Skip to content

/ adblock-rust

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fuzzing #84

Merged
merged 7 commits into from Apr 6, 2020
+1,008 −19
Merged

Fuzzing #84

Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
73cc828
Add fuzzing. Add test for bug found as result.
ArniDagur Mar 25, 2020
8cf7632
fixes bug in UTF parsing within filter uncovered by fuzzing
AndriusA Mar 30, 2020
7dde6bd
allow for escaping unicode characters in css selectors
AndriusA Mar 30, 2020
711db2e
fixes hostname filter length and schema checks
AndriusA Mar 30, 2020
cd4b9a7
cosmetic filter parsing crash
AndriusA Mar 30, 2020
780331f
handle missing right parent on +js(
antonok-edm Mar 30, 2020
8a4e904
fuzzing request parsing
AndriusA Mar 30, 2020
File filter...
Filter file types
Clear filters
Jump to…
Jump to file
Failed to load files.

Always

Just for now

Prev
Loading status checks…

fuzzing request parsing

  • Loading branch information
@AndriusA
AndriusA committed Mar 30, 2020
Verified
This commit was signed with a verified signature.
AndriusA Andrius
GPG key ID: 20D03BCFCE40DF8A Learn about signing commits
commit 8a4e9042e6be7751e620d0a977d2e0471a2c7de7
4 fuzz/Cargo.toml
View file
Open in desktop
@@ -22,3 +22,7 @@ members = ["."]
[[bin]]
name = "parse_filter"
path = "fuzz_targets/parse_filter.rs"

[[bin]]
name = "parse_request"
path = "fuzz_targets/parse_request.rs"
13 fuzz/fuzz_targets/parse_request.rs
View file
Open in desktop
@@ -0,0 +1,13 @@
#![no_main]
use libfuzzer_sys::fuzz_target;
use adblock::request::Request;

fuzz_target!(|data: &[u8]| {
if let Ok(url) = std::str::from_utf8(data) {
Request::from_url(&format!("https://{}", url));
Request::from_urls(url, "https://example.com", "script");
Request::from_urls(url, "", "");
Request::from_urls(url, url, "");
Request::from_urls(url, url, url);
}
});
13 src/request.rs
View file
Open in desktop
@@ -534,4 +534,17 @@ mod tests {
assert_eq!(parsed.is_third_party, Some(false));
}
}

#[test]
fn fuzzing_errors() {
{
let parsed = Request::from_url("https://߶");
assert!(parsed.is_ok());
}
{
let parsed = Request::from_url(
&format!("https://{}", std::str::from_utf8(&[9, 9, 64]).unwrap()));
assert!(parsed.is_err());
}
}
}
2 src/url_parser/mod.rs
View file
Open in desktop
@@ -40,7 +40,7 @@ impl UrlParser for Request {
url: h.url_str().to_owned(),
schema_end: h.scheme_end,
hostname_pos: (h.host_start, h.host_end),
domain: get_host_domain(&url[h.host_start..h.host_end])
domain: get_host_domain(&h.url_str()[h.host_start..h.host_end])
}),
_ => None
}
3 src/url_parser/parser.rs
View file
Open in desktop
@@ -189,6 +189,7 @@ simple_enum_error! {
// SetHostOnCannotBeABaseUrl => "a cannot-be-a-base URL doesn’t have a host to set",
// Overflow => "URLs more than 4 GB are not supported",
FileUrlNotSupported => "file URLs are not supported",
ExpectedMoreChars => "Expected more characters",
}

#[cfg(feature = "heapsize")]
@@ -454,7 +455,7 @@ impl Parser {
let mut has_password = false;
let mut has_username = false;
while userinfo_char_count > 0 {
let (c, utf8_c) = input.next_utf8().unwrap();
let (c, utf8_c) = input.next_utf8().ok_or(ParseError::ExpectedMoreChars)?;
userinfo_char_count -= 1;
if c == ':' && username_end.is_none() {
// Start parsing password
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.