ||
| 38 | + $td->EXIT_STATUS => 0}, | ||
| 39 | + $td->NORMALIZE_NEWLINES); | ||
| 40 | +} | ||
| 41 | + | ||
| 42 | +$td->report(2 * $n_files); | ||
| 43 | + | ||
| 44 | +sub get_sha1_checksum | ||
| 45 | +{ | ||
| 46 | + my $file = shift; | ||
| 47 | + open(F, "<$file") or fatal("can't open $file: $!"); | ||
| 48 | + binmode F; | ||
| 49 | + my $digest = Digest::SHA->new('sha1')->addfile(*F)->hexdigest; | ||
| 50 | + close(F); | ||
| 51 | + $digest; | ||
| 52 | +} |
qpdf/qtest/qpdf.test
| @@ -642,6 +642,8 @@ my @bug_tests = ( | @@ -642,6 +642,8 @@ my @bug_tests = ( | ||
| 642 | ["263", "empty xref stream", 2], | 642 | ["263", "empty xref stream", 2], |
| 643 | ["335a", "ozz-fuzz-12152", 2], | 643 | ["335a", "ozz-fuzz-12152", 2], |
| 644 | ["335b", "ozz-fuzz-14845", 2], | 644 | ["335b", "ozz-fuzz-14845", 2], |
| 645 | + # When adding to this list, consider adding to SEED_CORPUS_FILES | ||
| 646 | + # in fuzz/build.mk and updating the count in fuzz/qtest/fuzz.test. | ||
| 645 | ); | 647 | ); |
| 646 | $n_tests += scalar(@bug_tests); | 648 | $n_tests += scalar(@bug_tests); |
| 647 | foreach my $d (@bug_tests) | 649 | foreach my $d (@bug_tests) |