diff --git a/projects/poco/Dockerfile b/projects/poco/Dockerfile index 90b4bcc578ea..2a8c221e9858 100644 --- a/projects/poco/Dockerfile +++ b/projects/poco/Dockerfile @@ -17,13 +17,5 @@ FROM gcr.io/oss-fuzz-base/base-builder RUN apt-get update && apt-get install -y openssl libssl-dev git make cmake libssl-dev RUN git clone --depth 1 https://github.com/pocoproject/poco +RUN cp $SRC/poco/build/script/oss-fuzz-build.sh $SRC/build.sh WORKDIR $SRC/poco -COPY build.sh \ - json_parse_fuzzer.cc \ - xml_parse_fuzzer.cc \ - date_time_fuzzer.cc \ - jwt_decode_fuzzer.cc \ - http_message_fuzzer.cc \ - mail_message_fuzzer.cc \ - xml.dict \ - $SRC/ diff --git a/projects/poco/build.sh b/projects/poco/build.sh deleted file mode 100755 index fe43aa749197..000000000000 --- a/projects/poco/build.sh +++ /dev/null @@ -1,108 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -mkdir cmake-build -cd cmake-build -cmake -DBUILD_SHARED_LIBS=OFF -DENABLE_ACTIVERECORD=OFF \ - -DENABLE_ACTIVERECORD_COMPILER=OFF -DENABLE_TESTS=OFF \ - -DENABLE_PAGECOMPILER=OFF -DENABLE_PAGECOMPILER_FILE2PAGE=OFF \ - -DENABLE_DATA_SQLITE=OFF -DENABLE_REDIS=OFF -DENABLE_MONGODB=OFF \ - -DENABLE_PROMETHEUS=OFF \ - .. -make -j$(nproc) - -$CXX $CXXFLAGS -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE \ - -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 \ - -I/src/poco/JSON/include \ - -I/src/poco/Foundation/include \ - -O2 -g -DNDEBUG -std=c++17 \ - -o json_fuzzer.o -c $SRC/json_parse_fuzzer.cc - -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE json_fuzzer.o \ - ./lib/libPocoJSON.a \ - ./lib/libPocoFoundation.a \ - -o $OUT/json_parser_fuzzer -lpthread -ldl -lrt - -$CXX $CXXFLAGS -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE \ - -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 \ - -I/src/poco/XML/include \ - -I/src/poco/Foundation/include \ - -O2 -g -DNDEBUG -std=c++17 \ - -o xml_fuzzer.o -c $SRC/xml_parse_fuzzer.cc - -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE xml_fuzzer.o \ - ./lib/libPocoXML.a \ - ./lib/libPocoFoundation.a \ - -o $OUT/xml_parser_fuzzer -lpthread -ldl -lrt - -$CXX $CXXFLAGS -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE \ - -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 \ - -I/src/poco/Foundation/include \ - -O2 -g -DNDEBUG -std=c++17 \ - -o date_time_fuzzer.o -c $SRC/date_time_fuzzer.cc - -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE date_time_fuzzer.o \ - ./lib/libPocoFoundation.a \ - -o $OUT/date_time_fuzzer -lpthread -ldl -lrt - -$CXX $CXXFLAGS -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE \ - -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 \ - -I/src/poco/JWT/include \ - -I/src/poco/Foundation/include \ - -I/src/poco/JSON/include \ - -I/src/poco/Crypto/include \ - -O2 -g -DNDEBUG -std=c++17 \ - -o jwt_decode_fuzzer.o -c $SRC/jwt_decode_fuzzer.cc - -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE jwt_decode_fuzzer.o \ - ./lib/libPocoJWT.a \ - ./lib/libPocoJSON.a \ - ./lib/libPocoFoundation.a \ - ./lib/libPocoCrypto.a \ - -o $OUT/jwt_decode_fuzzer -lpthread -ldl -lrt -lssl -lcrypto - -$CXX $CXXFLAGS -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE \ - -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 \ - -I/src/poco/Foundation/include \ - -I/src/poco/Net/include \ - -O2 -g -DNDEBUG -std=c++17 \ - -o http_message_fuzzer.o -c $SRC/http_message_fuzzer.cc - -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE http_message_fuzzer.o \ - ./lib/libPocoNet.a \ - ./lib/libPocoFoundation.a \ - -o $OUT/http_message_fuzzer -lpthread -ldl -lrt - -$CXX $CXXFLAGS -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX \ - -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE \ - -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 \ - -I/src/poco/Foundation/include \ - -I/src/poco/Net/include \ - -O2 -g -DNDEBUG -std=c++17 \ - -o mail_message_fuzzer.o -c $SRC/mail_message_fuzzer.cc - -$CXX $CXXFLAGS $LIB_FUZZING_ENGINE mail_message_fuzzer.o \ - ./lib/libPocoNet.a \ - ./lib/libPocoFoundation.a \ - -o $OUT/mail_message_fuzzer -lpthread -ldl -lrt - -cp $SRC/xml.dict $OUT/xml_parser_fuzzer.dict diff --git a/projects/poco/date_time_fuzzer.cc b/projects/poco/date_time_fuzzer.cc deleted file mode 100644 index 8ba59a0030cf..000000000000 --- a/projects/poco/date_time_fuzzer.cc +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "Poco/DateTimeParser.h" -#include "Poco/DateTimeFormat.h" -#include "Poco/DateTimeFormatter.h" - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - const std::string input(reinterpret_cast(data), size); - - const std::string formats[] = { - Poco::DateTimeFormat::ISO8601_FORMAT, - Poco::DateTimeFormat::ISO8601_FRAC_FORMAT, - Poco::DateTimeFormat::RFC822_FORMAT, - Poco::DateTimeFormat::RFC1123_FORMAT, - Poco::DateTimeFormat::HTTP_FORMAT, - Poco::DateTimeFormat::RFC850_FORMAT, - Poco::DateTimeFormat::RFC1036_FORMAT, - Poco::DateTimeFormat::ASCTIME_FORMAT, - Poco::DateTimeFormat::SORTABLE_FORMAT, - "%m/%d/%y %h:%M %a", - "T%H:%M:%F", - }; - - int tzd = 0; - Poco::DateTime dt; - - for (const auto& format : formats) { - Poco::DateTimeParser::tryParse(format, input, dt, tzd); - Poco::DateTimeFormatter::format(dt.timestamp(), format, tzd); - } - - dt.makeLocal(tzd); - dt.makeUTC(tzd); - - try { - dt = Poco::DateTimeParser::parse(input, tzd); - } catch (const std::exception &) { - } - - return 0; -} diff --git a/projects/poco/http_message_fuzzer.cc b/projects/poco/http_message_fuzzer.cc deleted file mode 100644 index c9b18ca0817d..000000000000 --- a/projects/poco/http_message_fuzzer.cc +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "Poco/MemoryStream.h" -#include "Poco/Net/EscapeHTMLStream.h" -#include "Poco/Net/HTMLForm.h" -#include "Poco/Net/HTTPCredentials.h" -#include "Poco/Net/HTTPRequest.h" -#include "Poco/Net/HTTPResponse.h" -#include "Poco/Net/OAuth10Credentials.h" -#include "Poco/Net/OAuth20Credentials.h" -#include "Poco/NullStream.h" - -using namespace Poco; - -template -void catchExceptions(const F &func) { - try { - func(); - } catch (const std::exception &) { - } -} - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - NullOutputStream null; - - // HTTPRequest parsing - catchExceptions([&] { - MemoryInputStream stream(reinterpret_cast(data), size); - Net::HTTPRequest request; - request.read(stream); - request.write(null); - }); - - // HTTPResponse parsing - catchExceptions([&] { - MemoryInputStream stream(reinterpret_cast(data), size); - Net::HTTPResponse response; - response.read(stream); - response.write(null); - }); - - // HTTPCredentials - catchExceptions([&] { - MemoryInputStream stream(reinterpret_cast(data), size); - Net::HTTPResponse response; - response.read(stream); - - Net::HTTPRequest