Fuzzer finding fixes (#20)

TinyTinni · Nov 5, 2023 · c8adfc2 · c8adfc2
1 parent 784cad8
commit c8adfc2
Show file tree

Hide file tree

Showing 10 changed files with 51 additions and 39 deletions.
diff --git a/Readme.md b/Readme.md
@@ -19,7 +19,7 @@ This header-only file provides a parser and writer to load and save the given da
 - C++11 
 
 ## Test Requirements
-- C++14 (uses [catch2](https://github.com/catchorg/Catch2))
+- C++17 (uses [catch2](https://github.com/catchorg/Catch2))
 
 (works with the C++11 features of vs120/"Visual Studio 2013" and newer)
 

diff --git a/fuzzing/CMakeLists.txt b/fuzzing/CMakeLists.txt
@@ -7,8 +7,10 @@ add_executable(fuzzing main.cpp)
 target_link_libraries(fuzzing PRIVATE -coverage -fsanitize=fuzzer)
 if ("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang")
 	target_compile_options(fuzzing PRIVATE -fsanitize=fuzzer)
+    target_link_libraries(fuzzing PUBLIC -fsanitize=address,undefined)
 elseif("${CMAKE_CXX_COMPILER_ID}" MATCHES "MSVC")
 	target_compile_options(fuzzing PRIVATE /fsanitize=fuzzer)
+    target_compile_definitions(fuzzing PRIVATE "-D_SILENCE_ALL_CXX17_DEPRECATION_WARNINGS")
 endif()
 
 add_test(NAME fuzzing_run COMMAND fuzzing -max_total_time=${FUZZ_RUNTIME} -timeout=${FUZZ_RUNTIME}) 
diff --git a/fuzzing/main.cpp b/fuzzing/main.cpp
@@ -6,12 +6,8 @@
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 {
-
     std::string_view test_corpus{reinterpret_cast<const char *>(data), size};
     bool ok;
-    tyti::vdf::Options opt;
-    opt.ignore_includes = true;
-    auto blub =
-        tyti::vdf::read(test_corpus.begin(), test_corpus.end(), &ok, opt);
+    auto result = tyti::vdf::read(test_corpus.begin(), test_corpus.end(), &ok);
     return 0;
 }
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
@@ -1,4 +1,4 @@
-set (CMAKE_CXX_STANDARD 14)
+set (CMAKE_CXX_STANDARD 17)
 
 ##find_package(Catch2 QUIET)
 ##if (NOT TARGET Catch2::Catch)
@@ -44,6 +44,11 @@ add_executable(tests "../vdf_parser.hpp" ${SRCS})
 set_property(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} PROPERTY VS_STARTUP_PROJECT tests) #requires cmake 3.6
 set_property(TARGET tests PROPERTY COMPILE_WARNING_AS_ERROR ON)
 add_definitions("-DSOURCE_DIR=\"${CMAKE_CURRENT_SOURCE_DIR}\"" "-DCATCH_AMALGAMATED_CUSTOM_MAIN")
+target_compile_definitions(tests PRIVATE "-D_SILENCE_ALL_CXX17_DEPRECATION_WARNINGS")
+
+if ("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang")
+    target_link_libraries(tests PUBLIC -fsanitize=address,undefined)
+endif()
 
 if (BUILD_TESTING)
     add_test(NAME vdf_tests COMMAND tests)

