1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-08 02:33:12 +02:00

tests: add fuzz testing on core functions (issue #1462)

This commit introduces fuzz testing, for now on core functions, with 4 new
targets that are built on demand with CMake option `ENABLE_FUZZ` (build of
these tests is disabled by default):

- weechat_core_calc_fuzzer
- weechat_core_crypto_fuzzer
- weechat_core_string_fuzzer
- weechat_core_utf8_fuzzer
This commit is contained in:
Sébastien Helleu
2025-05-05 07:07:24 +02:00
parent ceb6a007ff
commit 68d87f2b80
14 changed files with 641 additions and 18 deletions
+15 -2
View File
@@ -19,6 +19,19 @@
# along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
#
if(ENABLE_TESTS)
add_subdirectory(unit)
if(ENABLE_FUZZ)
add_subdirectory(fuzz)
endif()
if(ENABLE_TESTS)
find_package(CppUTest)
if(CPPUTEST_FOUND)
enable_testing()
add_subdirectory(unit)
else()
message(SEND_ERROR "CppUTest not found")
endif()
else()
enable_testing()
add_test(NAME notests COMMAND true)
endif()
+101
View File
@@ -0,0 +1,101 @@
#
# SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# This file is part of WeeChat, the extensible chat client.
#
# WeeChat is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# WeeChat is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
#
if(NOT DEFINED ENV{LIB_FUZZING_ENGINE})
set(ENV{LIB_FUZZING_ENGINE} "-fsanitize=address,fuzzer")
endif()
remove_definitions(-DHAVE_CONFIG_H)
include_directories(
${PROJECT_BINARY_DIR}
${PROJECT_SOURCE_DIR}
${CMAKE_CURRENT_SOURCE_DIR}
)
if(NOT CYGWIN)
add_definitions(-fPIC)
endif()
if(${CMAKE_SYSTEM_NAME} STREQUAL "FreeBSD" AND HAVE_BACKTRACE)
list(APPEND EXTRA_LIBS "execinfo")
endif()
if(${CMAKE_SYSTEM_NAME} STREQUAL "SunOS")
list(APPEND EXTRA_LIBS "socket" "nsl")
endif()
if(${CMAKE_SYSTEM_NAME} STREQUAL "Haiku")
list(APPEND EXTRA_LIBS "network")
endif()
if(NOT ${CMAKE_SYSTEM_NAME} STREQUAL "Haiku")
list(APPEND EXTRA_LIBS "pthread")
endif()
if(ICONV_LIBRARY)
list(APPEND EXTRA_LIBS ${ICONV_LIBRARY})
endif()
if(LIBINTL_LIBRARY)
list(APPEND EXTRA_LIBS ${LIBINTL_LIBRARY})
endif()
list(APPEND EXTRA_LIBS "m")
list(APPEND EXTRA_LIBS ${ZLIB_LIBRARY})
if(ENABLE_ZSTD)
list(APPEND EXTRA_LIBS ${LIBZSTD_LDFLAGS})
endif()
if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
# link with resolv lib on macOS
list(APPEND EXTRA_LIBS "resolv")
endif()
list(APPEND FUZZ_TARGET_LINK
weechat_core
weechat_plugins
weechat_gui_common
weechat_gui_headless
weechat_ncurses_fake
${EXTRA_LIBS}
${ZLIB_LIBRARY}
${LIBZSTD_LDFLAGS}
-rdynamic
)
list(APPEND FUZZ_TARGET_DEPS
weechat_core
weechat_plugins
weechat_gui_common
weechat_gui_headless
weechat_ncurses_fake
)
# fuzz targets
set(FUZZ_CORE_TARGETS calc crypto string utf8)
foreach(fuzz_target ${FUZZ_CORE_TARGETS})
add_executable(weechat_core_${fuzz_target}_fuzzer core/${fuzz_target}-fuzzer.c)
target_link_libraries(weechat_core_${fuzz_target}_fuzzer ${FUZZ_TARGET_LINK})
set_target_properties(weechat_core_${fuzz_target}_fuzzer PROPERTIES LINK_FLAGS "$ENV{LIB_FUZZING_ENGINE}")
add_dependencies(weechat_core_${fuzz_target}_fuzzer ${FUZZ_TARGET_DEPS})
endforeach()
+45
View File
@@ -0,0 +1,45 @@
/*
* SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This file is part of WeeChat, the extensible chat client.
*
* WeeChat is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* WeeChat is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
*/
/* Fuzz testing on WeeChat core calc functions */
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include "src/core/core-calc.h"
int
LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
{
char *str;
str = (char *)malloc (size + 1);
memcpy (str, data, size);
str[size] = '\0';
free (calc_expression (str));
free (str);
return 0;
}
+71
View File
@@ -0,0 +1,71 @@
/*
* SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This file is part of WeeChat, the extensible chat client.
