1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-08 10:25:41 +02:00

tests: add fuzz testing on core functions (issue #1462)

This commit introduces fuzz testing, for now on core functions, with 4 new
targets that are built on demand with CMake option `ENABLE_FUZZ` (build of
these tests is disabled by default):

- weechat_core_calc_fuzzer
- weechat_core_crypto_fuzzer
- weechat_core_string_fuzzer
- weechat_core_utf8_fuzzer
This commit is contained in:
Sébastien Helleu
2025-05-05 07:07:24 +02:00
parent ceb6a007ff
commit 68d87f2b80
14 changed files with 641 additions and 18 deletions
+3 -3
View File
@@ -139,7 +139,7 @@ jobs:
- name: "clang"
cc: "clang"
cxx: "clang++"
buildargs: ""
buildargs: "-DENABLE_FUZZ=ON"
name: "${{ matrix.os }} (${{ matrix.config.name }})"
runs-on: ${{ matrix.os }}
@@ -305,7 +305,7 @@ jobs:
- name: "clang"
cc: "clang"
cxx: "clang++"
buildargs: "-DENABLE_MAN=ON -DENABLE_DOC=ON -DENABLE_TESTS=ON"
buildargs: "-DENABLE_MAN=ON -DENABLE_DOC=ON -DENABLE_TESTS=ON -DENABLE_FUZZ=ON"
name: "rockylinux-9 (${{ matrix.config.name }})"
runs-on: ${{ matrix.os }}
@@ -354,7 +354,7 @@ jobs:
- name: "clang"
cc: "clang"
cxx: "clang++"
buildargs: "-DENABLE_MAN=ON -DENABLE_DOC=ON -DENABLE_TESTS=ON"
buildargs: "-DENABLE_MAN=ON -DENABLE_DOC=ON -DENABLE_TESTS=ON -DENABLE_FUZZ=ON"
name: "freebsd-14 (${{ matrix.config.name }})"
runs-on: ${{ matrix.os }}
+1
View File
@@ -12,6 +12,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
- irc: add support strikethrough text in IRC messages ([#2248](https://github.com/weechat/weechat/issues/2248))
- buflist: add variables `${number_zero}` and `${number_zero2}` (zero-padded buffer number)
- tests: add fuzz testing ([#1462](https://github.com/weechat/weechat/issues/1462))
### Fixed
+2 -13
View File
@@ -131,6 +131,7 @@ option(ENABLE_MAN "Enable build of man page" OFF)
option(ENABLE_DOC "Enable build of documentation" OFF)
option(ENABLE_DOC_INCOMPLETE "Enable incomplete doc" OFF)
option(ENABLE_TESTS "Enable tests" OFF)
option(ENABLE_FUZZ "Enable fuzz testing" OFF)
option(ENABLE_CODE_COVERAGE "Enable code coverage" OFF)
# code coverage
@@ -276,19 +277,7 @@ endif()
add_subdirectory(src)
add_subdirectory(doc)
if(ENABLE_TESTS)
find_package(CppUTest)
if(CPPUTEST_FOUND)
enable_testing()
add_subdirectory(tests)
else()
message(SEND_ERROR "CppUTest not found")
endif()
else()
enable_testing()
add_test(NAME notests COMMAND true)
endif()
add_subdirectory(tests)
configure_file(config.h.cmake config.h @ONLY)
+8
View File
@@ -91,6 +91,8 @@ The main WeeChat directories are:
|       typing/ | Typing plugin.
|       xfer/ | Xfer plugin (IRC DCC file/chat).
| tests/ | Tests.
|    fuzz/ | Fuzz testing.
| core/ | Fuzz testing for core functions.
|    unit/ | Unit tests.
|       core/ | Unit tests for core functions.
|       hook/ | Unit tests for hook functions.
