def main():
atheris.Setup(sys.argv, TestInput, enable_python_coverage=False)
atheris.instrument_all()
atheris.Fuzz()
"""
Fuzzes the lxml.etree.XML function with the Atheris fuzzer.
The goal is to catch unhandled exceptions and potential
memory corruption issues in auto-generated code.
"""
import atheris
import sys
from lxml import etree
def test_etree_xml(data):
fdp = atheris.FuzzedDataProvider(data)
try:
etree.XML(fdp.ConsumeUnicode(sys.maxsize))
except etree.XMLSyntaxError:
pass
return
if __name__ == "__main__":
atheris.Setup(sys.argv, test_etree_xml, enable_python_coverage=True)
atheris.Fuzz()
import sys
# This tells Atheris to instrument all functions in the `struct` and
# `example_library` modules.
with atheris.instrument_imports():
import struct
import example_library
@atheris.instrument_func # Instrument the TestOneInput function itself
def TestOneInput(data):
"""The entry point for our fuzzer.
This is a callback that will be repeatedly invoked with different arguments
after Fuzz() is called.
We translate the arbitrary byte string into a format our function being fuzzed
can understand, then call it.
Args:
data: Bytestring coming from the fuzzing engine.
"""
if len(data) != 4:
return # Input must be 4 byte integer.
number, = struct.unpack('<I', data)
example_library.CodeBeingFuzzed(number)
atheris.Setup(sys.argv, TestOneInput)
atheris.Fuzz()
test.test_get_the_levels(events, meter, speac_settings)
except Exception as get_the_levels_exception:
print("\n")
for i in range(1, 50):
print(emoji.emojize(":tired_face:"), end="")
print("\nERROR!!! Data aren't equal:\nPython and LISP input = ",
events)
variables = [
"*METER*", "*BEAT*", "*CADENCE-MINIMUM*", "*INTERVALS-OFF*",
"*MEASURES*", "*THRESHOLD*", "*PATTERN-SIZE*", "*AMOUNT-OFF*",
"*MATCHING-LINE*"
]
for variable in variables:
print("Lisp variable " + variable.upper() + " = ",
lisp.eval(cl4py.Symbol(variable.upper())))
for i in range(1, 50):
print(emoji.emojize(":tired_face:"), end="")
print("\n")
raise get_the_levels_exception
if __name__ == '__main__':
load_files()
atheris.Setup(sys.argv,
start_testing,
enable_python_coverage=True,
enable_python_opcode_coverage=True)
atheris.Fuzz()
def main():
"""Fuzz target with atheris."""
atheris.Setup(sys.argv, TestOneInput)
atheris.Fuzz()
def test_random_curve_fuzzing(self):
args = sys.argv
args.append("-runs=10000")
atheris.Setup(args, self.__setup_input_random_curve)
atheris.Fuzz()
def main():
fuzzers.enable_decompressionbomb_error()
atheris.Setup(sys.argv, TestOneInput)
atheris.Fuzz()
fuzzers.disable_decompressionbomb_error()
):
# This is a bug - if it's valid Python code, as above, Black should be
# able to cope with it. See issue #1012.
# TODO: remove this block when the issue is resolved.
return
raise
# And check that we got equivalent and stable output.
black.assert_equivalent(src_contents, dst_contents)
black.assert_stable(src_contents, dst_contents, mode=mode)
# Future test: check that pure-python and mypyc versions of black
# give identical output for identical input?
if __name__ == '__main__':
# Run tests, including shrinking and reporting any known failures.
test_idempotent_any_syntatically_valid_python()