*
* WeeChat is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* WeeChat is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
*/
/* Fuzz testing on WeeChat core crypto functions */
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include <assert.h>
#include <gcrypt.h>
#include "src/core/core-crypto.h"
extern char *weecrypto_hash_algo_string[];
extern int weecrypto_hash_algo[];
int
LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
{
char *str, hash[1024], *result;
int i, hash_size, key_size, salt_size;
str = (char *)malloc (size + 1);
memcpy (str, data, size);
str[size] = '\0';
key_size = (size > 8) ? 8 : size;
for (i = 0; weecrypto_hash_algo_string[i]; i++)
{
weecrypto_hash (data, size, weecrypto_hash_algo[i], hash, &hash_size);
weecrypto_hmac (data, key_size, data, size, weecrypto_hash_algo[i], hash, &hash_size);
}
salt_size = (size > 8) ? 8 : size;
weecrypto_hash_pbkdf2 (data, size, GCRY_MD_SHA1, data, salt_size, 100, hash, &hash_size);
weecrypto_hash_pbkdf2 (data, size, GCRY_MD_SHA256, data, salt_size, 100, hash, &hash_size);
weecrypto_hash_pbkdf2 (data, size, GCRY_MD_SHA512, data, salt_size, 100, hash, &hash_size);
result = weecrypto_totp_generate (str, 1746358623, 6);
if (result && result[0])
assert (weecrypto_totp_validate (str, 1746358623, 0, result));
free (result);
result = weecrypto_totp_generate (str, 1746358623, 12);
if (result && result[0])
assert (weecrypto_totp_validate (str, 1746358623, 0, result));
free (result);
free (str);
return 0;
}
+228
View File
@@ -0,0 +1,228 @@
/*
* SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This file is part of WeeChat, the extensible chat client.
*
* WeeChat is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* WeeChat is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
*/
/* Fuzz testing on WeeChat core string functions */
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include <assert.h>
#include <regex.h>
#include "src/core/core-config.h"
#include "src/core/core-string.h"
#include "src/plugins/weechat-plugin.h"
regex_t global_regex;
int
LLVMFuzzerInitialize(int *argc, char ***argv)
{
(void) argc;
(void) argv;
config_weechat_init ();
regcomp (&global_regex, "a.*", 0);
return 0;
}
char *
callback_replace (void *data, const char *text)
{
(void) data;
(void) text;
return strdup ("z");
}
int
LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
{
char *str, *str2, **str_dyn, *result, *masks[3] = { "a*", "b*", NULL};
char **argv, *buffer;
const char *name;
int argc, flags, num_tags, priority;
regex_t regex;
int rc;
str = (char *)malloc (size + 1);
memcpy (str, data, size);
str[size] = '\0';
free (string_strndup (str, size / 2));
free (string_cut (str, size / 2, 0, 0, ""));
free (string_cut (str, size / 2, 1, 0, ""));
free (string_cut (str, size / 2, 0, 1, ""));
free (string_cut (str, size / 2, 1, 1, ""));
free (string_reverse (str));
free (string_reverse_screen (str));
free (string_repeat (str, 2));
free (string_tolower (str));
free (string_toupper (str));
free (string_tolower_range (str, 13));
free (string_toupper_range (str, 13));
string_strcmp (str, str);
string_strncmp (str, str, size / 2);
string_strcasecmp (str, str);
string_strcasecmp_range (str, str, 13);
string_strncasecmp (str, str, size / 2);
string_strcmp_ignore_chars (str, str, "abcd", 0);
string_strcmp_ignore_chars (str, str, "abcd", 1);
string_strcasestr (str, str);
string_match (str, "a*", 0);
string_match (str, "a*", 1);
string_match_list (str, (const char **)masks, 0);
string_match_list (str, (const char **)masks, 1);
free (string_expand_home (str));
free (string_eval_path_home (str, NULL, NULL, NULL));
free (string_remove_quotes (str, "'\""));
free (string_strip (str, 0, 0, "abcdef"));
free (string_strip (str, 0, 1, "abcdef"));
free (string_strip (str, 1, 0, "abcdef"));
free (string_strip (str, 1, 1, "abcdef"));
free (string_convert_escaped_chars (str));
string_is_whitespace_char (str);
string_is_word_char_highlight (str);
string_is_word_char_input (str);
free (string_mask_to_regex (str));
string_regex_flags (str, 0, NULL);
string_regex_flags (str, 0, &flags);
