libreoffice-online/fuzzer
Miklos Vajna f543a1da9d fuzzer: initialize client context of the ssl manager
clientsession_fuzzer: ./net/Ssl.hpp:114: static ssl::CertificateVerification ssl::Manager::getClientVerification(): Assertion `isClientContextInitialized() && "client context must be initialized"' failed.
    #8 0x55885edfdc36 in ssl::Manager::getClientVerification() /home/vmiklos/git/collaboraonline/online-fuzz/./net/Ssl.hpp:114:9
    #9 0x55885eded51b in ClientSession::loadDocument(char const*, int, StringVector const&, std::shared_ptr<DocumentBroker> const&) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/ClientSession.cpp:1276:13
    #10 0x55885edd3436 in ClientSession::_handleInput(char const*, int) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/ClientSession.cpp:686:16
    #11 0x55885f1fd1ca in Session::handleMessage(std::vector<char, std::allocator<char>> const&) /home/vmiklos/git/collaboraonline/online-fuzz/common/Session.cpp:288:13

Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: If7f346af0e6293bf042c9b211e4efe2dfedbd642
2024-07-08 15:34:51 +01:00
..
admin-data fuzzer: reject increasing the log level via update-log-levels 2024-06-26 22:16:08 +02:00
data fuzzer: initialize client context of the ssl manager 2024-07-08 15:34:51 +01:00
httpecho-data
httpresponse-data
Admin.cpp
ClientSession.cpp
Common.cpp fuzzer: initialize client context of the ssl manager 2024-07-08 15:34:51 +01:00
Common.hpp
httpecho-fuzz.sh
HttpEcho.cpp
HttpResponse.cpp
README

These fuzzers are meant to be built and executed inside lode.git's sanitizers
environment (currently enables both asan and ubsan).

online.git can be built the usual way, just the additional `--enable-fuzzers`
flag is needed to build the fuzzers. It is useful to do this in a separate
build tree, since the fuzzers config doesn't produce a `coolwsd` binary.

Run the fuzzers like this:

- Admin:

----
./admin_fuzzer -max_len=16384 fuzzer/admin-data/
----

- ClientSession:

----
./clientsession_fuzzer -max_len=16384 fuzzer/data/
----

- HttpResponse:

----
./httpresponse_fuzzer -max_len=16384 fuzzer/httpresponse-data/
----

- HttpEcho:

----
./httpecho_fuzzer -max_len=16384 fuzzer/httpecho-data/
OR, better:
./fuzzer/httpecho-fuzz.sh
----