diff --git a/tests/testdata/fuzzing_data/crash-1 b/tests/testdata/fuzzing_data/crash-1
@@ -0,0 +1 @@
+f*/*����/�
diff --git a/tests/testdata/fuzzing_data/crash-2 b/tests/testdata/fuzzing_data/crash-2
diff --git a/tests/testdata/fuzzing_data/crash-3 b/tests/testdata/fuzzing_data/crash-3
diff --git a/tests/testdata/fuzzing_data/timeout-1 b/tests/testdata/fuzzing_data/timeout-1
@@ -0,0 +1,3 @@
+-�
+/
+{
diff --git a/tests/vdf_parser_test.cpp b/tests/vdf_parser_test.cpp
@@ -1,4 +1,6 @@
 #include <algorithm>
+#include <filesystem>
+#include <fstream>
 #include <iostream>
 #include <sstream>
 #include <string>
@@ -266,16 +268,16 @@ TEST_CASE("counter test", "[counter]")
 /////////////////////////////////////////////////////////////
 // fuzzer findings
 /////////////////////////////////////////////////////////////
-
-TEST_CASE("fuzzing_endless_loop", "[fuzzing]")
+TEST_CASE("fuzzing_files", "[fuzzing]")
 {
-    std::string test_corpus{u8R"(-�
-/
-{)"};
-    bool ok;
-    tyti::vdf::Options opt;
-    opt.ignore_includes = true;
-    auto result =
-        tyti::vdf::read(test_corpus.begin(), test_corpus.end(), &ok, opt);
-    CHECK_FALSE(ok);
-}
+
+    for (auto const &dir_entry :
+         std::filesystem::directory_iterator{"fuzzing_data"})
+    {
+        SECTION(dir_entry.path().filename().string())
+        {
+            std::ifstream f(dir_entry.path().string());
+            CHECK_THROWS(tyti::vdf::read(f));
+        }
+    }
+}
diff --git a/vdf_parser.hpp b/vdf_parser.hpp
@@ -339,24 +339,27 @@ std::vector<std::unique_ptr<OutputT>> read_internal(
                                             const IterT &last) -> IterT
     {
         ++iter;
-        if (iter != last)
+        if (iter == last)
+            return last;
+
+        if (*iter == TYTI_L(charT, '/'))
         {
-            if (*iter == TYTI_L(charT, '/'))
-            {
-                // line comment, skip whole line
-                iter = std::find(iter + 1, last, TYTI_L(charT, '\n'));
-            }
+            // line comment, skip whole line
+            iter = std::find(iter + 1, last, TYTI_L(charT, '\n'));
+            if (iter == last)
+                return last;
+        }
 
-            if (*iter == '*')
-            {
-                // block comment, skip until next occurance of "*\"
-                iter = std::search(iter + 1, last, std::begin(comment_end_str),
-                                   std::end(comment_end_str));
-                if (std::distance(iter,last) < 2)
-                    return last;
-                iter += 2;
-            }
+        if (*iter == '*')
+        {
+            // block comment, skip until next occurance of "*\"
+            iter = std::search(iter + 1, last, std::begin(comment_end_str),
+                               std::end(comment_end_str));
+            if (std::distance(iter, last) <= 2)
+                return last;
+            iter += 2;
         }
+
         return iter;
     };
 
@@ -482,20 +485,18 @@ std::vector<std::unique_ptr<OutputT>> read_internal(
 
     while (curIter != last && *curIter != '\0')
     {
-        // auto fuzz_test = curIter != last;
-        // if (*curIter == '\0')
-        //     break;
         //  find first starting attrib/child, or ending
         curIter = skip_whitespaces(curIter, last);
         if (curIter == last || *curIter == '\0')
             break;
         if (*curIter == TYTI_L(charT, '/'))
         {
             curIter = skip_comments(curIter, last);
+            if (curIter == last || *curIter == '\0')
+                throw std::runtime_error("Unexpected eof");
         }
         else if (*curIter != TYTI_L(charT, '}'))
         {
-
             // get key
             const auto keyEnd = (*curIter == TYTI_L(charT, '\"'))
                                     ? end_quote(curIter, last)
@@ -530,14 +531,16 @@ std::vector<std::unique_ptr<OutputT>> read_internal(
             if (*curIter != '{')
             {
                 if (curIter == last)
-                    throw std::runtime_error("idk");
+                    throw std::runtime_error{"key declared, but no value"};
                 const auto valueEnd = (*curIter == TYTI_L(charT, '\"'))
                                           ? end_quote(curIter, last)
                                           : end_word(curIter, last);
                 if (valueEnd == last)
                     throw std::runtime_error("No closed word");
                 if (*curIter == TYTI_L(charT, '\"'))
                     ++curIter;
+                if (curIter == last)
+                    throw std::runtime_error("No closed word");
 
                 auto value = std::basic_string<charT>(curIter, valueEnd);
                 strip_escape_symbols(value);
-Original file line number
+Diff line change
@@ -0,0 +1,3 @@
+    -�
+    /
+    {