libreoffice-online/fuzzer
Miklos Vajna c97e4e2720 admin: handle errors while decoding URLs
#9 0x7f1fb8b06ee7 in __cxa_throw (/usr/lib64/libstdc++.so.6+0xb7ee7) (BuildId: c74eca671e2dd0f063706372d103f8acef88f1e3)
    #10 0x7f1fb808645b in Poco::URI::decode(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool) (/usr/lib64/libPocoFoundation.so.92+0x15145b) (BuildId: 32601204eb877c998d0122c4bef1c7c08c8d0285)
    #11 0x55a887e4bb8b in Util::decodeURIComponent(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/vmiklos/git/collaboraonline/online-fuzz/common/Util.cpp:830:9
    #12 0x55a8874b7547 in AdminSocketHandler::handleMessage(std::vector<char, std::allocator<char>> const&) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/Admin.cpp:392:20

Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I87f358d218e8774d5c82f1fb12e2f56898e7581e
2024-01-16 21:36:43 +01:00
..
admin-data admin: handle errors while decoding URLs 2024-01-16 21:36:43 +01:00
data wsd, DocumentBroker: check for missing child process 2024-01-08 09:13:27 -05:00
httpecho-data
httpresponse-data
Admin.cpp
ClientSession.cpp
httpecho-fuzz.sh
HttpEcho.cpp Fix fuzzers build 2023-11-29 15:41:00 +00:00
HttpResponse.cpp
README

These fuzzers are meant to be built and executed inside lode.git's sanitizers
environment (currently enables both asan and ubsan).

online.git can be built the usual way, just the additional `--enable-fuzzers`
flag is needed to build the fuzzers. It is useful to do this in a separate
build tree, since the fuzzers config doesn't produce a `coolwsd` binary.

Run the fuzzers like this:

- Admin:

----
./admin_fuzzer -max_len=16384 fuzzer/admin-data/
----

- ClientSession:

----
./clientsession_fuzzer -max_len=16384 fuzzer/data/
----

- HttpResponse:

----
./httpresponse_fuzzer -max_len=16384 fuzzer/httpresponse-data/
----

- HttpEcho:

----
./httpecho_fuzzer -max_len=16384 fuzzer/httpecho-data/
OR, better:
./fuzzer/httpecho-fuzz.sh
----