[postgis-tickets] r15484 - Commit Fuzzers for liblwgeom wkb OSS FUZZ testing
Regina Obe
lr at pcorp.us
Mon Jul 10 13:06:12 PDT 2017
Author: robe
Date: 2017-07-10 13:06:12 -0700 (Mon, 10 Jul 2017)
New Revision: 15484
Added:
trunk/fuzzers/
trunk/fuzzers/Makefile
trunk/fuzzers/README.TXT
trunk/fuzzers/build_google_oss_fuzzers.sh
trunk/fuzzers/build_seed_corpus.sh
trunk/fuzzers/fuzzingengine.c
trunk/fuzzers/wkb_import_fuzzer.cpp
trunk/fuzzers/wkb_import_fuzzer.options
trunk/fuzzers/wkt_import_fuzzer.cpp
trunk/fuzzers/wkt_import_fuzzer.dict
trunk/fuzzers/wkt_import_fuzzer.options
Log:
Commit Fuzzers for liblwgeom wkb OSS FUZZ testing
Fuzzers contributed by Even Rouault
References #3783 for PostGIS 2.4 (trunk)
Added: trunk/fuzzers/Makefile
===================================================================
--- trunk/fuzzers/Makefile (rev 0)
+++ trunk/fuzzers/Makefile 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,10 @@
+clean:
+ $(RM) -f *.o *.a
+
+fuzzingengine.o: fuzzingengine.c
+ $(CC) $(CFLAGS) -c -o $@ $<
+
+dummyfuzzers: fuzzingengine.o
+ $(AR) r libFuzzingEngine.a fuzzingengine.o
+ CXX="${CXX}" CXXFLAGS="-L. ${CXXFLAGS}" SRC=/tmp OUT=/tmp ./build_google_oss_fuzzers.sh
+ OUT=/tmp ./build_seed_corpus.sh
Added: trunk/fuzzers/README.TXT
===================================================================
--- trunk/fuzzers/README.TXT (rev 0)
+++ trunk/fuzzers/README.TXT 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,38 @@
+This directory contain fuzzer main functions and scripts for the
+Google OSS Fuzz project: https://github.com/google/oss-fuzz/
+
+The main build scripts are in:
+https://github.com/google/oss-fuzz/tree/master/projects/postgis
+and call scripts in this directory.
+
+The list of issues is in:
+https://bugs.chromium.org/p/oss-fuzz/issues/list?q=postgis
+
+- Simulate the build of (dummy) fuzzers like OSS Fuzz does:
+ $ make dummyfuzzers
+ They are created in /tmp/*_fuzzer as well as with the
+ /tmp/*_fuzzer_seed_corpus.zip files
+
+ Run one:
+ $ /tmp/wkt_import_fuzzer a_file_name
+
+- Run locally OSS Fuzz:
+ $ git clone https://github.com/google/oss-fuzz.git
+ $ cd oss-fuzz
+ $ python infra/helper.py build_image postgis
+
+ Build fuzzers with the address sanitizer (could use undefined, etc...)
+ $ python infra/helper.py build_fuzzers --sanitizer address postgis
+
+ Test a particular fuzzer (replace wkt_import_fuzzer by other fuzzers
+ like the ones generated in /tmp by "make dummyfuzzers")
+ $ python infra/helper.py run_fuzzer postgis wkt_import_fuzzer
+
+
+How to deal with issues reported in https://bugs.chromium.org/p/oss-fuzz/issues/list?q=postgis ?
+
+ 1. Leave a comment in (chromium database) bug entry to indicate that you work on it
+ 2. Work
+ 3. Commit a bug fix with log including "Credit to OSS-Fuzz" and a link to the bugs.chromium.org ticket
+ 4. Add in the bugs.chromium.org ticket a link to the Trac changeset implementing the fix.
+ 5. Check chromium closed the bug (after one or two days typically)
Added: trunk/fuzzers/build_google_oss_fuzzers.sh
===================================================================
--- trunk/fuzzers/build_google_oss_fuzzers.sh (rev 0)
+++ trunk/fuzzers/build_google_oss_fuzzers.sh 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+set -e
+
+if [ "$SRC" == "" ]; then
+ echo "SRC env var not defined"
+ exit 1
+fi
+
+if [ "$OUT" == "" ]; then
+ echo "OUT env var not defined"
+ exit 1
+fi
+
+if [ "$CXX" == "" ]; then
+ echo "CXX env var not defined"
+ exit 1
+fi
+
+SRC_DIR=$(dirname $0)/..
