From 48abb1cbc138cd9c013369ea4608dd2fe5ca7a62 Mon Sep 17 00:00:00 2001 From: David Lakin Date: Sat, 4 May 2024 14:40:26 -0400 Subject: [PATCH 1/2] Add git.Blob fuzz target Based on the `test_blob.py` unit test. --- fuzzing/dictionaries/fuzz_blob.dict | 1 + fuzzing/fuzz-targets/fuzz_blob.py | 36 +++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 fuzzing/dictionaries/fuzz_blob.dict create mode 100644 fuzzing/fuzz-targets/fuzz_blob.py diff --git a/fuzzing/dictionaries/fuzz_blob.dict b/fuzzing/dictionaries/fuzz_blob.dict new file mode 100644 index 000000000..7f123f830 --- /dev/null +++ b/fuzzing/dictionaries/fuzz_blob.dict @@ -0,0 +1 @@ +"\\377\\377\\377\\377\\377\\377\\377\\377" diff --git a/fuzzing/fuzz-targets/fuzz_blob.py b/fuzzing/fuzz-targets/fuzz_blob.py new file mode 100644 index 000000000..9d296de40 --- /dev/null +++ b/fuzzing/fuzz-targets/fuzz_blob.py @@ -0,0 +1,36 @@ +import atheris +import sys +import os +import tempfile + +if getattr(sys, "frozen", False) and hasattr(sys, "_MEIPASS"): + path_to_bundled_git_binary = os.path.abspath(os.path.join(os.path.dirname(__file__), "git")) + os.environ["GIT_PYTHON_GIT_EXECUTABLE"] = path_to_bundled_git_binary + +with atheris.instrument_imports(): + import git + + +def TestOneInput(data): + fdp = atheris.FuzzedDataProvider(data) + + with tempfile.TemporaryDirectory() as temp_dir: + repo = git.Repo.init(path=temp_dir) + blob = git.Blob( + repo, + **{ + "binsha": git.Blob.NULL_BIN_SHA, + "path": fdp.ConsumeUnicodeNoSurrogates(fdp.remaining_bytes()), + }, + ) + + _ = blob.mime_type + + +def main(): + atheris.Setup(sys.argv, TestOneInput) + atheris.Fuzz() + + +if __name__ == "__main__": + main() From 6823e4543f33eb623df14a5a27c9731199de7a4f Mon Sep 17 00:00:00 2001 From: David Lakin Date: Sat, 4 May 2024 15:44:23 -0400 Subject: [PATCH 2/2] Use fuzzed data for all git.Blob arguments This increases the edges reached by the fuzzer, making for a more effective test with higher coverage. --- fuzzing/fuzz-targets/fuzz_blob.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/fuzzing/fuzz-targets/fuzz_blob.py b/fuzzing/fuzz-targets/fuzz_blob.py index 9d296de40..ce888e85f 100644 --- a/fuzzing/fuzz-targets/fuzz_blob.py +++ b/fuzzing/fuzz-targets/fuzz_blob.py @@ -16,13 +16,17 @@ def TestOneInput(data): with tempfile.TemporaryDirectory() as temp_dir: repo = git.Repo.init(path=temp_dir) - blob = git.Blob( - repo, - **{ - "binsha": git.Blob.NULL_BIN_SHA, - "path": fdp.ConsumeUnicodeNoSurrogates(fdp.remaining_bytes()), - }, - ) + binsha = fdp.ConsumeBytes(20) + mode = fdp.ConsumeInt(fdp.ConsumeIntInRange(0, fdp.remaining_bytes())) + path = fdp.ConsumeUnicodeNoSurrogates(fdp.remaining_bytes()) + + try: + blob = git.Blob(repo, binsha, mode, path) + except AssertionError as e: + if "Require 20 byte binary sha, got" in str(e): + return -1 + else: + raise e _ = blob.mime_type