Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a7e2ec1

Browse files
AdamKorczsethmlarson
AdamKorcz
and
sethmlarson
authored
Add fuzzer for binascii module
Co-authored-by: Seth Larson <[email protected]>
1 parent dc49ef7 commit a7e2ec1

3 files changed

Lines changed: 101 additions & 2 deletions

File tree

Makefile

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
1-
all : fuzzer-html fuzzer-email fuzzer-httpclient fuzzer-json fuzzer-difflib fuzzer-csv fuzzer-decode fuzzer-ast fuzzer-tarfile fuzzer-tarfile-hypothesis fuzzer-zipfile fuzzer-zipfile-hypothesis fuzzer-re fuzzer-configparser fuzzer-tomllib fuzzer-plistlib fuzzer-xml fuzzer-zoneinfo
1+
all : fuzzer-html fuzzer-email fuzzer-httpclient fuzzer-json fuzzer-difflib fuzzer-csv fuzzer-decode fuzzer-ast fuzzer-tarfile fuzzer-tarfile-hypothesis fuzzer-zipfile fuzzer-zipfile-hypothesis fuzzer-re fuzzer-configparser fuzzer-tomllib fuzzer-plistlib fuzzer-xml fuzzer-zoneinfo fuzzer-binascii
22

33
PYTHON_CONFIG_PATH=$(CPYTHON_INSTALL_PATH)/bin/python3-config
44
CXXFLAGS += $(shell $(PYTHON_CONFIG_PATH) --cflags)
5-
LDFLAGS += -rdynamic $(shell $(PYTHON_CONFIG_PATH) --ldflags --embed)
5+
LDFLAGS += -rdynamic $(shell $(PYTHON_CONFIG_PATH) --ldflags --embed) $(CPYTHON_MODLIBS) -Wl,--allow-multiple-definition
66

77
fuzzer-html:
88
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"html.py\"" -ldl $(LDFLAGS) -o fuzzer-html
@@ -40,3 +40,6 @@ fuzzer-xml:
4040
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"xml.py\"" -ldl $(LDFLAGS) -o fuzzer-xml
4141
fuzzer-zoneinfo:
4242
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"zoneinfo.py\"" -ldl $(LDFLAGS) -o fuzzer-zoneinfo
43+
44+
fuzzer-binascii:
45+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"binascii.py\"" -ldl $(LDFLAGS) -o fuzzer-binascii

binascii.py

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
from fuzzeddataprovider import FuzzedDataProvider
2+
import binascii
3+
4+
# Top-level operation constants for FuzzerRunOne
5+
OP_DECODE = 0
6+
OP_ENCODE = 1
7+
OP_CHECKSUM = 2
8+
OP_ROUNDTRIP = 3
9+
10+
# Decode/encode sub-operation constants
11+
CODEC_BASE64_STRICT = 0
12+
CODEC_HEX = 1
13+
CODEC_UU = 2
14+
CODEC_QP = 3
15+
CODEC_BASE64 = 4
16+
CODEC_BASE64_ALT = 5
17+
18+
19+
def op_decode(fdp):
20+
which = fdp.ConsumeIntInRange(CODEC_BASE64_STRICT, CODEC_BASE64_ALT)
21+
strict = fdp.ConsumeBool()
22+
data = fdp.ConsumeBytes(fdp.remaining_bytes())
23+
if which == CODEC_BASE64_STRICT:
24+
if strict:
25+
binascii.a2b_base64(data, strict_mode=True)
26+
else:
27+
binascii.a2b_base64(data)
28+
elif which == CODEC_HEX:
29+
binascii.a2b_hex(data)
30+
elif which == CODEC_UU:
31+
binascii.a2b_uu(data)
32+
elif which == CODEC_QP:
33+
binascii.a2b_qp(data)
34+
elif which == CODEC_BASE64:
35+
binascii.a2b_base64(data)
36+
elif which == CODEC_BASE64_ALT:
37+
binascii.a2b_base64(data)
38+
39+
40+
def op_encode(fdp):
41+
which = fdp.ConsumeIntInRange(CODEC_BASE64_STRICT, CODEC_BASE64_ALT)
42+
newline = fdp.ConsumeBool()
43+
data = fdp.ConsumeBytes(fdp.ConsumeIntInRange(0, 10000))
44+
if not data:
45+
return
46+
if which == CODEC_BASE64_STRICT:
47+
binascii.b2a_base64(data, newline=newline)
48+
elif which == CODEC_HEX:
49+
binascii.b2a_hex(data)
50+
elif which == CODEC_UU:
51+
uu_data = fdp.ConsumeBytes(fdp.ConsumeIntInRange(0, 45))
52+
binascii.b2a_uu(uu_data)
53+
elif which == CODEC_QP:
54+
binascii.b2a_qp(data)
55+
elif which == CODEC_BASE64:
56+
binascii.b2a_base64(data)
57+
elif which == CODEC_BASE64_ALT:
58+
binascii.b2a_base64(data)
59+
60+
61+
def op_checksum(fdp):
62+
use_crc32 = fdp.ConsumeBool()
63+
data = fdp.ConsumeBytes(fdp.remaining_bytes())
64+
if use_crc32:
65+
binascii.crc32(data)
66+
else:
67+
binascii.crc_hqx(data, 0)
68+
69+
70+
def op_roundtrip(fdp):
71+
data = fdp.ConsumeBytes(fdp.remaining_bytes())
72+
hexed = binascii.hexlify(data)
73+
binascii.unhexlify(hexed)
74+
75+
76+
# Fuzzes the binascii module's C implementation (Modules/binascii.c).
77+
# Exercises binary-to-ASCII and ASCII-to-binary conversions for base64,
78+
# hex, UU-encoding, and quoted-printable codecs. Also tests CRC32,
79+
# CRC-HQX checksums, and hexlify/unhexlify roundtrips.
80+
def FuzzerRunOne(FuzzerInput):
81+
if len(FuzzerInput) < 1 or len(FuzzerInput) > 0x100000:
82+
return
83+
fdp = FuzzedDataProvider(FuzzerInput)
84+
op = fdp.ConsumeIntInRange(OP_DECODE, OP_ROUNDTRIP)
85+
try:
86+
if op == OP_DECODE:
87+
op_decode(fdp)
88+
elif op == OP_ENCODE:
89+
op_encode(fdp)
90+
elif op == OP_CHECKSUM:
91+
op_checksum(fdp)
92+
else:
93+
op_roundtrip(fdp)
94+
except Exception:
95+
pass

fuzz_targets.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
ast ast.py
2+
binascii binascii.py
23
configparser configparser.py
34
csv csv.py
45
decode decode.py

0 commit comments

Comments
 (0)