+
+build_fuzzer()
+{
+ fuzzerName=$1
+ sourceFilename=$2
+ shift
+ shift
+ echo "Building fuzzer $fuzzerName"
+ $CXX $CXXFLAGS -std=c++11 -I$SRC_DIR/liblwgeom \
+ $sourceFilename $* -o $OUT/$fuzzerName \
+ -lFuzzingEngine -lstdc++ $SRC_DIR/liblwgeom/.libs/liblwgeom.a
+}
+
+fuzzerFiles=$(dirname $0)/*.cpp
+for F in $fuzzerFiles; do
+ fuzzerName=$(basename $F .cpp)
+ build_fuzzer $fuzzerName $F
+done
+
+cp $(dirname $0)/*.dict $(dirname $0)/*.options $OUT/
\ No newline at end of file
Added: trunk/fuzzers/build_seed_corpus.sh
===================================================================
--- trunk/fuzzers/build_seed_corpus.sh (rev 0)
+++ trunk/fuzzers/build_seed_corpus.sh 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -e
+
+if [ "$OUT" == "" ]; then
+ echo "OUT env var not defined"
+ exit 1
+fi
+
+# Nothing for now
Added: trunk/fuzzers/fuzzingengine.c
===================================================================
--- trunk/fuzzers/fuzzingengine.c (rev 0)
+++ trunk/fuzzers/fuzzingengine.c 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,69 @@
+/******************************************************************************
+ *
+ * Project: GDAL
+ * Purpose: Fuzzer
+ * Author: Even Rouault, even.rouault at spatialys.com
+ *
+ ******************************************************************************
+ * Copyright (c) 2017, Even Rouault <even.rouault at spatialys.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ ****************************************************************************/
+
+#include <stdlib.h>
+#include <stdio.h>
+
+int LLVMFuzzerTestOneInput(void *buf, size_t len);
+int LLVMFuzzerInitialize(int* argc, char*** argv);
+
+int main(int argc, char* argv[])
+{
+ LLVMFuzzerInitialize(&argc, &argv);
+ if( argc < 2 )
+ {
+ return LLVMFuzzerTestOneInput(" ", 1);
+ }
+ else
+ {
+ int nRet = 0;
+ void* buf = NULL;
+ int nLen = 0;
+ FILE* f = fopen(argv[1], "rb");
+ if( !f )
+ {
+ fprintf(stderr, "%s does not exist.\n", argv[1]);
+ exit(1);
+ }
+ fseek(f, 0, SEEK_END);
+ nLen = (int)ftell(f);
+ fseek(f, 0, SEEK_SET);
+ buf = malloc(nLen);
+ if( !buf )
+ {
+ fprintf(stderr, "malloc failed.\n");
+ fclose(f);
+ exit(1);
+ }
+ fread(buf, nLen, 1, f);
+ fclose(f);
+ nRet = LLVMFuzzerTestOneInput(buf, nLen);
+ free(buf);
+ return nRet;
+ }
+}
Added: trunk/fuzzers/wkb_import_fuzzer.cpp
===================================================================
--- trunk/fuzzers/wkb_import_fuzzer.cpp (rev 0)
+++ trunk/fuzzers/wkb_import_fuzzer.cpp 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,199 @@
+/******************************************************************************
+ *
+ * Project: PostGIS
+ * Purpose: Fuzzer
+ * Author: Even Rouault, even.rouault at spatialys.com
+ *
+ ******************************************************************************
+ * Copyright (c) 2017, Even Rouault <even.rouault at spatialys.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ ****************************************************************************/
+
+#include <assert.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+
+#include <set>
+
+extern "C"
+{
+#include "liblwgeom.h"
+
+void GEOSCoordSeq_destroy() { assert(0); }
+void GEOSClipByRect() { assert(0); }
+void GEOSUnion() { assert(0); }
+void GEOSCoordSeq_getDimensions() { assert(0); }
+void GEOSPreparedCovers() { assert(0); }
+void GEOSPreparedContains() { assert(0); }
+void GEOSSymDifference() { assert(0); }
+void GEOSUnionCascaded() { assert(0); }
+void GEOSGetExteriorRing() { assert(0); }
+void GEOSCoordSeq_setX() { assert(0); }
+void GEOSGeom_createLineString() { assert(0); }
+void GEOSCoordSeq_getY() { assert(0); }
