ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-14 11:08:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enable dotnet fuzzing (#2273)

Browse Source 
Add a new CLI job template, `libfuzzer dotnet_dll`, and supporting server-side definitions.
This commit is contained in:
Joe Ranweiler
2022-10-19 14:17:27 -07:00
committed by GitHub
parent b88f46779e
commit ee0cbd70a0
23 changed files with 1014 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
src/integration-tests/integration-test.py
View File

@ -52,6 +52,7 @@ class TaskTestState(Enum):
class TemplateType(Enum):
libfuzzer = "libfuzzer"
libfuzzer_dotnet = "libfuzzer_dotnet"
libfuzzer_dotnet_dll = "libfuzzer_dotnet_dll"
libfuzzer_qemu_user = "libfuzzer_qemu_user"
afl = "afl"
radamsa = "radamsa"
@ -76,6 +77,9 @@ class Integration(BaseModel):
test_repro: Optional[bool] = Field(default=True)
target_options: Optional[List[str]]
inject_fake_regression: bool = Field(default=False)
target_class: Optional[str]
target_method: Optional[str]
setup_dir: Optional[str]
TARGETS: Dict[str, Integration] = {
@ -148,6 +152,23 @@ TARGETS: Dict[str, Integration] = {
wait_for_files={ContainerType.inputs: 2, ContainerType.crashes: 1},
test_repro=False,
),
"linux-libfuzzer-dotnet-dll": Integration(
template=TemplateType.libfuzzer_dotnet_dll,
os=OS.linux,
setup_dir="GoodBadDotnet",
target_exe="GoodBadDotnet/GoodBad.dll",
target_options=["-max_len=4", "-only_ascii=1", "-seed=1"],
target_class="GoodBad.Fuzzer",
target_method="TestInput",
use_setup=True,
wait_for_files={
ContainerType.inputs: 2,
ContainerType.coverage: 1,
ContainerType.crashes: 1,
ContainerType.unique_reports: 1,
},
test_repro=False,
),
"linux-libfuzzer-aarch64-crosscompile": Integration(
template=TemplateType.libfuzzer_qemu_user,
os=OS.linux,
@ -216,6 +237,23 @@ TARGETS: Dict[str, Integration] = {
},
use_setup=True,
),
"windows-libfuzzer-dotnet-dll": Integration(
template=TemplateType.libfuzzer_dotnet_dll,
os=OS.windows,
setup_dir="GoodBadDotnet",
target_exe="GoodBadDotnet/GoodBad.dll",
target_options=["-max_len=4", "-only_ascii=1", "-seed=1"],
target_class="GoodBad.Fuzzer",
target_method="TestInput",
use_setup=True,
wait_for_files={
ContainerType.inputs: 2,
ContainerType.coverage: 1,
ContainerType.crashes: 1,
ContainerType.unique_reports: 1,
},
test_repro=False,
),
"windows-trivial-crash": Integration(
template=TemplateType.radamsa,
os=OS.windows,
@ -315,7 +353,11 @@ class TestOnefuzz:
self.logger.info("launching: %s", target)
setup = Directory(os.path.join(path, target)) if config.use_setup else None
if config.setup_dir is None:
setup = Directory(os.path.join(path, target)) if config.use_setup else None
else:
setup = config.setup_dir
target_exe = File(os.path.join(path, target, config.target_exe))
inputs = (
Directory(os.path.join(path, target, config.inputs))
@ -356,6 +398,28 @@ class TestOnefuzz:
vm_count=1,
target_options=config.target_options,
)
elif config.template == TemplateType.libfuzzer_dotnet_dll:
if setup is None:
raise Exception("setup required for libfuzzer_dotnet_dll")
if config.target_class is None:
raise Exception("target_class required for libfuzzer_dotnet_dll")
if config.target_method is None:
raise Exception("target_method required for libfuzzer_dotnet_dll")
job = self.of.template.libfuzzer.dotnet_dll(
self.project,
target,
BUILD,
pools[config.os].name,
target_dll=config.target_exe,
inputs=inputs,
setup_dir=setup,
duration=duration,
vm_count=1,
fuzzing_target_options=config.target_options,
target_class=config.target_class,
target_method=config.target_method,
)
elif config.template == TemplateType.libfuzzer_qemu_user:
job = self.of.template.libfuzzer.qemu_user(
self.project,