Skip to content

Commit 3670701

Browse files
authored
Merge pull request #21 from StephanKa/feature/add-fuzzing-example
Added fuzzing
2 parents e232644 + 9fec3bf commit 3670701

4 files changed

Lines changed: 161 additions & 17 deletions

File tree

.github/workflows/build_cmake.yml

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -187,3 +187,51 @@ jobs:
187187
- name: Build
188188
shell: bash
189189
run: cmake --build --preset build-gcc-arm-${{ matrix.buildtype }}
190+
191+
linux-fuzzing:
192+
name: ${{ matrix.os }}, ${{ matrix.compiler.name }}, libFuzzer, ${{ matrix.buildtype }}
193+
runs-on: ${{ matrix.os }}
194+
strategy:
195+
fail-fast: false # 'false' means Don't stop matrix workflows even if some matrix entry fails.
196+
matrix:
197+
os: [ubuntu-22.04]
198+
buildtype: [debug]
199+
compiler: [ {name: 'Clang 12', preset: clang-12, pkgs: 'clang-12 llvm-12'},
200+
{name: 'Clang 13', preset: clang-13, pkgs: 'clang-13 llvm-13'},
201+
{name: 'Clang 14', preset: clang-14, pkgs: 'clang-14 llvm-14'},
202+
{name: 'Clang 15', preset: clang-15, pkgs: 'clang-15 llvm-15'}
203+
]
204+
205+
steps:
206+
- uses: actions/checkout@v3
207+
208+
- name: Cache
209+
uses: actions/cache@v3
210+
env:
211+
cache-name: cache-conan-modules
212+
with:
213+
path: |
214+
${{ env.CONAN_USER_HOME }}
215+
~/.cache/pip
216+
key: ${{ runner.os }}-${{ env.BUILD_TYPE }}-${{ hashFiles('CMakeLists.txt') }}-${{ hashFiles('cmake/Conan.cmake') }}
217+
218+
- name: Install conan
219+
shell: bash
220+
run: |
221+
python3 -m pip install --upgrade pip setuptools conan==1.59
222+
source ~/.profile
223+
224+
- name: Install dependencies
225+
run: |
226+
sudo bash -c "$(wget -O - https://apt.llvm.org/llvm.sh)"
227+
sudo apt update
228+
sudo apt install ninja-build ${{ matrix.compiler.pkgs }}
229+
shell: bash
230+
231+
- name: Configure via CMake
232+
shell: bash
233+
run: cmake --preset unixlike-${{ matrix.compiler.preset }}-${{ matrix.buildtype }}
234+
235+
- name: Build
236+
shell: bash
237+
run: cmake --build --preset build-unixlike-${{ matrix.compiler.preset }}-${{ matrix.buildtype }}

