shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-10-26 12:25:09 +03:00
Code Releases Activity

fuzz: Move to per-context error handler

Browse Source
This commit is contained in:
Nick Wellnhofer 2024-06-11 16:58:09 +02:00
parent 116d8c0166
commit 780e432a5c
10 changed files with 28 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
fuzz/fuzz.c
View File

@ -56,6 +56,16 @@ xmlFuzzErrorFunc(void *ctx ATTRIBUTE_UNUSED, const char *msg ATTRIBUTE_UNUSED,
...) {
}
/**
* xmlFuzzSErrorFunc:
*
* A structured error function that simply discards all errors.
*/
void
xmlFuzzSErrorFunc(void *ctx ATTRIBUTE_UNUSED,
const xmlError *error ATTRIBUTE_UNUSED) {
}
/*
* Malloc failure injection.
*

6
fuzz/fuzz.h
View File

@ -53,8 +53,10 @@ int
LLVMFuzzerTestOneInput(const char *data, size_t size);
void
xmlFuzzErrorFunc(void *ctx ATTRIBUTE_UNUSED, const char *msg ATTRIBUTE_UNUSED,
...);
xmlFuzzErrorFunc(void *ctx, const char *msg, ...);
void
xmlFuzzSErrorFunc(void *ctx, const xmlError *error);
void
xmlFuzzMemSetup(void);

6
fuzz/genSeed.c
View File

@ -151,12 +151,14 @@ processXml(const char *docFile, FILE *out) {
fuzzRecorderInit(out);
ctxt = xmlNewParserCtxt();
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
xmlCtxtSetResourceLoader(ctxt, fuzzResourceRecorder, NULL);
doc = xmlCtxtReadFile(ctxt, docFile, NULL, opts);
#ifdef LIBXML_XINCLUDE_ENABLED
{
xmlXIncludeCtxtPtr xinc = xmlXIncludeNewContext(doc);
xmlXIncludeSetErrorHandler(xinc, xmlFuzzSErrorFunc, NULL);
xmlXIncludeSetResourceLoader(xinc, fuzzResourceRecorder, NULL);
xmlXIncludeSetFlags(xinc, opts);
xmlXIncludeProcessNode(xinc, (xmlNodePtr) doc);
@ -213,7 +215,7 @@ processSchema(const char *docFile, FILE *out) {
fuzzRecorderInit(out);
pctxt = xmlSchemaNewParserCtxt(docFile);
xmlSchemaSetParserErrors(pctxt, xmlFuzzErrorFunc, xmlFuzzErrorFunc, NULL);
xmlSchemaSetParserStructuredErrors(pctxt, xmlFuzzSErrorFunc, NULL);
xmlSchemaSetResourceLoader(pctxt, fuzzResourceRecorder, NULL);
schema = xmlSchemaParse(pctxt);
xmlSchemaFreeParserCtxt(pctxt);
@ -450,8 +452,6 @@ main(int argc, const char **argv) {
return(1);
}
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
fuzzer = argv[1];
if (strcmp(fuzzer, "html") == 0) {
#ifdef HAVE_HTML_FUZZER

3
fuzz/html.c
View File

@ -18,7 +18,6 @@ LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
xmlInitializeCatalog();
xmlCatalogSetDefaults(XML_CATA_ALLOW_NONE);
#endif
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}
@ -46,6 +45,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
ctxt = htmlNewParserCtxt();
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
doc = htmlCtxtReadMemory(ctxt, docBuffer, docSize, NULL, NULL, opts);
xmlFuzzCheckMallocFailure("htmlCtxtReadMemory",
ctxt->errNo == XML_ERR_NO_MEMORY);
@ -93,6 +93,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
XML_CHAR_ENCODING_NONE);
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
htmlCtxtUseOptions(ctxt, opts);
for (consumed = 0; consumed < docSize; consumed += chunkSize) {