+void GEOSEquals() { assert(0); }
+void GEOSRelatePatternMatch() { assert(0); }
+void GEOSGeom_createCollection() { assert(0); }
+void GEOSGeom_extractUniquePoints() { assert(0); }
+void GEOSNormalize() { assert(0); }
+void GEOSVoronoiDiagram() { assert(0); }
+void GEOSArea() { assert(0); }
+void GEOSLineMerge() { assert(0); }
+void GEOSGeom_createPolygon() { assert(0); }
+void GEOSGetCentroid() { assert(0); }
+void GEOSCoordSeq_create() { assert(0); }
+void GEOSFree() { assert(0); }
+void initGEOS() { assert(0); }
+void GEOSIntersection() { assert(0); }
+void GEOSEnvelope() { assert(0); }
+void GEOSGetGeometryN() { assert(0); }
+void GEOSSTRtree_insert() { assert(0); }
+void GEOSGeomTypeId() { assert(0); }
+void GEOSBoundary() { assert(0); }
+void GEOSversion() { assert(0); }
+void GEOSGetInteriorRingN() { assert(0); }
+void GEOSCoordSeq_setY() { assert(0); }
+void GEOSGetSRID() { assert(0); }
+void GEOSGeom_destroy() { assert(0); }
+void GEOSGeom_createEmptyPolygon() { assert(0); }
+void GEOSPolygonize() { assert(0); }
+void GEOSCoordSeq_getX() { assert(0); }
+void GEOSSharedPaths() { assert(0); }
+void GEOSSTRtree_create() { assert(0); }
+void GEOSGeom_clone() { assert(0); }
+void GEOSRelateBoundaryNodeRule() { assert(0); }
+void GEOSSnap() { assert(0); }
+void GEOSRelatePattern() { assert(0); }
+void GEOSSetSRID() { assert(0); }
+void GEOSisValid() { assert(0); }
+void GEOSContains() { assert(0); }
+void GEOSPreparedGeom_destroy() { assert(0); }
+void GEOSCoordSeq_setZ() { assert(0); }
+void GEOSOffsetCurve() { assert(0); }
+void GEOSUnaryUnion() { assert(0); }
+void GEOSPrepare() { assert(0); }
+void GEOSCoordSeq_getSize() { assert(0); }
+void GEOSGetNumInteriorRings() { assert(0); }
+void GEOSGetNumGeometries() { assert(0); }
+void GEOSisSimple() { assert(0); }
+void GEOSDifference() { assert(0); }
+void GEOSPreparedIntersects() { assert(0); }
+void GEOSisEmpty() { assert(0); }
+void GEOSPointOnSurface() { assert(0); }
+void GEOSSTRtree_query() { assert(0); }
+void GEOSGeom_createPoint() { assert(0); }
+void GEOSSTRtree_destroy() { assert(0); }
+void GEOSIntersects() { assert(0); }
+void GEOSHasZ() { assert(0); }
+void GEOSGeom_getCoordSeq() { assert(0); }
+void GEOSCoordSeq_getZ() { assert(0); }
+void GEOSGeom_createLinearRing() { assert(0); }
+void GEOSGeomType() { assert(0); }
+void GEOSDelaunayTriangulation() { assert(0); }
+
+void geod_init() { assert(0); }
+void geod_inverse() { assert(0); }
+void geod_direct() { assert(0); }
+void geod_polygon_init() { assert(0); }
+void geod_polygon_addpoint() { assert(0); }
+void geod_polygon_compute() { assert(0); }
+
+}
+
+extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv);
+
+// Keep active heap allocated memory corresponding to returns of allocator()
+// and reallocator()
+std::set<void*> oSetPointers;
+jmp_buf jmpBuf;
+
+extern "C"
+{
+ static void *
+ allocator(size_t size)
+ {
+ void *mem = malloc(size);
+ oSetPointers.insert(mem);
+ return mem;
+ }
+
+ static void
+ freeor(void *mem)
+ {
+ oSetPointers.erase(mem);
+ free(mem);
+ }
+
+ static void *
+ reallocator(void *mem, size_t size)
+ {
+ oSetPointers.erase(mem);
+ void *ret = realloc(mem, size);
+ oSetPointers.insert(ret);
+ return ret;
+ }
+
+ static void
+ noticereporter(const char *, va_list )
+ {
+ }
+
+ static void
+ errorreporter(const char *, va_list )
+ {
+ // Cleanup any heap-allocated memory still active
+ for(std::set<void*>::iterator oIter = oSetPointers.begin();
+ oIter != oSetPointers.end(); ++oIter )
+ {
+ free(*oIter);
+ }
+ oSetPointers.clear();
+ // Abort everything to jump to setjmp() call
+ longjmp(jmpBuf, 1);
+ }
+
+ static void
+ debuglogger(int, const char *, va_list)
