AuroraMiddleware/fmtlegacy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Replace FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION with fmt-specific macro (#1650)

Browse Source 
Signed-off-by: Asra Ali <asraa@google.com>
This commit is contained in:
asraa 2020-04-29 12:12:43 -04:00 committed by GitHub
parent f2ed03b919
commit e2ff910675
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@ -308,6 +308,7 @@ endif ()
# Control fuzzing independent of the unit tests.
if (FMT_FUZZ)
add_subdirectory(test/fuzzing)
target_compile_definitions(fmt PUBLIC FMT_FUZZ)
endif ()
set(gitignore ${PROJECT_SOURCE_DIR}/.gitignore)

2
include/fmt/format-inl.h
View File

@ -1151,7 +1151,7 @@ int snprintf_float(T value, int precision, float_specs specs,
for (;;) {
auto begin = buf.data() + offset;
auto capacity = buf.capacity() - offset;
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#ifdef FMT_FUZZ
if (precision > 100000)
throw std::runtime_error(
"fuzz mode - avoid large allocation inside snprintf");

4
include/fmt/format.h
View File

@ -699,7 +699,7 @@ class basic_memory_buffer : public internal::buffer<T> {
template <typename T, std::size_t SIZE, typename Allocator>
void basic_memory_buffer<T, SIZE, Allocator>::grow(std::size_t size) {
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#ifdef FMT_FUZZ
if (size > 1000) throw std::runtime_error("fuzz mode - won't grow that much");
#endif
std::size_t old_capacity = this->capacity();
@ -1136,7 +1136,7 @@ template <typename Char> class float_writer {
*it++ = static_cast<Char>('0');
return it;
}
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#ifdef FMT_FUZZ
if (num_zeros > 1000)
throw std::runtime_error("fuzz mode - avoiding excessive cpu use");
#endif

2
src/format.cc
View File

@ -13,7 +13,7 @@ namespace internal {
template <typename T>
int format_float(char* buf, std::size_t size, const char* format, int precision,
T value) {
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#ifdef FMT_FUZZ
if (precision > 100000)
throw std::runtime_error(
"fuzz mode - avoid large allocation inside snprintf");

13
test/fuzzing/README.md
View File

@ -7,14 +7,19 @@ in fmt. It is a part of the continous fuzzing at
The source code is modified to make the fuzzing possible without locking up on
resource exhaustion:
```cpp
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#ifdef FMT_FUZZ
if(spec.precision>100000) {
throw std::runtime_error("fuzz mode - avoiding large precision");
}
#endif
```
This macro is the defacto standard for making fuzzing practically possible, see
[the libFuzzer documentation](https://llvm.org/docs/LibFuzzer.html#fuzzer-friendly-build-mode).
```
This macro `FMT_FUZZ` is enabled on OSS-Fuzz builds and makes fuzzing
practically possible. It is used in fmt code to prevent resource exhaustion in
fuzzing mode.
The macro `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION` is the
defacto standard for making fuzzing practically possible to disable certain
fuzzing-unfriendly features (for example, randomness), see [the libFuzzer
documentation](https://llvm.org/docs/LibFuzzer.html#fuzzer-friendly-build-mode).
## Running the fuzzers locally