mirror of
https://github.com/nlohmann/json.git
synced 2024-11-27 16:49:02 +08:00
✅ added fuzzer for UBJSON input
This commit is contained in:
parent
b0a68f540f
commit
f0b26c8f38
10
Makefile
10
Makefile
@ -42,6 +42,7 @@ all:
|
|||||||
@echo "fuzz_testing - prepare fuzz testing of the JSON parser"
|
@echo "fuzz_testing - prepare fuzz testing of the JSON parser"
|
||||||
@echo "fuzz_testing_cbor - prepare fuzz testing of the CBOR parser"
|
@echo "fuzz_testing_cbor - prepare fuzz testing of the CBOR parser"
|
||||||
@echo "fuzz_testing_msgpack - prepare fuzz testing of the MessagePack parser"
|
@echo "fuzz_testing_msgpack - prepare fuzz testing of the MessagePack parser"
|
||||||
|
@echo "fuzz_testing_ubjson - prepare fuzz testing of the UBJSON parser"
|
||||||
@echo "json_unit - create single-file test executable"
|
@echo "json_unit - create single-file test executable"
|
||||||
@echo "pedantic_clang - run Clang with maximal warning flags"
|
@echo "pedantic_clang - run Clang with maximal warning flags"
|
||||||
@echo "pedantic_gcc - run GCC with maximal warning flags"
|
@echo "pedantic_gcc - run GCC with maximal warning flags"
|
||||||
@ -69,7 +70,6 @@ clean:
|
|||||||
rm -fr build_coverage
|
rm -fr build_coverage
|
||||||
$(MAKE) clean -Cdoc
|
$(MAKE) clean -Cdoc
|
||||||
$(MAKE) clean -Ctest
|
$(MAKE) clean -Ctest
|
||||||
$(MAKE) clean -Cbenchmarks
|
|
||||||
|
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
@ -214,6 +214,14 @@ fuzz_testing_msgpack:
|
|||||||
find test/data -size -5k -name *.msgpack | xargs -I{} cp "{}" fuzz-testing/testcases
|
find test/data -size -5k -name *.msgpack | xargs -I{} cp "{}" fuzz-testing/testcases
|
||||||
@echo "Execute: afl-fuzz -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer"
|
@echo "Execute: afl-fuzz -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer"
|
||||||
|
|
||||||
|
fuzz_testing_ubjson:
|
||||||
|
rm -fr fuzz-testing
|
||||||
|
mkdir -p fuzz-testing fuzz-testing/testcases fuzz-testing/out
|
||||||
|
$(MAKE) parse_ubjson_fuzzer -C test CXX=afl-clang++
|
||||||
|
mv test/parse_ubjson_fuzzer fuzz-testing/fuzzer
|
||||||
|
find test/data -size -5k -name *.ubjson | xargs -I{} cp "{}" fuzz-testing/testcases
|
||||||
|
@echo "Execute: afl-fuzz -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer"
|
||||||
|
|
||||||
fuzzing-start:
|
fuzzing-start:
|
||||||
afl-fuzz -S fuzzer1 -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer > /dev/null &
|
afl-fuzz -S fuzzer1 -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer > /dev/null &
|
||||||
afl-fuzz -S fuzzer2 -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer > /dev/null &
|
afl-fuzz -S fuzzer2 -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzzer > /dev/null &
|
||||||
|
@ -54,7 +54,7 @@ TESTCASES = $(patsubst src/unit-%.cpp,test-%,$(wildcard src/unit-*.cpp))
|
|||||||
all: $(TESTCASES)
|
all: $(TESTCASES)
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
rm -fr json_unit $(OBJECTS) $(SOURCES:.cpp=.gcno) $(SOURCES:.cpp=.gcda) $(TESTCASES) parse_afl_fuzzer parse_cbor_fuzzer parse_msgpack_fuzzer
|
rm -fr json_unit $(OBJECTS) $(SOURCES:.cpp=.gcno) $(SOURCES:.cpp=.gcda) $(TESTCASES) $(FUZZERS)
|
||||||
|
|
||||||
##############################################################################
|
##############################################################################
|
||||||
# single test file
|
# single test file
|
||||||