rc = string_regcomp (&regex, str, REG_ICASE | REG_NOSUB);
if (rc == 0)
regfree (&regex);
str2 = (char *)malloc (16 + size + 1);
snprintf (str2, 16 + size + 1, "(?ins)%s", str);
rc = string_regcomp (&regex, str2, REG_ICASE | REG_NOSUB);
if (rc == 0)
regfree (&regex);
free (str2);
string_has_highlight (str, "a");
string_has_highlight_regex_compiled (str, &global_regex);
string_has_highlight_regex (str, "a.*");
free (string_replace (str, "a", "b"));
free (string_replace_regex (str, &global_regex, "b", '$', &callback_replace, NULL));
free (string_translate_chars (str, "abc", "def"));
argv = string_split (str, "/", NULL, 0, 0, &argc);
string_free_split (argv);
argv = string_split (str, "/", " ", 0, 0, &argc);
string_free_split (argv);
flags = WEECHAT_STRING_SPLIT_STRIP_LEFT
| WEECHAT_STRING_SPLIT_STRIP_RIGHT
| WEECHAT_STRING_SPLIT_COLLAPSE_SEPS
| WEECHAT_STRING_SPLIT_COLLAPSE_SEPS;
argv = string_split (str, "/", " ", flags, 0, &argc);
result = string_rebuild_split_string ((const char **)argv, "/", -1, -1);
if (argv && result)
assert (strcmp (str, result) == 0);
free (result);
string_free_split (argv);
string_free_split_shared (string_split_shared (str, "/", " ", flags, 0, &argc));
string_free_split_command (string_split_command (str, ';'));
string_free_split_tags (string_split_tags (str, &num_tags));
free (string_iconv (0, "utf-8", "iso-8859-1", str));
free (string_iconv_to_internal ("iso-8859-1", str));
free (string_iconv_from_internal ("iso-8859-1", str));
free (string_format_size (size));
string_parse_size (str);
buffer = malloc ((size * 4) + 8 + 1);
string_base16_encode (str, size, buffer);
string_base16_decode (str, buffer);
string_base32_encode (str, size, buffer);
string_base32_decode (str, buffer);
string_base64_encode (0, str, size, buffer);
string_base64_encode (1, str, size, buffer);
string_base64_decode (0, str, buffer);
string_base64_decode (1, str, buffer);
free (buffer);
free (string_hex_dump (str, size, 16, "<", ">"));
string_is_command_char (str);
string_input_for_buffer (str);
string_get_common_bytes_count (str, str);
string_levenshtein (str, str, 0);
string_levenshtein (str, str, 1);
string_get_priority_and_name (str, &priority, &name, 0);
string_shared_free ((char *)string_shared_get (str));
str_dyn = string_dyn_alloc (1);
string_dyn_copy (str_dyn, str);
string_dyn_concat (str_dyn, str, -1);
string_dyn_free (str_dyn, 1);
string_concat ("/", str, str, NULL);
free (str);
return 0;
}
+103
View File
@@ -0,0 +1,103 @@
/*
* SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This file is part of WeeChat, the extensible chat client.
*
* WeeChat is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* WeeChat is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
*/
/* Fuzz testing on WeeChat core UTF-8 functions */
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include "src/core/core-config.h"
#include "src/core/core-utf8.h"
int
LLVMFuzzerInitialize(int *argc, char ***argv)
{
(void) argc;
(void) argv;
config_weechat_init ();
return 0;
}
int
LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
{
char *str, *str2, utf8_char[5], *error;
size_t i;
str = (char *)malloc (size + 1);
memcpy (str, data, size);
str[size] = '\0';
utf8_has_8bits (str);
utf8_is_valid (str, size, &error);
str2 = strdup (str);
utf8_normalize (str2, '?');
free (str2);
for (i = 0; i < 5; i++)
{
if (size >= i)
{
utf8_prev_char (str, str + i);
utf8_beginning_of_line (str, str + i);
}
}
utf8_next_char (str);
utf8_end_of_line (str);
utf8_char_int (str);
utf8_int_string (utf8_char_int (str), utf8_char);
utf8_char_size (str);
utf8_strlen (str);
utf8_strnlen (str, size / 2);
utf8_char_size_screen (str);
utf8_strlen_screen (str);
if (size > 4)
{
utf8_add_offset (str, 1);
utf8_real_pos (str, 1);
utf8_pos (str, 1);
}
free (utf8_strndup (str, size / 2));
if (size > 4)
utf8_strncpy (utf8_char, str, 1);
free (str);
return 0;
}
+24
View File
@@ -0,0 +1,24 @@
# SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
#
# SPDX-License-Identifier: GPL-3.0-or-later
"0"
"1"
"2"
"3"
"4"
"5"
"6"
"7"
"8"
"9"
"."
"("
")"
"+"
"-"
"*"
"/"
"//"
"%"
"**"