tests: fuzz target integration

.travis.sh

@@ -32,6 +32,8 @@ set -e
 
 if [[ ${TRAVIS_OS_NAME} = osx ]]; then
     export PATH="/usr/local/opt/coreutils/libexec/gnubin${PATH:+:}${PATH}"
+elif [[ ${TRAVIS_OS_NAME} = linux ]]; then
+    export PATH="/usr/lib/llvm-9/bin:${PATH}"
 fi
 
 PS4='# '
@@ -54,6 +56,11 @@ elif [[ ${MODE} = cmake-oos ]]; then
     make all test
     make DESTDIR="${PWD}"/ROOT install
     find ROOT -printf "%P\n" | sort
+elif [[ ${MODE} = cppcheck ]]; then
+    cppcheck --quiet --error-exitcode=1 .
+elif [[ ${MODE} = clang-format ]]; then
+    ./apply-clang-format.sh
+    git diff --exit-code
 else
-    ./qa.sh
+    ./qa.sh ${CONFIGURE_ARGS}
 fi

.travis.yml

@@ -6,47 +6,62 @@ os:
   - linux
   - osx
 dist: trusty
-
-# Unbreak clang address sanitizer, needs SYS_PTRACE
-# https://github.com/google/sanitizers/issues/764#issuecomment-276663297
-# https://github.com/travis-ci/travis-ci/issues/9033
-sudo: required
+services:
+  - docker
 
 git:
-  depth: 1
+  depth: 50
 
 env:
   global:
     - CFLAGS='-g -pipe'
+    # This is FUZZIT_API_KEY
+    - secure: "vG1NQmbuRFtWs8t2TzjgwoFjlLu97Z4chzzN7oUndnOm0tf4dQHSpgP9IjlQb6vpC9NSrwuzfPP0q0E1VOcT+X6wTytG4MhdZAJq6rJidOXaKRE359q3TBNt55P/VwY9ZE2DI6DoRw+1HnyLK5jWWWw8RtrmNY39gfE6A6uTYQrpFi3pL9KIa6hIZq1+rQhrb7mKKt69sjqbXlj9mN/DVVyqLq1m1ONIdqsGHv+8LKK0KDiexhqj7Nyazs2ZPZ9PBZKhOYm01Wq3F3ef0JAdPM9pJbxwUU1JhTqGtRs5ErWZrO4AZe5KNm1xH2+VeZl3xDxRN+7IqUwujHFcFT4kWXTb16GJ+UVNtTj6v5zbB3OCmPYMg1dXwzzW+Am0K2FFfS4A9QeMM+9vcHi2LVA/foOD2LS6ohCtCJc1kmIDJqBmSNCYliTGhSBOWJ30gqxWiMzw0UGP2ZttEBqns6PzRsHImPFRAEFelgz8nR6Ubuuj/kas6npO5oVMKkH8Kb7f/Y4PQuerTksrRY6GNYmFqvVeW1X0XmfAlKWzLcJY0g3B+FunTss06CxcWMiyZBNS/3IJLIJ1u60jxINWvqCu/xGPD9a+qkeKZNCw8rsBvNv6gX2wpmu23qQxCm6T/LN1tYTDhe6oV5QQzQAQAl1UcH7CCePar/TdcvKXqfXVeUI="
   matrix:
     - MODE=cmake-oos
+    - MODE=cppcheck
     - MODE=distcheck
     - MODE=qa-sh QA_COMPILER=clang CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=address
 
