pull in fuzzers, add CI scripts later

7 years ago · 1e08150838
--- a/+ 3
+++ b/+ 3
@@ -9,6 +9,9 @@ Deprecated and removed features:
 * lh_table_lookup() has been removed, use lh_table_lookup_ex() instead.
 * Remove TRUE and FALSE defines, use 1 and 0 instead.

 Build changes:
 --------------
 * Add a top level fuzz directory for fuzzers run by OSS-Fuzz

 0.13 (up to commit 5dae561, 2017/11/29)
 =================================
--- a/fuzz/README.md
+++ b/fuzz/README.md
@@ -0,0 +1,6 @@
 # Fuzzers

 This directory contains fuzzers that
 target [llvm's LibFuzzer](https://llvm.org/docs/LibFuzzer.html). They are built
 and run automatically by
 Google's [OSS-Fuzz](https://github.com/google/oss-fuzz/) infrastructure.
--- a/fuzz/build.sh
+++ b/fuzz/build.sh
@@ -0,0 +1,30 @@
 #!/bin/bash -eu
 # Copyright 2018 Google Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 ################################################################################

 ./autogen.sh
 ./configure --enable-static --disable-shared
 make -j$(nproc) all
 ar rc json_c.a *.o

 cp $SRC/*.dict $OUT/

 for f in $SRC/*_fuzzer.cc; do
    fuzzer=$(basename "$f" _fuzzer.cc)
    $CXX $CXXFLAGS -std=c++11 -I$SRC/json-c \
         $SRC/${fuzzer}_fuzzer.cc -o $OUT/${fuzzer}_fuzzer \
         -lFuzzingEngine $SRC/json-c/json_c.a
 done
--- a/fuzz/tokener_parse_ex_fuzzer.cc
+++ b/fuzz/tokener_parse_ex_fuzzer.cc
@@ -0,0 +1,13 @@
 #include <stdint.h>

 #include <json.h>

 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  const char *data1 = reinterpret_cast<const char *>(data);
  json_tokener *tok = json_tokener_new();
  json_object *obj = json_tokener_parse_ex(tok, data1, size);

  json_object_put(obj);
  json_tokener_free(tok);
  return 0;
 }
--- a/fuzz/tokener_parse_ex_fuzzer.dict
+++ b/fuzz/tokener_parse_ex_fuzzer.dict
@@ -0,0 +1,18 @@
 "{"
 "}"
 ","
 "["
 "]"
 ","
 ":"
 "e"
 "e+"
 "e-"
 "E"
 "E+"
 "E-"
 "\""
 "null"
 "1"
 "1.234"
 "3e4"