src/fuzz/Makefile.am | 20 ++
src/fuzz/vdx.dict | 324 ++++++++++++++++++++++++++++++++++++
src/fuzz/vdxfuzzer.cpp | 27 +++
src/fuzz/vsdx.dict | 428 ++++++++++++++++++++++++++++++++++++++++++++++++
src/fuzz/vsdxfuzzer.cpp | 27 +++
5 files changed, 824 insertions(+), 2 deletions(-)
New commits:
commit 7700c5c7fddeb9ab9662fd52a6b18f81e74fa342
Author: David Tardon <dtar...@redhat.com>
Date: Mon Apr 17 10:11:52 2017 +0200
add vdx fuzzer
Change-Id: I036d1236fb500213847ae35133f61fe2d1a251b1
diff --git a/src/fuzz/Makefile.am b/src/fuzz/Makefile.am
index cdd1cba..da292df 100644
--- a/src/fuzz/Makefile.am
+++ b/src/fuzz/Makefile.am
@@ -1,4 +1,4 @@
-noinst_PROGRAMS = vsdfuzzer vsdxfuzzer
+noinst_PROGRAMS = vsdfuzzer vsdxfuzzer vdxfuzzer
AM_CXXFLAGS = -I$(top_srcdir)/inc \
$(REVENGE_GENERATORS_CFLAGS) \
@@ -23,5 +23,11 @@ vsdxfuzzer_LDADD = $(commonfuzzer_ldadd)
vsdxfuzzer_SOURCES = \
vsdxfuzzer.cpp
+vdxfuzzer_LDADD = $(commonfuzzer_ldadd)
+
+vdxfuzzer_SOURCES = \
+ vdxfuzzer.cpp
+
EXTRA_DIST = \
+ vdx.dict \
vsdx.dict
diff --git a/src/fuzz/vdx.dict b/src/fuzz/vdx.dict
new file mode 100644
index 0000000..34e16af
--- /dev/null
+++ b/src/fuzz/vdx.dict
@@ -0,0 +1,324 @@
+#
+# AFL dictionary for XML
+# ----------------------
+#
+# Several basic syntax elements and attributes, modeled on libxml2.
+#
+# Created by Michal Zalewski <lcam...@google.com>
+#
+
+attr_encoding=" encoding=\"1\""
+attr_generic=" a=\"1\""
+attr_href=" href=\"1\""
+attr_standalone=" standalone=\"no\""
+attr_version=" version=\"1\""
+attr_xml_base=" xml:base=\"1\""
+attr_xml_id=" xml:id=\"1\""
+attr_xml_lang=" xml:lang=\"1\""
+attr_xml_space=" xml:space=\"1\""
+attr_xmlns=" xmlns=\"1\""
+
+entity_builtin="<"
+entity_decimal=""
+entity_external="&a;"
+entity_hex=""
+
+# keywords
+"ANY"
+"ATTLIST"
+"CDATA"
+"DOCTYPE"
+"ELEMENT"
+"EMPTY"
+"ENTITIES"
+"ENTITY"
+"FIXED"
+"ID"
+"IDREF"
+"IDREFS"
+"IGNORE"
+"IMPLIED"
+"INCLUDE"
+"NDATA"
+"NMTOKEN"
+"NMTOKENS"
+"NOTATION"
+"PCDATA"
+"PUBLIC"
+"REQUIRED"
+"SYSTEM"
+
+# Various tag parts
+"<"
+">"
+"/>"
+"</"
+"<?"
+"?>"
+"<!"