+ {
+ }
+
+}
+
+int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/)
+{
+ lwgeom_set_handlers(allocator, reallocator, freeor, errorreporter, noticereporter);
+ lwgeom_set_debuglogger(debuglogger);
+ return 0;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len);
+
+int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len)
+{
+ if( setjmp(jmpBuf) )
+ return 0;
+ LWGEOM* lwgeom = lwgeom_from_wkb(buf, len, LW_PARSER_CHECK_NONE);
+ lwgeom_free(lwgeom);
+ //assert( oSetPointers.empty() );
+ return 0;
+}
Added: trunk/fuzzers/wkb_import_fuzzer.options
===================================================================
--- trunk/fuzzers/wkb_import_fuzzer.options (rev 0)
+++ trunk/fuzzers/wkb_import_fuzzer.options 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 100000
Added: trunk/fuzzers/wkt_import_fuzzer.cpp
===================================================================
--- trunk/fuzzers/wkt_import_fuzzer.cpp (rev 0)
+++ trunk/fuzzers/wkt_import_fuzzer.cpp 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,204 @@
+/******************************************************************************
+ *
+ * Project: PostGIS
+ * Purpose: Fuzzer
+ * Author: Even Rouault, even.rouault at spatialys.com
+ *
+ ******************************************************************************
+ * Copyright (c) 2017, Even Rouault <even.rouault at spatialys.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ ****************************************************************************/
+
+#include <assert.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+
+#include <set>
+
+extern "C"
+{
+#include "liblwgeom.h"
+
+void GEOSCoordSeq_destroy() { assert(0); }
+void GEOSClipByRect() { assert(0); }
+void GEOSUnion() { assert(0); }
+void GEOSCoordSeq_getDimensions() { assert(0); }
+void GEOSPreparedCovers() { assert(0); }
+void GEOSPreparedContains() { assert(0); }
+void GEOSSymDifference() { assert(0); }
+void GEOSUnionCascaded() { assert(0); }
+void GEOSGetExteriorRing() { assert(0); }
+void GEOSCoordSeq_setX() { assert(0); }
+void GEOSGeom_createLineString() { assert(0); }
+void GEOSCoordSeq_getY() { assert(0); }
+void GEOSEquals() { assert(0); }
+void GEOSRelatePatternMatch() { assert(0); }
+void GEOSGeom_createCollection() { assert(0); }
+void GEOSGeom_extractUniquePoints() { assert(0); }
+void GEOSNormalize() { assert(0); }
+void GEOSVoronoiDiagram() { assert(0); }
+void GEOSArea() { assert(0); }
+void GEOSLineMerge() { assert(0); }
+void GEOSGeom_createPolygon() { assert(0); }
+void GEOSGetCentroid() { assert(0); }
+void GEOSCoordSeq_create() { assert(0); }
+void GEOSFree() { assert(0); }
+void initGEOS() { assert(0); }
+void GEOSIntersection() { assert(0); }
+void GEOSEnvelope() { assert(0); }
+void GEOSGetGeometryN() { assert(0); }
+void GEOSSTRtree_insert() { assert(0); }
+void GEOSGeomTypeId() { assert(0); }
+void GEOSBoundary() { assert(0); }
+void GEOSversion() { assert(0); }
+void GEOSGetInteriorRingN() { assert(0); }
+void GEOSCoordSeq_setY() { assert(0); }
+void GEOSGetSRID() { assert(0); }
+void GEOSGeom_destroy() { assert(0); }
+void GEOSGeom_createEmptyPolygon() { assert(0); }
+void GEOSPolygonize() { assert(0); }
+void GEOSCoordSeq_getX() { assert(0); }
+void GEOSSharedPaths() { assert(0); }
+void GEOSSTRtree_create() { assert(0); }
+void GEOSGeom_clone() { assert(0); }
+void GEOSRelateBoundaryNodeRule() { assert(0); }
+void GEOSSnap() { assert(0); }
+void GEOSRelatePattern() { assert(0); }
+void GEOSSetSRID() { assert(0); }
+void GEOSisValid() { assert(0); }
+void GEOSContains() { assert(0); }
+void GEOSPreparedGeom_destroy() { assert(0); }
+void GEOSCoordSeq_setZ() { assert(0); }
