From e2c77bab89f9ac7d55b52697589feaf9afcf6c07 Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Sat, 15 Jun 2019 11:20:55 -0400 Subject: [PATCH] Populate seed corpus --- .gitignore | 1 + fuzz/build.mk | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++- fuzz/get_sha1 | 9 +++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 fuzz/get_sha1 diff --git a/.gitignore b/.gitignore index 720eadcf..5c7f7fed 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ manual/html.xsl manual/print.xsl qpdf/build/ zlib-flate/build/ +fuzz/qpdf_fuzzer_seed_corpus/ diff --git a/fuzz/build.mk b/fuzz/build.mk index 1ecdac9b..5e95ada6 100644 --- a/fuzz/build.mk +++ b/fuzz/build.mk @@ -9,7 +9,7 @@ DEFAULT_FUZZ_RUNNER := standalone_fuzz_target_runner OBJ_DEFAULT_FUZZ := fuzz/$(OUTPUT_DIR)/$(DEFAULT_FUZZ_RUNNER).$(OBJ) BINS_fuzz = $(foreach B,$(FUZZERS),fuzz/$(OUTPUT_DIR)/$(call binname,$(B))) -TARGETS_fuzz = $(OBJ_DEFAULT_FUZZ) $(BINS_fuzz) +TARGETS_fuzz = $(OBJ_DEFAULT_FUZZ) $(BINS_fuzz) fuzz_corpus INCLUDES_fuzz = include @@ -21,8 +21,58 @@ LIB_FUZZING_ENGINE ?= $(OBJ_DEFAULT_FUZZ) # by oss-fuzz, it will be there. $(BINS_fuzz): $(TARGETS_libqpdf) $(OBJ_DEFAULT_FUZZ) +# Files from the test suite that are good for seeding the fuzzer. +# Update $n_test_files in qtest/fuzz.test if you change this list. +SEED_CORPUS_FILES = \ + field-types.pdf \ + image-streams.pdf \ + need-appearances.pdf \ + outlines-with-actions.pdf \ + outlines-with-old-root-dests.pdf \ + page-labels-and-outlines.pdf \ + page-labels-num-tree.pdf \ + issue-99b.pdf \ + issue-99.pdf \ + issue-100.pdf \ + issue-101.pdf \ + issue-106.pdf \ + issue-117.pdf \ + issue-119.pdf \ + issue-120.pdf \ + issue-141a.pdf \ + issue-141b.pdf \ + issue-143.pdf \ + issue-146.pdf \ + issue-147.pdf \ + issue-148.pdf \ + issue-149.pdf \ + issue-150.pdf \ + issue-202.pdf \ + issue-263.pdf \ + issue-335a.pdf \ + issue-335b.pdf + # ----- +CORPUS_FROM_TEST := $(foreach F,$(SEED_CORPUS_FILES),qpdf/qtest/qpdf/$F) +CORPUS_DIR := fuzz/qpdf_fuzzer_seed_corpus + +.PHONY: fuzz_corpus +fuzz_corpus:: fuzz/$(OUTPUT_DIR)/fuzz_corpus.stamp +$(foreach F,$(CORPUS_FROM_TEST),$(eval \ + SHA1_$(notdir $(F)) := $(shell perl fuzz/get_sha1 < $F))) +$(foreach F,$(CORPUS_FROM_TEST),$(eval \ + fuzz_corpus:: $(CORPUS_DIR)/$(SHA1_$(notdir $(F))))) +$(foreach F,$(CORPUS_FROM_TEST),$(eval \ + $(CORPUS_DIR)/$(SHA1_$(notdir $(F))): $(F) ; \ + mkdir -p $(CORPUS_DIR); \ + cp $(F) $(CORPUS_DIR)/$(SHA1_$(notdir $(F))))) + +fuzz/$(OUTPUT_DIR)/fuzz_corpus.stamp: fuzz/original-corpus.tar.gz $(CORPUS_FROM_TEST) + mkdir -p $(CORPUS_DIR) + (cd $(CORPUS_DIR); tar xzf ../original-corpus.tar.gz) + touch $@ + $(foreach B,$(FUZZERS),$(eval \ OBJS_$(B) = $(call src_to_obj,fuzz/$(B).cc))) diff --git a/fuzz/get_sha1 b/fuzz/get_sha1 new file mode 100644 index 00000000..4bc34fb6 --- /dev/null +++ b/fuzz/get_sha1 @@ -0,0 +1,9 @@ +#!/usr/bin/env perl +require 5.008; +use warnings; +use strict; +use Digest::SHA; + +binmode STDIN; +my $digest = Digest::SHA->new('sha1')->addfile(*STDIN)->hexdigest; +print "$digest\n";