ossfuzz: moving towards the ideal integration

          compiler: gcc

          dist: trusty

          env: T=distcheck

        - os: linux

          compiler: clang

          dist: trusty

          env: T=fuzzer

install:

  - pip install --user cpp-coveralls

             cmake .. && \

             make)

        fi

    - |

        if [ "$T" = "fuzzer" ]; then

          export CC=clang

          export CFLAGS="-fsanitize=address"

          ./configure --disable-shared --enable-debug --enable-maintainer-mode

          make

          cd tests/fuzz

          make clean

          make check

        fi

# whitelist branches to avoid testing feature branches twice (as branch and as pull request)

branches:

endif

fuzzer:

	@(cd tests/fuzz; $(MAKE) all)

examples:

	@(cd docs/examples; $(MAKE) check)

from __future__ import (absolute_import, division, print_function,

                        unicode_literals)

import os

import xml.etree.ElementTree as ET

import re

import logging

log = logging.getLogger(__name__)

REPLY_DATA = re.compile("<reply>\s*<data>(.*?)</data>", re.MULTILINE | re.DOTALL)

class TestData(object):

    def __init__(self, data_folder):

        self.data_folder = data_folder

        filename = os.path.join(self.data_folder,

                                "test{0}".format(test_number))

        # The user should handle the exception from failing to find the file.

        tree = ET.parse(filename)

        log.debug("Parsing file %s", filename)

        with open(filename, "rb") as f:

            contents = f.read().decode("utf-8")

        # We need the <reply><data> text.

        reply = tree.find("reply")

        data = reply.find("data")

        m = REPLY_DATA.search(contents)

        if not m:

            raise Exception("Couldn't find a <reply><data> section")

        # Return the text contents of the data

        return data.text

        # Left-strip the data so we don't get a newline before our data.

        return m.group(1).lstrip()

if __name__ == '__main__':

# FIXME, probably adapt from file in ../unit

# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file

# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "borrowed" files

AM_CPPFLAGS = -I$(top_srcdir)/include        \

AM_CFLAGS = -I$(top_srcdir)/include        \

            -I$(top_builddir)/lib          \

            -I$(top_srcdir)/lib            \

            -I$(top_srcdir)/tests/fuzz

EXTRA_DIST = Makefile.inc CMakeLists.txt

LIBS = -lpthread -lstdc++ -lm

LIBS = -lpthread -lFuzzer -lstdc++ -lm

LDFLAGS = -L/usr/lib/llvm-5.0/lib

# Run e.g. "make all LIB_FUZZING_ENGINE=/path/to/libFuzzer.a"

# to link the fuzzer(s) against a real fuzzing engine.

#

# OSS-Fuzz will define its own value for LIB_FUZZING_ENGINE.

LIB_FUZZING_ENGINE ?= libstandaloneengine.a

LDADD = $(top_builddir)/lib/libcurl.la      \

        @LDFLAGS@ @LIBCURL_LIBS@

        $(LIB_FUZZING_ENGINE) @LDFLAGS@ @LIBCURL_LIBS@

# Makefile.inc provides neat definitions

include Makefile.inc

	@PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c

noinst_PROGRAMS = $(FUZZPROGS)

noinst_LIBRARIES = $(FUZZLIBS)

 No newline at end of file