request(Net::HTTPRequest::HTTP_GET, "/"); - request.setHost(response.get(Net::HTTPRequest::HOST)); - - Net::HTTPCredentials creds; - creds.authenticate(request, response); - creds.updateAuthInfo(request); - creds.proxyAuthenticate(request, response); - creds.updateProxyAuthInfo(request); - }); - - // OAuth10Credentials - catchExceptions([&] { - MemoryInputStream stream(reinterpret_cast(data), size); - Net::HTTPRequest request; - request.read(stream); - - Net::EscapeHTMLOutputStream htmlStream(null); - Net::HTMLForm form(request, stream); - form.prepareSubmit(request); - form.write(htmlStream); - - Net::OAuth10Credentials oauth10(request); - oauth10.verify(request, URI(request.getURI()), form); - oauth10.authenticate(request, URI(request.getURI()), form); - }); - - // OAuth20Credentials - catchExceptions([&] { - MemoryInputStream stream(reinterpret_cast(data), size); - Net::HTTPRequest request; - request.read(stream); - - Net::OAuth20Credentials oauth20(request); - oauth20.authenticate(request); - }); - - return 0; -} diff --git a/projects/poco/json_parse_fuzzer.cc b/projects/poco/json_parse_fuzzer.cc deleted file mode 100644 index e03ff2fa9f4a..000000000000 --- a/projects/poco/json_parse_fuzzer.cc +++ /dev/null @@ -1,30 +0,0 @@ -/* Copyright 2021 Google LLC -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -#include "Poco/JSON/JSON.h" -#include "Poco/JSON/Parser.h" -#include "Poco/JSON/ParserImpl.h" - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - std::string json(reinterpret_cast(data), size); - Poco::JSON::Parser parser; - - Poco::Dynamic::Var result; - try { - result = parser.parse(json); - } catch (Poco::Exception &e) { - return 0; - } catch (const std::exception &e) { - return 0; - } - return 0; -} diff --git a/projects/poco/jwt_decode_fuzzer.cc b/projects/poco/jwt_decode_fuzzer.cc deleted file mode 100644 index 492f6be8ecb2..000000000000 --- a/projects/poco/jwt_decode_fuzzer.cc +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "Poco/JWT/Token.h" -#include "Poco/JWT/Signer.h" - -extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) { - Poco::Crypto::initializeCrypto(); - return 0; -} - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - const std::string input(reinterpret_cast(data), size); - - Poco::JWT::Signer signer; - signer.addAllAlgorithms(); - signer.setHMACKey("secret"); - - try { - // verify untrusted input - Poco::JWT::Token token; - token = signer.verify(input); - } catch (const Poco::Exception &) { - } - - for (const auto &algorithm : signer.getAlgorithms()) { - try { - // sign and verify again - Poco::JWT::Token token(input); - token.setAudience(token.getAudience()); - signer.sign(token, algorithm); - token = signer.verify(token.toString()); - } catch (const Poco::Exception &) { - } - } - - return 0; -} diff --git a/projects/poco/mail_message_fuzzer.cc b/projects/poco/mail_message_fuzzer.cc deleted file mode 100644 index 170bf5a42f50..000000000000 --- a/projects/poco/mail_message_fuzzer.cc +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "Poco/MemoryStream.h" -#include "Poco/Net/MailMessage.h" -#include "Poco/Net/MailStream.h" -#include "Poco/NullStream.h" - -using namespace Poco; - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - try { - MemoryInputStream stream(reinterpret_cast(data), size); - Net::MailInputStream mis(stream); - Net::MailMessage mail; - mail.read(mis); - mail.addRecipient( - Net::MailRecipient(Net::MailRecipient::CC_RECIPIENT, - Net::MailMessage::encodeWord(mail.getSender()))); - NullOutputStream