 matrix:
   include:
+    - os: linux
+      env: MODE=clang-format
     - os: linux
       env: MODE=cmake-oos CMAKE_ARGS=-DXML_ATTR_INFO=ON
     - os: linux
-      env: MODE=qa-sh QA_COMPILER=clang CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=address CONFIGURE_ARGS=--enable-xml-attr-info
+      env: MODE=qa-sh QA_COMPILER=clang CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=address CONFIGURE_ARGS="--enable-xml-attr-info --enable-fuzztargets"
     - os: linux
-      env: MODE=qa-sh QA_COMPILER=clang CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=memory
+      env: MODE=qa-sh QA_COMPILER=clang CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=memory CONFIGURE_ARGS=--enable-fuzztargets
     - os: linux
       env: MODE=qa-sh QA_COMPILER=clang CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=undefined
     - os: linux
-      env: MODE=qa-sh QA_COMPILER=gcc   CC=gcc   CXX=g++     LD=ld      QA_PROCESSOR=gcov
+      env: MODE=qa-sh QA_COMPILER=gcc CC=gcc CXX=g++ LD=ld QA_PROCESSOR=gcov
+    - os: linux
+      env: MODE=qa-sh QA_COMPILER=gcc CC=i686-w64-mingw32-gcc CXX=i686-w64-mingw32-g++ LD=i686-w64-mingw32-ld QA_PROCESSOR=gcov CONFIGURE_ARGS="--host=i686-w64-mingw32 --enable-xml-attr-info"
+    - os: linux
+      env: MODE=qa-sh QA_COMPILER=gcc CC=i686-w64-mingw32-gcc CXX=i686-w64-mingw32-g++ LD=i686-w64-mingw32-ld QA_PROCESSOR=gcov CONFIGURE_ARGS="--host=i686-w64-mingw32 --enable-xml-attr-info CPPFLAGS=-DXML_UNICODE_WCHAR_T"
 
 addons:
   homebrew:
     update: true
     brewfile: true
   apt:
+    sources:
+      - llvm-toolchain-trusty
+      - ubuntu-toolchain-r-test
     packages:
+      - clang-9
+      - clang-format-9
       - cmake
+      - cppcheck
       - docbook2x
       - dos2unix
       - lzip
+      - mingw-w64
+      - moreutils
       - rpm
+      - wine
 
 script:
   - ./.travis.sh

Brewfile

@@ -11,3 +11,4 @@ brew "libtool"
 brew "lzip"
 brew "m4"
 brew "rpm"
+brew "cppcheck"

appveyor.yml

@@ -37,7 +37,7 @@ init:
 version: libexpat-{build}
 
 # set clone depth, clone entire repository history if not defined
-clone_depth: 1
+clone_depth: 50
 
 # clone directory
 clone_folder: c:\projects\libexpat

expat/.clang-format

@@ -0,0 +1,127 @@
+---
+Language:        Cpp
+# BasedOnStyle:  LLVM
+AccessModifierOffset: -2
+AlignAfterOpenBracket: Align
+# AlignConsecutiveMacros: false  # TODO restore
+AlignConsecutiveAssignments: false
+AlignConsecutiveDeclarations: false
+AlignEscapedNewlines: Right
+AlignOperands:   true
+AlignTrailingComments: true
+AllowAllArgumentsOnNextLine: true
+AllowAllConstructorInitializersOnNextLine: true
+AllowAllParametersOfDeclarationOnNextLine: true
+AllowShortBlocksOnASingleLine: false
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: InlineOnly
+AllowShortLambdasOnASingleLine: All
+AllowShortIfStatementsOnASingleLine: Never
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterDefinitionReturnType: None
+AlwaysBreakAfterReturnType: AllDefinitions
+AlwaysBreakBeforeMultilineStrings: false
+AlwaysBreakTemplateDeclarations: MultiLine
+BinPackArguments: true
+BinPackParameters: true
+BraceWrapping:
+  AfterCaseLabel:  false
+  AfterClass:      false
+  AfterControlStatement: false
+  AfterEnum:       false
+  AfterFunction:   false
+  AfterNamespace:  false
+  AfterObjCDeclaration: false
+  AfterStruct:     false
+  AfterUnion:      false
+  AfterExternBlock: false
+  BeforeCatch:     false
+  BeforeElse:      false
+  IndentBraces:    false
+  SplitEmptyFunction: true
+  SplitEmptyRecord: true
+  SplitEmptyNamespace: true
+BreakBeforeBinaryOperators: All
+BreakBeforeBraces: Attach
+BreakBeforeInheritanceComma: false
+BreakInheritanceList: BeforeColon
+BreakBeforeTernaryOperators: true
+BreakConstructorInitializersBeforeComma: false
+BreakConstructorInitializers: BeforeColon
+BreakAfterJavaFieldAnnotations: false
+BreakStringLiterals: false
+ColumnLimit:     80
+CommentPragmas:  '^ IWYU pragma:'
+CompactNamespaces: false
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+ConstructorInitializerIndentWidth: 4
+ContinuationIndentWidth: 4
+Cpp11BracedListStyle: true
+DerivePointerAlignment: false
+DisableFormat:   false
+ExperimentalAutoDetectBinPacking: false
+FixNamespaceComments: true
+ForEachMacros:
+  - foreach
+  - Q_FOREACH
+  - BOOST_FOREACH
+IncludeBlocks:   Preserve
+IncludeCategories:
+  - Regex:           '^"(llvm|llvm-c|clang|clang-c)/'
+    Priority:        2
+  - Regex:           '^(<|"(gtest|gmock|isl|json)/)'
+    Priority:        3
+  - Regex:           '.*'
+    Priority:        1
+IncludeIsMainRegex: '(Test)?$'
+IndentCaseLabels: false
+IndentPPDirectives: AfterHash
+IndentWidth:     2
+IndentWrappedFunctionNames: false
+JavaScriptQuotes: Leave
+JavaScriptWrapImports: true
+KeepEmptyLinesAtTheStartOfBlocks: false
+MacroBlockBegin: ''
+MacroBlockEnd:   ''
+MaxEmptyLinesToKeep: 1
+NamespaceIndentation: None
+ObjCBinPackProtocolList: Auto
+ObjCBlockIndentWidth: 2
+ObjCSpaceAfterProperty: false
+ObjCSpaceBeforeProtocolList: true
+PenaltyBreakAssignment: 2
+PenaltyBreakBeforeFirstCallParameter: 19
+PenaltyBreakComment: 300
+PenaltyBreakFirstLessLess: 120
+PenaltyBreakString: 1000
+PenaltyBreakTemplateDeclaration: 10
+PenaltyExcessCharacter: 1000000
+PenaltyReturnTypeOnItsOwnLine: 60
+PointerAlignment: Right
+ReflowComments:  true
+SortIncludes:    false
+SortUsingDeclarations: false
+SpaceAfterCStyleCast: false
+SpaceAfterLogicalNot: true
+SpaceAfterTemplateKeyword: true
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeCpp11BracedList: false
+SpaceBeforeCtorInitializerColon: true
+SpaceBeforeInheritanceColon: true
+SpaceBeforeParens: ControlStatements
+SpaceBeforeRangeBasedForLoopColon: true
+SpaceInEmptyParentheses: false
+SpacesBeforeTrailingComments: 1
+SpacesInAngles:  false
+SpacesInContainerLiterals: false
+SpacesInCStyleCastParentheses: false
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+Standard:        Cpp03
+StatementMacros:
+  - Q_UNUSED
+  - QT_REQUIRE_VERSION
+TabWidth:        8
+UseTab:          Never
+...
+