2
fuzz/reader.c
View File

@ -101,7 +101,6 @@ LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
xmlInitializeCatalog();
xmlCatalogSetDefaults(XML_CATA_ALLOW_NONE);
#endif
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}
@ -136,6 +135,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
if (reader == NULL)
goto exit;
xmlTextReaderSetStructuredErrorHandler(reader, xmlFuzzSErrorFunc, NULL);
xmlTextReaderSetResourceLoader(reader, xmlFuzzResourceLoader, NULL);
i = 0;

1
fuzz/regexp.c
View File

@ -13,7 +13,6 @@ int
LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
char ***argv ATTRIBUTE_UNUSED) {
xmlFuzzMemSetup();
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}

3
fuzz/schema.c
View File

@ -17,7 +17,6 @@ LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
xmlInitializeCatalog();
xmlCatalogSetDefaults(XML_CATA_ALLOW_NONE);
#endif
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}
@ -37,7 +36,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
pctxt = xmlSchemaNewParserCtxt(xmlFuzzMainUrl());
xmlSchemaSetParserErrors(pctxt, xmlFuzzErrorFunc, xmlFuzzErrorFunc, NULL);
xmlSchemaSetParserStructuredErrors(pctxt, xmlFuzzSErrorFunc, NULL);
xmlSchemaSetResourceLoader(pctxt, xmlFuzzResourceLoader, NULL);
xmlSchemaFree(xmlSchemaParse(pctxt));
xmlSchemaFreeParserCtxt(pctxt);

1
fuzz/uri.c
View File

@ -11,7 +11,6 @@ int
LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
char ***argv ATTRIBUTE_UNUSED) {
xmlFuzzMemSetup();
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}

6
fuzz/valid.c
View File

@ -19,7 +19,6 @@ LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
xmlInitializeCatalog();
xmlCatalogSetDefaults(XML_CATA_ALLOW_NONE);
#endif
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}
@ -50,6 +49,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
ctxt = xmlNewParserCtxt();
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
xmlCtxtSetResourceLoader(ctxt, xmlFuzzResourceLoader, NULL);
doc = xmlCtxtReadMemory(ctxt, docBuffer, docSize, docUrl, NULL, opts);
xmlFuzzCheckMallocFailure("xmlCtxtReadMemory",
@ -63,17 +63,20 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
ctxt = xmlNewParserCtxt();
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
xmlCtxtSetResourceLoader(ctxt, xmlFuzzResourceLoader, NULL);
doc = xmlCtxtReadMemory(ctxt, docBuffer, docSize, docUrl, NULL,
opts & ~XML_PARSE_DTDVALID);
xmlFreeParserCtxt(ctxt);
/* Post validation requires global callbacks */
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
xmlSetExternalEntityLoader(xmlFuzzEntityLoader);
vctxt = xmlNewValidCtxt();
xmlValidateDocument(vctxt, doc);
xmlFreeValidCtxt(vctxt);
xmlFreeDoc(doc);
xmlSetGenericErrorFunc(NULL, NULL);
xmlSetExternalEntityLoader(NULL);
}
@ -87,6 +90,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, docUrl);
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
xmlCtxtSetResourceLoader(ctxt, xmlFuzzResourceLoader, NULL);
xmlCtxtUseOptions(ctxt, opts);

3
fuzz/xml.c
View File

@ -20,7 +20,6 @@ LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
xmlInitializeCatalog();
xmlCatalogSetDefaults(XML_CATA_ALLOW_NONE);
#endif
xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
return 0;
}
@ -54,6 +53,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
ctxt = xmlNewParserCtxt();
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
xmlCtxtSetResourceLoader(ctxt, xmlFuzzResourceLoader, NULL);
doc = xmlCtxtReadMemory(ctxt, docBuffer, docSize, docUrl, NULL, opts);
xmlFuzzCheckMallocFailure("xmlCtxtReadMemory",
@ -94,6 +94,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) {
xmlFuzzMemSetLimit(maxAlloc);
ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, docUrl);
if (ctxt != NULL) {
xmlCtxtSetErrorHandler(ctxt, xmlFuzzSErrorFunc, NULL);
xmlCtxtSetResourceLoader(ctxt, xmlFuzzResourceLoader, NULL);
xmlCtxtUseOptions(ctxt, opts);