+"!>"
+"[]"
+"]]"
+"<![CDATA["
+"<![CDATA[]]>"
+"\"\""
+"''"
+"=\"\""
+"=''"
+
+# DTD
+"<!ATTLIST"
+"<!DOCTYPE"
+"<!ELEMENT"
+"<!ENTITY"
+"<![IGNORE["
+"<![INCLUDE["
+"<!NOTATION"
+"#CDATA"
+"#FIXED"
+"#IMPLIED"
+"#PCDATA"
+"#REQUIRED"
+
+# Encodings
+"ISO-8859-1"
+"US-ASCII"
+"UTF-8"
+"UTF-16"
+"UTF-16BE"
+"UTF-16LE"
+
+# Namespaces and schemas
+"xmlns"
+"xmlns:"
+"xmlns:vx='http://schemas.microsoft.com/v isio/2006/extension'"
+"xmlns:v14='http://schemas.microsoft.com/office/visio/2010/extension'"
+"xmlns='http://schemas.microsoft.com/visio/2003/core'"
+
+string_col_fallback=":fallback"
+string_col_generic=":a"
+string_col_include=":include"
+string_dashes="--"
+string_parentheses="()"
+string_percent="%a"
+string_schema=":schema"
+string_ucs4="UCS-4"
+tag_close="</a>"
+tag_open="<a>"
+tag_open_close="<a />"
+
+# Namespace prefixes
+"v14"
+"v14:"
+"vx"
+"vx:"
+
+# Element names
+"A"
+"Alignment"
+"Angle"
+"ARAB"
+"ArcTo"
+"B"
+"BeginArrow"
+"BeginX"
+"BeginY"
+"BegTrigger"
+"BENG"
+"BottomMargin"
+"Bullet"
+"BulletFont"
+"BulletFontSize"
+"BulletStr"
+"C"
+"CANS"
+"Case"
+"Cell"
+"Char"
+"Character"
+"CHER"
+"Color"
+"ColorEntry"
+"Colors"
+"ColorSchemeIndex"
+"Company"
+"ConnectorSchemeIndex"
+"cp"
+"D"
+"DblUnderline"
+"DefaultTabStop"
+"DEVA"
+"DoubleStrikethrough"
+"DrawingScale"
+"E"
+"EffectSchemeIndex"
+"Ellipse"
+"EllipticalArcTo"
+"EmbellishmentIndex"
+"EndArrow"
+"EndTrigger"
+"EndX"
+"EndY"
+"ETHI"
+"FaceName"
+"FaceNames"
+"Fill"
+"FillBkgnd"
+"FillBkgndTrans"
+"FillForegnd"
+"FillForegndTrans"
+"FillPattern"
+"Flags"
+"FlipX"
+"FlipY"
+"Font"
+"FontScale"
+"FontSchemeIndex"
+"Foreign"
+"ForeignData"
+"Geom"
+"Geometry"
+"GEOR"
+"GUJR"
+"GURU"
+"HANG"
+"HANS"
+"HANT"
+"HEBR"
+"Height"
+"HideText"
+"Highlight"
+"HorzAlign"
+"ImgHeight"
+"ImgOffsetX"
+"ImgOffsetY"
+"ImgWidth"
+"IndFirst"
+"IndLeft"
+"IndRight"
+"InfiniteLine"
+"JPAN"
+"KHMR"
+"KNDA"
+"LAOO"
+"Layer"
+"LayerMem"
+"LayerMember"
+"Leader"
+"LeftMargin"
+"Line"
+"LineCap"
+"LineColor"
+"LinePattern"
+"LineTo"
+"LineWeight"
+"LocPinX"
+"LocPinY"
+"Master"
+"Masters"
+"Misc"
+"MLYM"
+"MONG"
+"MoveTo"
+"NoFill"
+"NoLine"
+"NoShow"
+"NURBSTo"
+"ORYA"
+"Overline"
+"Page"
+"PageHeight"
+"PageProps"
+"Pages"
+"PageScale"
+"PageSheet"
+"PageWidth"
+"Para"
+"Paragraph"
+"PinX"
+"PinY"
+"PolylineTo"
+"Pos"
+"Position"
+"pp"
+"Print"
+"Properties"
+"QuickStyleEffectsMatrix"
+"QuickStyleFillColor"
+"QuickStyleFillMatrix"
+"QuickStyleFontMatrix"
+"QuickStyleLineColor"
+"QuickStyleLineMatrix"
+"QuickStyleShadowColor"
+"QuickStyleType"
+"QuickStyleVariation"
+"Rel"
+"RelCubBezTo"
+"RelEllipticalArcTo"
+"RelLineTo"
+"RelMoveTo"
+"RelQuadBezTo"
+"ResizeMode"
+"RightMargin"
+"Rounding"
+"Row"
+"Section"
+"Shape"
+"Shapes"
+"ShapeShdwOffsetX"
+"ShapeShdwOffsetY"
+"ShdwBkgnd"
+"ShdwForegnd"
+"ShdwOffsetX"
+"ShdwOffsetY"
+"ShdwPattern"
+"SINH"
+"Size"
+"SolutionXML"
+"SpAfter"
+"SpBefore"
+"SpLine"
+"SplineKnot"
+"SplineStart"
+"Strikethru"
+"Style"
+"StyleSheet"
+"StyleSheets"
+"SYRC"
+"Tab"
+"Tabs"
+"TAML"
+"TELU"
+"Template"
+"Text"
+"TextBkgnd"
+"TextBkgndTrans"
+"TextBlock"
+"TextDirection"
+"TextPosAfterBullet"
+"TextXForm"
+"THAA"
+"THAI"
+"ThemeIndex"
+"TIBT"
+"TopMargin"