CMakePresets.json

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,22 @@
5353
}
5454
}
5555
},
56+
{
57+
"name": "common-fuzzing-conf",
58+
"hidden": true,
59+
"description": "Clang 15 fuzzer test",
60+
"binaryDir": "${sourceDir}/out/build/${presetName}",
61+
"installDir": "${sourceDir}/out/install/${presetName}",
62+
"cacheVariables": {
63+
"CMAKE_BUILD_TYPE": "Debug",
64+
"ENABLE_COVERAGE": "ON",
65+
"ENABLE_SANITIZER_ADDRESS": "ON",
66+
"ENABLE_SANITIZER_LEAK": "ON",
67+
"ENABLE_SANITIZER_UNDEFINED_BEHAVIOR": "ON",
68+
"ENABLE_SANITIZER_MEMORY": "OFF",
69+
"ENABLE_FUZZING": "ON"
70+
}
71+
},
5672
{
5773
"name": "windows-2019-msvc-debug",
5874
"generator": "Visual Studio 16 2019",
@@ -350,6 +366,42 @@
350366
"CMAKE_TRY_COMPILE_TARGET_TYPE": "STATIC_LIBRARY",
351367
"CMAKE_CROSSCOMPILING": "TRUE"
352368
}
369+
},
370+
{
371+
"name": "clang-12-fuzzing",
372+
"description": "Clang 12 fuzzer test",
373+
"inherits": "common-fuzzing-conf",
374+
"cacheVariables": {
375+
"CMAKE_C_COMPILER": "clang-12",
376+
"CMAKE_CXX_COMPILER": "clang++-12"
377+
}
378+
},
379+
{
380+
"name": "clang-13-fuzzing",
381+
"description": "Clang 13 fuzzer test",
382+
"inherits": "common-fuzzing-conf",
383+
"cacheVariables": {
384+
"CMAKE_C_COMPILER": "clang-13",
385+
"CMAKE_CXX_COMPILER": "clang++-13"
386+
}
387+
},
388+
{
389+
"name": "clang-14-fuzzing",
390+
"description": "Clang 14 fuzzer test",
391+
"inherits": "common-fuzzing-conf",
392+
"cacheVariables": {
393+
"CMAKE_C_COMPILER": "clang-14",
394+
"CMAKE_CXX_COMPILER": "clang++-14"
395+
}
396+
},
397+
{
398+
"name": "clang-15-fuzzing",
399+
"description": "Clang 15 fuzzer test",
400+
"inherits": "common-fuzzing-conf",
401+
"cacheVariables": {
402+
"CMAKE_C_COMPILER": "clang-15",
403+
"CMAKE_CXX_COMPILER": "clang++-15"
404+
}
353405
}
354406
],
355407
"buildPresets": [
@@ -444,6 +496,22 @@
444496
{
445497
"name": "build-gcc-arm-release",
446498
"configurePreset": "gcc-arm-release"
499+
},
500+
{
501+
"name": "build-clang-12-fuzzing",
502+
"configurePreset": "clang-12-fuzzing"
503+
},
504+
{
505+
"name": "build-clang-13-fuzzing",
506+
"configurePreset": "clang-13-fuzzing"
507+
},
508+
{
509+
"name": "build-clang-14-fuzzing",
510+
"configurePreset": "clang-14-fuzzing"
511+
},
512+
{
513+
"name": "build-clang-15-fuzzing",
514+
"configurePreset": "clang-15-fuzzing"
447515
}
448516
],
449517
"testPresets": [
@@ -612,6 +680,34 @@
612680
"inherits": "test-common",
613681
"configuration": "Release",
614682
"configurePreset": "win32-gcc-x64-mingw-release"
683+
},
684+
{
685+
"name": "test-clang-12-fuzzing",
686+
"displayName": "Strict",
687+
"description": "Enable output and stop on failure",
688+
"inherits": "test-common",
689+
"configurePreset": "clang-12-fuzzing"
690+
},
691+
{
692+
"name": "test-clang-13-fuzzing",
693+
"displayName": "Strict",
694+
"description": "Enable output and stop on failure",
695+
"inherits": "test-common",
696+
"configurePreset": "clang-13-fuzzing"
697+
},
698+
{
699+
"name": "test-clang-14-fuzzing",
700+
"displayName": "Strict",
701+
"description": "Enable output and stop on failure",
702+
"inherits": "test-common",
703+
"configurePreset": "clang-14-fuzzing"
704+
},
705+
{
706+
"name": "test-clang-15-fuzzing",
707+
"displayName": "Strict",
708+
"description": "Enable output and stop on failure",
709+
"inherits": "test-common",
710+
"configurePreset": "clang-15-fuzzing"
615711
}
616712
]
617713
}

fuzz_test/CMakeLists.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ TARGET_COMPILE_OPTIONS(fuzz_tester PRIVATE -fsanitize=fuzzer,undefined,address)
1313

1414
# Allow short runs during automated testing to see if something new breaks
1515
SET(FUZZ_RUNTIME
16-
10
17-
CACHE STRING "Number of seconds to run fuzz tests during ctest run") # Default of 10 seconds
16+
10
17+
CACHE STRING "Number of seconds to run fuzz tests during ctest run") # Default of 10 seconds
1818

1919
ADD_TEST(NAME fuzz_tester_run COMMAND fuzz_tester -max_total_time=${FUZZ_RUNTIME})

fuzz_test/fuzz_tester.cpp

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,20 @@
1-
#include <fmt/format.h>
2-
#include <iterator>
3-
#include <utility>
1+
#include <cstdint>
2+
#include <cstddef>
43

5-
[[nodiscard]] auto sum_values(const uint8_t *Data, size_t Size)
6-
{
7-
constexpr auto scale = 1000;
8-
9-
int value = 0;
10-
for (std::size_t offset = 0; offset < Size; ++offset) { value += static_cast<int>(*std::next(Data, static_cast<long>(offset))) * scale; }
11-
return value;
4+
/*
5+
* example comes from here: https://github.com/google/fuzzing/blob/master/tutorial/libFuzzer/fuzz_me.cc
6+
* Documentation can be found here: https://llvm.org/docs/LibFuzzer.html
7+
*/
8+
bool FuzzMe(const uint8_t *Data, size_t DataSize) {
9+
return DataSize >= 3 &&
10+
Data[0] == 'F' &&
11+
Data[1] == 'U' &&
12+
Data[2] == 'Z' &&
13+
// the following is on purpose to demonstrate an error
14+
Data[3] == 'Z'; // :‑<
1215
}
1316

14-
// Fuzzer that attempts to invoke undefined behavior for signed integer overflow
15-
// cppcheck-suppress unusedFunction symbolName=LLVMFuzzerTestOneInput
16-
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
17-
{
18-
fmt::print("Value sum: {}, len{}\n", sum_values(Data, Size), Size);
17+
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
18+
FuzzMe(Data, Size);
1919
return 0;
2020
}

0 commit comments

Comments
 (0)