+void GEOSOffsetCurve() { assert(0); }
+void GEOSUnaryUnion() { assert(0); }
+void GEOSPrepare() { assert(0); }
+void GEOSCoordSeq_getSize() { assert(0); }
+void GEOSGetNumInteriorRings() { assert(0); }
+void GEOSGetNumGeometries() { assert(0); }
+void GEOSisSimple() { assert(0); }
+void GEOSDifference() { assert(0); }
+void GEOSPreparedIntersects() { assert(0); }
+void GEOSisEmpty() { assert(0); }
+void GEOSPointOnSurface() { assert(0); }
+void GEOSSTRtree_query() { assert(0); }
+void GEOSGeom_createPoint() { assert(0); }
+void GEOSSTRtree_destroy() { assert(0); }
+void GEOSIntersects() { assert(0); }
+void GEOSHasZ() { assert(0); }
+void GEOSGeom_getCoordSeq() { assert(0); }
+void GEOSCoordSeq_getZ() { assert(0); }
+void GEOSGeom_createLinearRing() { assert(0); }
+void GEOSGeomType() { assert(0); }
+void GEOSDelaunayTriangulation() { assert(0); }
+
+void geod_init() { assert(0); }
+void geod_inverse() { assert(0); }
+void geod_direct() { assert(0); }
+void geod_polygon_init() { assert(0); }
+void geod_polygon_addpoint() { assert(0); }
+void geod_polygon_compute() { assert(0); }
+
+}
+
+extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv);
+
+// Keep active heap allocated memory corresponding to returns of allocator()
+// and reallocator()
+std::set<void*> oSetPointers;
+jmp_buf jmpBuf;
+
+extern "C"
+{
+ static void *
+ allocator(size_t size)
+ {
+ void *mem = malloc(size);
+ oSetPointers.insert(mem);
+ return mem;
+ }
+
+ static void
+ freeor(void *mem)
+ {
+ oSetPointers.erase(mem);
+ free(mem);
+ }
+
+ static void *
+ reallocator(void *mem, size_t size)
+ {
+ oSetPointers.erase(mem);
+ void *ret = realloc(mem, size);
+ oSetPointers.insert(ret);
+ return ret;
+ }
+
+ static void
+ noticereporter(const char *, va_list )
+ {
+ }
+
+ static void
+ errorreporter(const char *, va_list )
+ {
+ // Cleanup any heap-allocated memory still active
+ for(std::set<void*>::iterator oIter = oSetPointers.begin();
+ oIter != oSetPointers.end(); ++oIter )
+ {
+ free(*oIter);
+ }
+ oSetPointers.clear();
+ // Abort everything to jump to setjmp() call
+ longjmp(jmpBuf, 1);
+ }
+
+ static void
+ debuglogger(int, const char *, va_list)
+ {
+ }
+
+}
+
+int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/)
+{
+ lwgeom_set_handlers(allocator, reallocator, freeor, errorreporter, noticereporter);
+ lwgeom_set_debuglogger(debuglogger);
+ return 0;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len);
+
+int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len)
+{
+ char* pszWKT = static_cast<char*>(malloc( len + 1 ));
+ memcpy(pszWKT, buf, len);
+ pszWKT[len] = '\0';
+ if( !setjmp(jmpBuf) )
+ {
+ LWGEOM* lwgeom = lwgeom_from_wkt(pszWKT, LW_PARSER_CHECK_NONE);
+ lwgeom_free(lwgeom);
+ //assert( oSetPointers.empty() );
+ }
+ free(pszWKT);
+ return 0;
+}
Added: trunk/fuzzers/wkt_import_fuzzer.dict
===================================================================
--- trunk/fuzzers/wkt_import_fuzzer.dict (rev 0)
+++ trunk/fuzzers/wkt_import_fuzzer.dict 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,25 @@
+(
+)
+,
+0 0
+0 0 0
+0 0 0 0
+POINT
+LINESTRING
+POLYGON
+MULTIPOINT
+MULTILINESTRING
+MULTIPOLYGON
+GEOMETRYCOLLECTION
+CURVEPOLYGON
+CIRCULARSTRING
+COMPOUNDCURVE
+MULTICURVE
+MULTISURFACE
+TIN
+TRIANGLE
+POLYHEDRALSURFACE
+EMPTY
+space=" "
+Z
+M
Added: trunk/fuzzers/wkt_import_fuzzer.options
===================================================================
--- trunk/fuzzers/wkt_import_fuzzer.options (rev 0)
+++ trunk/fuzzers/wkt_import_fuzzer.options 2017-07-10 20:06:12 UTC (rev 15484)
@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 100000
More information about the postgis-tickets
mailing list