1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-01-11 05:17:37 +03:00
libxml2/fuzz
Nick Wellnhofer da996c8d0f uri: Report malloc failures
Fix many places where malloc failures weren't reported, for example
after calling xmlStrdup.

Introduce new public API functions that return a separate error code if
a memory allocation fails:

- xmlParseURISafe
- xmlBuildURISafe
- xmlBuildRelativeURISafe

Update the fuzzer to check whether malloc failures are reported.
2023-12-11 22:05:47 +01:00
..
static_seed fuzz: Add maxAlloc item to static seed corpus 2023-03-08 14:07:15 +01:00
.gitignore fuzz: Separate fuzzer for DTD validation 2023-03-12 16:19:33 +01:00
fuzz.c uri: Report malloc failures 2023-12-11 22:05:47 +01:00
fuzz.h uri: Report malloc failures 2023-12-11 22:05:47 +01:00
genSeed.c tests: Fix tests --with-valid --without-xinclude 2023-11-27 18:03:01 +01:00
html.c fuzz: Allow to fuzz without push, reader or output modules 2023-09-21 13:05:49 +02:00
html.dict Add charset names to fuzzing dictionaries 2021-02-22 13:21:38 +01:00
html.options Reduce some fuzzer timeouts 2021-03-01 20:56:40 +01:00
Makefile.am fuzz: Raise rss_limit_mb 2023-10-15 13:04:54 +02:00
README Add a couple of libFuzzer targets 2020-06-05 13:53:11 +02:00
regexp.c malloc-fail: Report malloc failure in xmlRegEpxFromParse 2023-09-22 19:53:11 +02:00
regexp.dict Update fuzzing code 2020-07-31 11:55:13 +02:00
regexp.options Enforce maximum length of fuzz input 2020-12-16 16:12:07 +01:00
schema.c fuzz: Inject random malloc failures 2023-03-08 14:14:22 +01:00
schema.dict Fuzz target for XML Schemas 2020-06-23 16:20:27 +02:00
schema.options Enforce maximum length of fuzz input 2020-12-16 16:12:07 +01:00
testFuzzer.c fuzz: Allow to fuzz without push, reader or output modules 2023-09-21 13:05:49 +02:00
uri.c uri: Report malloc failures 2023-12-11 22:05:47 +01:00
uri.options Reduce some fuzzer timeouts 2021-03-01 20:56:40 +01:00
valid.c fuzz: Test xmlTextReaderRead after EOF or failure 2023-10-15 13:04:54 +02:00
valid.options fuzz: Add valid.options 2023-03-12 19:47:07 +01:00
xinclude.c fuzz: Test xmlTextReaderRead after EOF or failure 2023-10-15 13:04:54 +02:00
xinclude.options fuzz: Add separate XInclude fuzzer 2022-12-26 18:12:26 +01:00
xml.c fuzz: Test xmlTextReaderRead after EOF or failure 2023-10-15 13:04:54 +02:00
xml.dict Add charset names to fuzzing dictionaries 2021-02-22 13:21:38 +01:00
xml.options Enforce maximum length of fuzz input 2020-12-16 16:12:07 +01:00
xpath.c fuzz: Inject random malloc failures 2023-03-08 14:14:22 +01:00
xpath.dict Add XPath and XPointer fuzzer 2020-08-06 14:12:32 +02:00
xpath.options Enforce maximum length of fuzz input 2020-12-16 16:12:07 +01:00

libFuzzer instructions for libxml2
==================================

Set compiler and options:

    export CC=clang
    export CFLAGS="-g -fsanitize=fuzzer-no-link,address,undefined \
        -fno-sanitize-recover=all \
        -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"

Build libxml2 with instrumentation:

    ./configure --without-python
    make

Run fuzzers:

    make -C fuzz fuzz-xml