@@ -415,6 +417,12 @@ WeeChat "core" is located in following directories:
|===
| Path/file | Description
| tests/ | Root of tests.
|    fuzz/ | Root of fuzz testing.
|       core/ | Root of fuzz testing for core.
|       calc-fuzzer.c | Fuzz testing: calculation of expressions.
|       crypto-fuzzer.c | Fuzz testing: cryptographic functions.
|       string-fuzzer.c | Fuzz testing: strings.
|       utf8-fuzzer.c | Fuzz testing: UTF-8.
|    unit/ | Root of unit tests.
|    tests.cpp | Program used to run all tests.
|    tests-record.cpp | Record and search in messages displayed.
+8
View File
@@ -92,6 +92,8 @@ Les répertoires principaux de WeeChat sont :
|       typing/ | Extension Typing.
|       xfer/ | Extension Xfer (IRC DCC fichier/discussion).
| tests/ | Tests.
|    fuzz/ | Fuzzing (tests à données aléatoires).
| core/ | Fuzzing pour les fonctions du cœur.
|    unit/ | Tests unitaires.
|       core/ | Tests unitaires pour les fonctions du cœur.
|       hook/ | Tests unitaires pour les fonctions hook.
@@ -416,6 +418,12 @@ Le cœur de WeeChat est situé dans les répertoires suivants :
|===
| Chemin/fichier | Description
| tests/ | Racine des tests.
|    fuzz/ | Racine du fuzzing (tests à données aléatoires).
|       core/ | Racine du fuzzing pour le cœur.
|       calc-fuzzer.c | Fuzzing: calcul d'expressions.
|       crypto-fuzzer.c | Fuzzing: fonctions cryptographiques.
|       string-fuzzer.c | Fuzzing: chaînes.
|       utf8-fuzzer.c | Fuzzing: UTF-8.
|    unit/ | Racine des tests unitaires.
|    tests.cpp | Programme utilisé pour lancer tous les tests.
|    tests-record.cpp | Enregistrement et recherche dans les messages affichés.
+16
View File
@@ -93,6 +93,10 @@ qweechat::
|       typing/ | typing プラグイン
|       xfer/ | xfer (IRC DCC ファイル/チャット)
| tests/ | テスト
// TRANSLATION MISSING
|    fuzz/ | Fuzz testing.
// TRANSLATION MISSING
| core/ | Fuzz testing for core functions.
|    unit/ | 単体テスト
|       core/ | コア関数の単体テスト
// TRANSLATION MISSING
@@ -456,6 +460,18 @@ WeeChat "core" は以下のディレクトリに配置されています:
|===
| パス/ファイル名 | 説明
| tests/ | テスト用のルートディレクトリ
// TRANSLATION MISSING
|    fuzz/ | Root of fuzz testing.
// TRANSLATION MISSING
|       core/ | Root of fuzz testing for core.
// TRANSLATION MISSING
|       calc-fuzzer.c | Fuzz testing: calculation of expressions.
// TRANSLATION MISSING
|       crypto-fuzzer.c | Fuzz testing: cryptographic functions.
// TRANSLATION MISSING
|       string-fuzzer.c | Fuzz testing: 文字列
// TRANSLATION MISSING
|       utf8-fuzzer.c | Fuzz testing: UTF-8.
|    unit/ | 単体テスト用のルートディレクトリ
|    tests.cpp | 全テストの実行時に使われるプログラム
// TRANSLATION MISSING
+16
View File
@@ -91,6 +91,10 @@ qweechat::
|       typing/ | Typing додатак.
|       xfer/ | Xfer додатак (IRC DCC фајл/разговор).
| tests/ | Тестови.
// TRANSLATION MISSING
|    fuzz/ | Fuzz testing.
// TRANSLATION MISSING
| core/ | Fuzz testing for core functions.
|    unit/ | Unit тестови.
|       core/ | Unit тестови за функције језгра.
// TRANSLATION MISSING
@@ -422,6 +426,18 @@ WeeChat „језгро” се налази у следећим директо
|===
| Путања/фајл | Опис
| tests/ | Корен тестова.