expat/CMakeLists.txt

@@ -175,7 +175,6 @@ if(WIN32)
 endif(WIN32)
 
 set(expat_SRCS
-    lib/loadlibrary.c
     lib/xmlparse.c
     lib/xmlrole.c
     lib/xmltok.c

expat/Changes

@@ -3,17 +3,35 @@ NOTE: We are looking for help with a few things:
       If you can help, please get in touch.  Thanks!
 
 Release x.x.x xxx xxx xx xxxx
+        Bug fixes:
+            #240  Fix cases where XML_StopParser did not have any effect
+                    when called from inside of an end element handler
+
         Other changes:
+            #286  Windows: Remove COM code from xmlwf; in case it turns
+                    out needed later, there will be a dedicated repository
+                    below https://github.com/libexpat/ for that code
        #244 #264  Autotools: Add argument --enable-xml-attr-info
        #244 #264  CMake: Add argument -DXML_ATTR_INFO=ON
             #265  CMake: Fix linking with MinGW
        #239 #277  CMake: Add argument -DUSE_GETRANDOM=(ON|OFF|AUTO)
        #239 #277  CMake: Add argument -DUSE_SYS_GETRANDOM=(ON|OFF|AUTO)
-       #268 #270  Address compiler warnings
+       #299 #302  Windows: Replace LoadLibrary hack to access
+                    unofficial API function SystemFunction036 (RtlGenRandom)
+                    by using official API function rand_s (needs WinXP+)
+             #14  Drop an OpenVMS support leftover
+  #235 #268 #270  Address compiler warnings
+    #282 #283 ..
+       #284 #285  Address cppcheck warnings
+       #294 #295  Address Clang Static Analyzer warnings
+        #24 #293  Mass-apply clang-format 9 (and ensure conformance during CI)
 
         Special thanks to:
+            David Loffredo
             Khajapasha Mohammed
             Kishore Kunche
+            Marco Maggi
+            Rolf Ade
             xantares
 