# If Atheris is available, run coverage-guided fuzzing.
# (if you want only bounded fuzzing, just use `pytest fuzz.py`)
try:
import sys
import atheris
except ImportError:
pass
else:
test = test_idempotent_any_syntatically_valid_python
atheris.Setup(sys.argv, test.hypothesis.fuzz_one_input)
atheris.Fuzz()
def main():
atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
loop = asyncio.get_event_loop()
asyncio.set_event_loop(loop)
atheris.Fuzz()
def main():
atheris.instrument_all()
atheris.Setup(sys.argv, TestOneInput)
atheris.Fuzz()
st.integers(min_value=-(2**63), max_value=2**63 - 1),
st.floats(allow_nan=False, allow_infinity=False),
st.text(),
)
JSON_OBJECTS = st.recursive(
base=JSON_ATOMS,
extend=lambda inner: st.lists(inner) | st.dictionaries(st.text(), inner),
)
UJSON_ENCODE_KWARGS = {
"ensure_ascii": st.booleans(),
"encode_html_chars": st.booleans(),
"escape_forward_slashes": st.booleans(),
"sort_keys": st.booleans(),
"indent": st.integers(0, 20),
}
@given(obj=JSON_OBJECTS, kwargs=st.fixed_dictionaries(UJSON_ENCODE_KWARGS))
def test_ujson_roundtrip(obj, kwargs):
"""Check that all JSON objects round-trip regardless of other options."""
assert obj == ujson.decode(ujson.encode(obj, **kwargs))
if __name__ == "__main__":
# Running `pytest hypothesis_structured_fuzzer.py` will replay, deduplicate,
# and minimize any failures discovered by earlier runs or by OSS-Fuzz, or
# briefly search for new failures if none are known.
# Or, when running via OSS-Fuzz, we'll execute it via the fuzzing hook:
atheris.Setup(sys.argv, test_ujson_roundtrip.hypothesis.fuzz_one_input)
atheris.Fuzz()
def main():
logging.disable(logging.CRITICAL)
warnings.filterwarnings('ignore')
atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
atheris.Fuzz()
def test_prime_generator_fuzzing(self):
args = sys.argv
args.append("-runs=100")
atheris.Setup(args, self.__setup_input_prime_generator)
atheris.Fuzz()
def main():
atheris.Setup(sys.argv, TestOneInput)
atheris.Fuzz()
JSON_OBJECTS = st.recursive(
base=JSON_ATOMS,
extend=lambda inner: st.lists(inner) | st.dictionaries(st.text(), inner),
)
UJSON_ENCODE_KWARGS = {
"ensure_ascii": st.booleans(),
"encode_html_chars": st.booleans(),
"escape_forward_slashes": st.booleans(),
"sort_keys": st.booleans(),
"indent": st.integers(0, 20),
}
@given(obj=JSON_OBJECTS, kwargs=st.fixed_dictionaries(UJSON_ENCODE_KWARGS))
@atheris.instrument_func
def test_ujson_roundtrip(obj, kwargs):
"""Check that all JSON objects round-trip regardless of other options."""
assert obj == ujson.decode(ujson.encode(obj, **kwargs))
if __name__ == "__main__":
# Running `pytest hypothesis_structured_fuzzer.py` will replay, deduplicate,
# and minimize any failures discovered by earlier runs or by OSS-Fuzz, or
# briefly search for new failures if none are known.
# Or, when running via OSS-Fuzz, we'll execute it via the fuzzing hook:
atheris.Setup(
sys.argv,
atheris.instrument_func(
test_ujson_roundtrip.hypothesis.fuzz_one_input))
atheris.Fuzz()
@given(
obj=st.binary(min_size=10, max_size=10 << 10),
volume=st.integers(min_value=5, max_value=1 << 10),
wblock=st.integers(min_value=5, max_value=5 << 9),
rblock=st.integers(min_value=5, max_value=5 << 9),
)
def test_fuzzer_block(obj, volume, wblock, rblock, basepath):
target = numbered_tempdir(basepath, "test_fuzzer", "block").joinpath("target.bin")
src = io.BytesIO(obj)
result = b""
with MV.open(target, mode="wb", volume=volume) as f:
data = src.read(wblock)
while len(data) > 0:
f.write(data)
data = src.read(wblock)
with MV.open(target, mode="rb") as f:
data = f.read(rblock)
while len(data) > 0:
result += data
data = f.read(rblock)
assert result == obj
if __name__ == "__main__":
import atheris # type: ignore # noqa
atheris.Setup(sys.argv, test_fuzzer_block.hypothesis.fuzz_one_input)
atheris.Fuzz()
def test_point_arithmetic_affine_fuzzing(self):
args = sys.argv
args.append("-runs=10000")
atheris.Setup(args, self.__setup_input_arithmetic_affine)
atheris.Fuzz()
def main(): atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) atheris.Fuzz()
def main(): # Since everything interesting in this fuzzer is in native code, we can # disable Python coverage to improve performance and reduce coverage noise. atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=False) atheris.Fuzz()