// TRANSLATION MISSING
|    fuzz/ | Root of fuzz testing.
// TRANSLATION MISSING
|       core/ | Root of fuzz testing for core.
// TRANSLATION MISSING
|       calc-fuzzer.c | Fuzz testing: калкулација израза.
// TRANSLATION MISSING
|       crypto-fuzzer.c | Fuzz testing: криптографске функције.
// TRANSLATION MISSING
|       string-fuzzer.c | Fuzz testing: стрингови.
// TRANSLATION MISSING
|       utf8-fuzzer.c | Fuzz testing: UTF-8.
|    unit/ | Корен unit тестова.
|    tests.cpp | Програм који се користи за извршавање свих тестова.
|    tests-record.cpp | Бележење и претрага у приказаним порукама.
+15 -2
View File
@@ -19,6 +19,19 @@
# along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
#
if(ENABLE_TESTS)
add_subdirectory(unit)
if(ENABLE_FUZZ)
add_subdirectory(fuzz)
endif()
if(ENABLE_TESTS)
find_package(CppUTest)
if(CPPUTEST_FOUND)
enable_testing()
add_subdirectory(unit)
else()
message(SEND_ERROR "CppUTest not found")
endif()
else()
enable_testing()
add_test(NAME notests COMMAND true)
endif()
File diff suppressed because it is too large Load Diff
+45
View File
@@ -0,0 +1,45 @@
/*
* SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This file is part of WeeChat, the extensible chat client.
*
* WeeChat is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* WeeChat is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
*/
/* Fuzz testing on WeeChat core calc functions */
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include "src/core/core-calc.h"
int
LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
{
char *str;
str = (char *)malloc (size + 1);
memcpy (str, data, size);
str[size] = '\0';
free (calc_expression (str));
free (str);
return 0;
}
+71
View File
@@ -0,0 +1,71 @@
/*
* SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This file is part of WeeChat, the extensible chat client.
*
* WeeChat is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* WeeChat is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
*/
/* Fuzz testing on WeeChat core crypto functions */
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include <assert.h>
#include <gcrypt.h>
#include "src/core/core-crypto.h"
extern char *weecrypto_hash_algo_string[];
extern int weecrypto_hash_algo[];
int
LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
{
char *str, hash[1024], *result;
int i, hash_size, key_size, salt_size;
str = (char *)malloc (size + 1);
memcpy (str, data, size);
str[size] = '\0';
key_size = (size > 8) ? 8 : size;
for (i = 0; weecrypto_hash_algo_string[i]; i++)
{
weecrypto_hash (data, size, weecrypto_hash_algo[i], hash, &hash_size);
weecrypto_hmac (data, key_size, data, size, weecrypto_hash_algo[i], hash, &hash_size);
}
salt_size = (size > 8) ? 8 : size;
weecrypto_hash_pbkdf2 (data, size, GCRY_MD_SHA1, data, salt_size, 100, hash, &hash_size);
weecrypto_hash_pbkdf2 (data, size, GCRY_MD_SHA256, data, salt_size, 100, hash, &hash_size);
weecrypto_hash_pbkdf2 (data, size, GCRY_MD_SHA512, data, salt_size, 100, hash, &hash_size);
result = weecrypto_totp_generate (str, 1746358623, 6);
if (result && result[0])
assert (weecrypto_totp_validate (str, 1746358623, 0, result));
free (result);
result = weecrypto_totp_generate (str, 1746358623, 12);
if (result && result[0])
assert (weecrypto_totp_validate (str, 1746358623, 0, result));
free (result);
free (str);
return 0;
}
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
+24
View File
@@ -0,0 +1,24 @@
# SPDX-FileCopyrightText: 2025 Sébastien Helleu <flashcode@flashtux.org>
#
# SPDX-License-Identifier: GPL-3.0-or-later
"0"
"1"
"2"
"3"
"4"
"5"
"6"
"7"
"8"
"9"
"."
"("
")"
"+"
"-"
"*"
"/"
"//"
"%"
"**"