+"tp"
+"TxtAngle"
+"TxtHeight"
+"TxtLocPinX"
+"TxtLocPinY"
+"TxtPinX"
+"TxtPinY"
+"TxtWidth"
+"UIGH"
+"VariationColorIndex"
+"VariationStyleIndex"
+"VerticalAlign"
+"VIET"
+"Visible"
+"Width"
+"X"
+"XForm"
+"XForm1D"
+"Y"
+"YIII"
diff --git a/src/fuzz/vdxfuzzer.cpp b/src/fuzz/vdxfuzzer.cpp
new file mode 100644
index 0000000..f5b8f7e
--- /dev/null
+++ b/src/fuzz/vdxfuzzer.cpp
@@ -0,0 +1,27 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/*
+ * This file is part of the libvisio project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include <algorithm>
+#include <cstdint>
+
+#include <libvisio/libvisio.h>
+
+#include <librevenge-generators/librevenge-generators.h>
+
+#include <librevenge-stream/librevenge-stream.h>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+ librevenge::RVNGStringStream input(data, size);
+ librevenge::RVNGRawDrawingGenerator generator(true);
+ libvisio::VisioDocument::parse(&input, &generator);
+ return 0;
+}
+
+/* vim:set shiftwidth=2 softtabstop=2 expandtab: */
commit 945c773e1fba31201d6309cbcf479e5e6c07e2dc
Author: David Tardon <dtar...@redhat.com>
Date: Mon Apr 17 09:29:30 2017 +0200
add vsdx fuzzer
Change-Id: I44c46a519c3115abc10827bfd696de30a24fdcd0
diff --git a/src/fuzz/Makefile.am b/src/fuzz/Makefile.am
index 168b038..cdd1cba 100644
--- a/src/fuzz/Makefile.am
+++ b/src/fuzz/Makefile.am
@@ -1,4 +1,4 @@
-noinst_PROGRAMS = vsdfuzzer
+noinst_PROGRAMS = vsdfuzzer vsdxfuzzer
AM_CXXFLAGS = -I$(top_srcdir)/inc \
$(REVENGE_GENERATORS_CFLAGS) \
@@ -6,12 +6,22 @@ AM_CXXFLAGS = -I$(top_srcdir)/inc \
$(REVENGE_STREAM_CFLAGS) \
$(DEBUG_CXXFLAGS)
-vsdfuzzer_LDADD = \
+commonfuzzer_ldadd = \
$(top_builddir)/src/lib/libvisio-@VSD_MAJOR_VERSION@.@VSD_MINOR_VERSION@.la \
$(REVENGE_GENERATORS_LIBS) \
$(REVENGE_LIBS) \
$(REVENGE_STREAM_LIBS) \
-lFuzzingEngine
+vsdfuzzer_LDADD = $(commonfuzzer_ldadd)
+
vsdfuzzer_SOURCES = \
vsdfuzzer.cpp
+
+vsdxfuzzer_LDADD = $(commonfuzzer_ldadd)
+
+vsdxfuzzer_SOURCES = \
+ vsdxfuzzer.cpp
+
+EXTRA_DIST = \
+ vsdx.dict
diff --git a/src/fuzz/vsdx.dict b/src/fuzz/vsdx.dict
new file mode 100644
index 0000000..3237d4b
--- /dev/null
+++ b/src/fuzz/vsdx.dict
@@ -0,0 +1,428 @@
+#
+# AFL dictionary for XML
+# ----------------------
+#
+# Several basic syntax elements and attributes, modeled on libxml2.
+#
+# Created by Michal Zalewski <lcam...@google.com>
+#
+
+attr_encoding=" encoding=\"1\""
+attr_generic=" a=\"1\""
+attr_href=" href=\"1\""
+attr_standalone=" standalone=\"no\""
+attr_version=" version=\"1\""
+attr_xml_base=" xml:base=\"1\""
+attr_xml_id=" xml:id=\"1\""
+attr_xml_lang=" xml:lang=\"1\""
+attr_xml_space=" xml:space=\"1\""
+attr_xmlns=" xmlns=\"1\""
+
+entity_builtin="<"
+entity_decimal=""
+entity_external="&a;"
+entity_hex=""
+
+# keywords
+"ANY"
+"ATTLIST"
+"CDATA"
+"DOCTYPE"
+"ELEMENT"
+"EMPTY"
+"ENTITIES"
+"ENTITY"
+"FIXED"
+"ID"
+"IDREF"
+"IDREFS"
+"IGNORE"
+"IMPLIED"
+"INCLUDE"
+"NDATA"
+"NMTOKEN"
+"NMTOKENS"
+"NOTATION"
+"PCDATA"
+"PUBLIC"
+"REQUIRED"
+"SYSTEM"
+
+# Various tag parts
+"<"
+">"
+"/>"
+"</"
+"<?"
+"?>"
+"<!"
+"!>"
+"[]"
+"]]"
+"<![CDATA["
+"<![CDATA[]]>"
+"\"\""
+"''"
+"=\"\""
+"=''"
+
+# DTD
+"<!ATTLIST"
+"<!DOCTYPE"
+"<!ELEMENT"
+"<!ENTITY"
+"<