Mayhem

.github/workflows/mayhem.yml

@@ -0,0 +1,58 @@
+name: Mayhem
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    name: '${{ matrix.os }} shared=${{ matrix.shared }} ${{ matrix.build_type }}'
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        shared: [false]
+        build_type: [Release]
+        include:
+          - os: ubuntu-latest
+            triplet: x64-linux
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Start analysis
+        uses: ForAllSecure/mcode-action@v1
+        with:
+          mayhem-token: ${{ secrets.MAYHEM_TOKEN }}
+          args: --image ${{ steps.meta.outputs.tags }}
+          sarif-output: sarif
+
+      - name: Upload SARIF file(s)
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: sarif

CMakeLists.txt

@@ -0,0 +1,11 @@
+cmake_minimum_required(VERSION 3.16)
+project(printf-4.0.0)
+
+add_executable(printf printf.c)
+
+if (NOT CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+    message(FATAL_ERROR "Clang is required for libFuzzer!")
+endif()
+target_compile_options(printf PUBLIC -fsanitize=fuzzer)
+target_link_options(printf PUBLIC -fsanitize=fuzzer)
+

Dockerfile

@@ -0,0 +1,22 @@
+# Build Stage
+FROM --platform=linux/amd64 ubuntu:20.04 as builder
+
+## Install build dependencies.
+RUN apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get install -y cmake clang
+
+## Add source code to the build stage.
+ADD . /printf
+WORKDIR /printf
+
+## TODO: ADD YOUR BUILD INSTRUCTIONS HERE.
+WORKDIR /printf/build 
+RUN CC=clang CXX=clang++ cmake ..
+RUN make
+
+#Package Stage
+FROM --platform=linux/amd64 ubuntu:20.04
+
+## TODO: Change <Path in Builder Stage>
+COPY --from=builder /printf/build/printf /
+

Mayhemfile

@@ -0,0 +1,5 @@
+project: jacob-clemente/printf
+target: printf
+
+cmds:
+  - cmd: /printf

printf.c

@@ -118,6 +118,8 @@
 #endif
 
 
+#include <stdio.h>
+
 // output function type
 typedef void (*out_fct_type)(char character, void* buffer, size_t idx, size_t maxlen);
 
@@ -912,3 +914,12 @@ int fctprintf(void (*out)(char character, void* arg), void* arg, const char* for
   va_end(va);
   return ret;
 }
+
+void _putchar(char character) {
+	putchar(character);
+}
+
+int LLVMFuzzerTestOneInput(char* data, size_t size) {
+	printf_(data);
+	return 0;
+}