@ -88,7 +88,8 @@ check: $(OBJECTS) $(TESTCASES)
|
|||||||
##############################################################################
|
##############################################################################
|
||||||
|
|
||||||
FUZZER_ENGINE = src/fuzzer-driver_afl.cpp
|
FUZZER_ENGINE = src/fuzzer-driver_afl.cpp
|
||||||
fuzzers: parse_afl_fuzzer parse_cbor_fuzzer parse_msgpack_fuzzer
|
FUZZERS = parse_afl_fuzzer parse_cbor_fuzzer parse_msgpack_fuzzer parse_ubjson_fuzzer
|
||||||
|
fuzzers: $(FUZZERS)
|
||||||
|
|
||||||
parse_afl_fuzzer:
|
parse_afl_fuzzer:
|
||||||
$(CXX) $(CXXFLAGS) $(CPPFLAGS) $(FUZZER_ENGINE) src/fuzzer-parse_json.cpp -o $@
|
$(CXX) $(CXXFLAGS) $(CPPFLAGS) $(FUZZER_ENGINE) src/fuzzer-parse_json.cpp -o $@
|
||||||
@ -98,3 +99,6 @@ parse_cbor_fuzzer:
|
|||||||
|
|
||||||
parse_msgpack_fuzzer:
|
parse_msgpack_fuzzer:
|
||||||
$(CXX) $(CXXFLAGS) $(CPPFLAGS) $(FUZZER_ENGINE) src/fuzzer-parse_msgpack.cpp -o $@
|
$(CXX) $(CXXFLAGS) $(CPPFLAGS) $(FUZZER_ENGINE) src/fuzzer-parse_msgpack.cpp -o $@
|
||||||
|
|
||||||
|
parse_ubjson_fuzzer:
|
||||||
|
$(CXX) $(CXXFLAGS) $(CPPFLAGS) $(FUZZER_ENGINE) src/fuzzer-parse_ubjson.cpp -o $@
|
||||||
|
64
test/src/fuzzer-parse_ubjson.cpp
Normal file
64
test/src/fuzzer-parse_ubjson.cpp
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
/*
|
||||||
|
__ _____ _____ _____
|
||||||
|
__| | __| | | | JSON for Modern C++ (fuzz test support)
|
||||||
|
| | |__ | | | | | | version 3.0.1
|
||||||
|
|_____|_____|_____|_|___| https://github.com/nlohmann/json
|
||||||
|
|
||||||
|
This file implements a parser test suitable for fuzz testing. Given a byte
|
||||||
|
array data, it performs the following steps:
|
||||||
|
|
||||||
|
- j1 = from_ubjson(data)
|
||||||
|
- vec = to_ubjson(j1)
|
||||||
|
- j2 = from_ubjson(vec)
|
||||||
|
- assert(j1 == j2)
|
||||||
|
|
||||||
|
The provided function `LLVMFuzzerTestOneInput` can be used in different fuzzer
|
||||||
|
drivers.
|
||||||
|
|
||||||
|
Licensed under the MIT License <http://opensource.org/licenses/MIT>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <iostream>
|
||||||
|
#include <sstream>
|
||||||
|
#include <json.hpp>
|
||||||
|
|
||||||
|
using json = nlohmann::json;
|
||||||
|
|
||||||
|
// see http://llvm.org/docs/LibFuzzer.html
|
||||||
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
// step 1: parse input
|
||||||
|
std::vector<uint8_t> vec1(data, data + size);
|
||||||
|
json j1 = json::from_ubjson(vec1);
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
// step 2: round trip
|
||||||
|
std::vector<uint8_t> vec2 = json::to_ubjson(j1);
|
||||||
|
|
||||||
|
// parse serialization
|
||||||
|
json j2 = json::from_ubjson(vec2);
|
||||||
|
|
||||||
|
// serializations must match
|
||||||
|
assert(json::to_ubjson(j2) == vec2);
|
||||||
|
}
|
||||||
|
catch (const json::parse_error&)
|
||||||
|
{
|
||||||
|
// parsing a UBJSON serialization must not fail
|
||||||
|
assert(false);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (const json::parse_error&)
|
||||||
|
{
|
||||||
|
// parse errors are ok, because input may be random bytes
|
||||||
|
}
|
||||||
|
catch (const json::type_error&)
|
||||||
|
{
|
||||||
|
// type errors can occur during parsing, too
|
||||||
|
}
|
||||||
|
|
||||||
|
// return 0 - non-zero return values are reserved for future use
|
||||||
|
return 0;
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user