Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend fuzzing set up #2952

Merged
merged 3 commits into from
Nov 28, 2023
Merged

Extend fuzzing set up #2952

merged 3 commits into from
Nov 28, 2023

Conversation

DavidKorczynski
Copy link
Contributor

@DavidKorczynski DavidKorczynski commented Nov 27, 2023
edited
Loading

Adds a parse function in jv_parse.c that enables parsing using custom flags for the parser. This is then used by two fuzzers added as well.

This is to make sure fuzzing hits various code parts currently not fuzzed, e.g. stream_token:
https://storage.googleapis.com/oss-fuzz-coverage/jq/reports/20231125/linux/src/jq/src/jv_parse.c.html#L241

@DavidKorczynski
Extend fuzzing set up
aa65fbf 
Adds a parse function ins `jv_parse.c` that enables parsing using custom
flags for the parser. This is then used by two fuzzers added as well.

This is to make sure fuzzing hits various code parts currently not
fuzzed, e.g. `stream_token`:
https://storage.googleapis.com/oss-fuzz-coverage/jq/reports/20231125/linux/src/jq/src/jv_parse.c.html#L241

Signed-off-by: David Korczynski <david@adalogics.com>
@DavidKorczynski
Copy link
Contributor Author

Am not sure if adding jv_parse_custom_flags is too intrusive: if so, then I could wrap it in a macro that is only present for fuzzing builds?

@emanuele6
Copy link
Member

I think it's ok to add a new function, but maybe make jv_parse_sized a wrapper that calls jv_parse_sized_custom_flags with 0 as flags to avoid duplication.

Thank you for adding more fuzzing!

PS: Could you also add a fuzzer for jv_dump functions (jv => JSON serialisation)?

@DavidKorczynski
test: add jv_dump to extended fuzzer
aa07438 
Signed-off-by: David Korczynski <david@adalogics.com>
@DavidKorczynski
jv_parse: refactor jv_parse_sized
9fc9284 
Signed-off-by: David Korczynski <david@adalogics.com>
@DavidKorczynski
Copy link
Contributor Author

maybe make jv_parse_sized a wrapper that calls jv_parse_sized_custom_flags with 0 as flags to avoid duplication.

Done!

PS: Could you also add a fuzzer for jv_dump functions (jv => JSON serialisation)?

Added!

Once this is landed I'll add the new fuzzers to https://github.com/google/oss-fuzz/blob/master/projects/jq/build.sh

@emanuele6 emanuele6 merged commit 4570c23 into jqlang:master Nov 28, 2023
28 checks passed
@emanuele6
Copy link
Member

Thank you!

@emanuele6 emanuele6 mentioned this pull request Nov 28, 2023
Merged
emanuele6 added a commit to emanuele6/jq-1 that referenced this pull request Nov 28, 2023
@emanuele6
jq_fuzz_parse_extended.c: don't jv_free() twice
f4bb965 
jv_dump() frees its argument.

I missed this problem before merging jqlang#2952, whoops! =)

fixup from eb3b565
emanuele6 added a commit that referenced this pull request Nov 28, 2023
@emanuele6
jq_fuzz_parse_extended.c: don't jv_free() twice
460a5c1 
jv_dump() frees its argument.

I missed this problem before merging #2952, whoops! =)

fixup from eb3b565
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
libjq test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DavidKorczynski @emanuele6