null; - Net::MailOutputStream mos(null); - mail.write(mos); - } catch (const std::exception &) { - } - - return 0; -} diff --git a/projects/poco/xml.dict b/projects/poco/xml.dict deleted file mode 100644 index 2ff824a6a6eb..000000000000 --- a/projects/poco/xml.dict +++ /dev/null @@ -1,116 +0,0 @@ -attr_encoding=" encoding=\"1\"" -attr_generic=" a=\"1\"" -attr_href=" href=\"1\"" -attr_standalone=" standalone=\"no\"" -attr_version=" version=\"1\"" -attr_xml_base=" xml:base=\"1\"" -attr_xml_id=" xml:id=\"1\"" -attr_xml_lang=" xml:lang=\"1\"" -attr_xml_space=" xml:space=\"1\"" -attr_xmlns=" xmlns=\"1\"" - -entity_builtin="<" -entity_decimal="" -entity_external="&a;" -entity_hex="" - -# keywords -"ANY" -"ATTLIST" -"CDATA" -"DOCTYPE" -"ELEMENT" -"EMPTY" -"ENTITIES" -"ENTITY" -"FIXED" -"ID" -"IDREF" -"IDREFS" -"IGNORE" -"IMPLIED" -"INCLUDE" -"NDATA" -"NMTOKEN" -"NMTOKENS" -"NOTATION" -"PCDATA" -"PUBLIC" -"REQUIRED" -"SYSTEM" - -# Various tag parts -"<" -">" -"/>" -"" -"" -"[]" -"]]" -"" -"\"\"" -"''" -"=\"\"" -"=''" - -# DTD -"" -tag_open="" -tag_open_close="" - - -"" -"http://docboo" -"http://www.w" -"he30" -"he2" -"IET" -"FDF-10" -"aDUCS-4OPveb:" -"a>" -"UT" -"xMl" -"/usr/share/sg" -"ha07" -"http://www.oa" -"cle" diff --git a/projects/poco/xml_parse_fuzzer.cc b/projects/poco/xml_parse_fuzzer.cc deleted file mode 100644 index 0ac3a7a5cc5b..000000000000 --- a/projects/poco/xml_parse_fuzzer.cc +++ /dev/null @@ -1,88 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "Poco/AutoPtr.h" -#include "Poco/DOM/DOMParser.h" -#include "Poco/DOM/Document.h" -#include "Poco/SAX/DefaultHandler.h" -#include "Poco/SAX/SAXParser.h" -#include "Poco/XML/XMLStreamParser.h" - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - using namespace Poco::XML; - - std::string xml(reinterpret_cast(data), size); - - // SAX Parser - - SAXParser saxParser; - std::uint8_t saxFeatures = size > 0 ? data[size - 1] : 0; - - DefaultHandler defHandler; - saxParser.setContentHandler(&defHandler); - saxParser.setDTDHandler(&defHandler); - saxParser.setErrorHandler(&defHandler); - saxParser.setEntityResolver(&defHandler); - - for (const auto feature : { - XMLReader::FEATURE_EXTERNAL_GENERAL_ENTITIES, - XMLReader::FEATURE_EXTERNAL_PARAMETER_ENTITIES, - XMLReader::FEATURE_NAMESPACES, - XMLReader::FEATURE_NAMESPACE_PREFIXES, - SAXParser::FEATURE_PARTIAL_READS, - }) { - saxParser.setFeature(feature, saxFeatures & 0x01); - saxFeatures >>= 1; - } - - try { - saxParser.parseString(xml); - } catch (const std::exception &) { - } - - // DOM Parser - - DOMParser domParser; - std::uint8_t domFeatures = size > 0 ? data[size - 1] : 0; - - for (const auto feature : { - XMLReader::FEATURE_EXTERNAL_GENERAL_ENTITIES, - XMLReader::FEATURE_EXTERNAL_PARAMETER_ENTITIES, - XMLReader::FEATURE_NAMESPACES, - XMLReader::FEATURE_NAMESPACE_PREFIXES, - DOMParser::FEATURE_FILTER_WHITESPACE, - }) { - domParser.setFeature(feature, domFeatures & 0x01); - domFeatures >>= 1; - } - - try { - Poco::AutoPtr doc = domParser.parseString(xml); - } catch (const std::exception &) { - } - - // Stream Parser - - std::istringstream stream(xml); - - try { - XMLStreamParser streamParser(stream, "fuzz"); - for (XMLStreamParser::EventType e : streamParser) { - streamParser.getQName().toString(); - } - } catch (const std::exception &) { - } - - return 0; -}