Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add graceful handling of expected exceptions in fuzz_submodule.py #1922

Merged
merged 5 commits into from
May 31, 2024
Merged

Add graceful handling of expected exceptions in fuzz_submodule.py #1922

merged 5 commits into from
May 31, 2024

Conversation

DaveLak
Copy link
Contributor

@DaveLak DaveLak commented May 30, 2024

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69350 (See 7b684cd)

Also:

  • Improves file name generation to prevent "File name too long" OSError's (6c00ce6)
  • Improves fuzz_submodule.py coverage & efficacy (2a2294f)

DaveLak added 5 commits May 30, 2024 13:46
@DaveLak
Add graceful handling of expected exceptions in fuzz_submodule.py
7b684cd 
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69350

**`IsADirectoryError`**

Fuzzer provided input data can sometimes produce filenames that look
like directories and raise `IsADirectoryError` exceptions which crash
the fuzzer. This commit catches those cases and returns -1 to instruct
libfuzzer that the inputs are not valuable to add to the corpus.

**`FileExistsError`**

Similar to the above, this is a possible exception case produced by the
fuzzed data and not a bug so its handled the same.
@DaveLak
Improve file name generation to prevent "File name too long" OSError's
6c00ce6 
Adds a utility function to limit the maximum file name legnth produced
by the fuzzer to a max size dictated by the host its run on.
@DaveLak
Improve fuzz_submodule.py coverage & efficacy
2a2294f 
The fuzzer was having trouble analyzing `fuzz_submodule.py` when using
the `atheris.instrument_imports()` context manager. Switching to
`atheris.instrument_all()` instead slightly increases the startup time
for the fuzzer, but significantly improves the fuzzing engines ability
to identify new coverage.

The changes here also disable warnings that are logged to `stdout` from
the SUT. These warnings are expected to happen with some inputs and
clutter the fuzzer output logs. They can be optionally re-enabled for
debugging by passing a flag o the Python interpreter command line or
setting the `PYTHONWARNINGS` environment variable.
@DaveLak
Add graceful handling for NotADirectoryErrors
57a56a8
@DaveLak
Improve comment wording
2b64dee
Byron
Byron approved these changes May 31, 2024
View reviewed changes
Copy link
Member

@Byron Byron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for the swift fix, it's much appreciated!

@Byron Byron merged commit 8502efe into gitpython-developers:main May 31, 2024
26 checks passed
@DaveLak DaveLak deleted the fix-fuzz-submodule-expected-exceptions-handling branch May 31, 2024 05:16
DaveLak added a commit to DaveLak/GitPython that referenced this pull request Aug 9, 2024
@DaveLak
Fix "OSError: [Errno 36] File name too long" in fuzz_submodule
af0cd93 
Fixes a bug in the `fuzz_submodule` harness where the fuzzed data can
produce file names that exceed the maximum size allowed byt the OS. This
issue came up previously and was fixed in gitpython-developers#1922, but the submodule file
name fixed here was missed in that PR.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69456
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Byron Byron Byron approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DaveLak @Byron