 Release 2.2.7 Wed June 19 2019

expat/Makefile.am

@@ -100,6 +100,8 @@ EXTRA_DIST = \
     \
     Changes \
     README.md \
+    \
+    fix-xmltest-log.sh \
     test-driver-wrapper.sh
 
 
@@ -144,7 +146,7 @@ run-xmltest: tests/xmlconf
 if WITH_XMLWF
 	$(MAKE) -C xmlwf
 	tests/xmltest.sh "$(PWD)/run.sh $(PWD)/xmlwf/xmlwf@EXEEXT@" 2>&1 | tee tests/xmltest.log
-	dos2unix tests/xmltest.log
+	./fix-xmltest-log.sh tests/xmltest.log
 	diff -u tests/xmltest.log.expected tests/xmltest.log
 else
 	@echo 'ERROR: xmlwf is needed for "make run-xmltest".' >&2

expat/README.md

@@ -1,5 +1,6 @@
 [![Travis CI Build Status](https://travis-ci.org/libexpat/libexpat.svg?branch=master)](https://travis-ci.org/libexpat/libexpat)
 [![AppVeyor Build Status](https://ci.appveyor.com/api/projects/status/github/libexpat/libexpat?svg=true)](https://ci.appveyor.com/project/libexpat/libexpat)
+[![Fuzzit Status](https://app.fuzzit.dev/badge?org_id=libexpat&branch=master)](https://app.fuzzit.dev/admin/hmh0ESFlEs7rAVlKpvZl/dashboard)
 [![Packaging status](https://repology.org/badge/tiny-repos/expat.svg)](https://repology.org/metapackage/expat/versions)
 
 
@@ -125,3 +126,7 @@ information.
 
 A reference manual is available in the file `doc/reference.html` in this
 distribution.
+
+## Fuzzing
+
+More information about libexpat fuzzing can be found in [./expat/tests/fuzz/README.md](./expat/tests/fuzz/README.md)

expat/apply-clang-format.sh

@@ -0,0 +1,51 @@
+#! /usr/bin/env bash
+#                          __  __            _
+#                       ___\ \/ /_ __   __ _| |_
+#                      / _ \\  /| '_ \ / _` | __|
+#                     |  __//  \| |_) | (_| | |_
+#                      \___/_/\_\ .__/ \__,_|\__|
+#                               |_| XML parser
+#
+# Copyright (c) 2019 Expat development team
+# Licensed under the MIT license:
+#
+# Permission is  hereby granted,  free of charge,  to any  person obtaining
+# a  copy  of  this  software   and  associated  documentation  files  (the
+# "Software"),  to  deal in  the  Software  without restriction,  including
+# without  limitation the  rights  to use,  copy,  modify, merge,  publish,
+# distribute, sublicense, and/or sell copies of the Software, and to permit
+# persons  to whom  the Software  is  furnished to  do so,  subject to  the
+# following conditions:
+#
+# The above copyright  notice and this permission notice  shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE  SOFTWARE  IS  PROVIDED  "AS  IS",  WITHOUT  WARRANTY  OF  ANY  KIND,
+# EXPRESS  OR IMPLIED,  INCLUDING  BUT  NOT LIMITED  TO  THE WARRANTIES  OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+# NO EVENT SHALL THE AUTHORS OR  COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+# DAMAGES OR  OTHER LIABILITY, WHETHER  IN AN  ACTION OF CONTRACT,  TORT OR
+# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+set -e
+set -u
+set -o pipefail
+
+expand --tabs=2 --initial lib/siphash.h | sponge lib/siphash.h
+
+find \
+        -name '*.[ch]' \
+        -o -name '*.cpp' \
+        -o -name '*.cxx' \
+        -o -name '*.h.cmake' \
+    | sort \
+    | xargs clang-format -i -style=file -verbose
+
+dos2unix expat_config.h.cmake
+sed \
+        -e 's, @$,@,' \
+        -e 's,#\( \+\)cmakedefine,\1#cmakedefine,' \
+        -i \
+        expat_config.h.cmake
+unix2dos expat_config.h.cmake

expat/clean_coverage.sh

@@ -1,3 +1,9 @@
+#!/usr/bin/env bash
+#
+# Clean source directory after running the coverage script.
+
 rm -r build__*
 rm -r coverage__*
 rm -r source__*
+
+### end of file