Commit Graph

47 Commits

Author SHA1 Message Date
Robert Löhning
88dda89329 Fuzzing: Add fuzzer for QJsonDocument::fromJson
Task-number: QTBUG-99799
Change-Id: If997b661da2fce04b84f94b9e66de19c9946a914
Reviewed-by: Sona Kurazyan <sona.kurazyan@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2022-01-17 09:46:40 +01:00
Robert Löhning
90f0d522bf Fuzzing: Don't explicitly restrict sizes before loading images
Since Qt 6.0, QImageIOHandlers by default take care of this themselves
by not allocating more than 128 MiB for an image.

This change will not significantly reduce code coverage of the fuzzer
because QImage::loadFromData() calls QImageReader::read() which does
everything QImageReader::size() does except for returning the read size
in the end. On the other hand, it will speed up the execution because
the same image will not be read twice by different QImageReaders anymore.

Change-Id: Iab63d9e5ec02fbe5765fbf7ccb0b82896ec37692
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
2022-01-12 22:10:01 +00:00
Kai Köhne
9ca7429dff Tests: Use REQUIRED COMPONENTS in find_package(Qt6...)
Make sure configure fails early if a component cannot be found.

Task-number: QTBUG-98867
Pick-to: 6.2 6.3
Change-Id: I4baa35a84342df58ce8932601fb602be92ed5ab9
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
2021-12-13 14:16:26 +00:00
Alexandru Croitor
0da123d67b CMake: Bump almost all cmake_minimum_required calls to 3.16
Needed for subsequent change that will check and error out if the
version is lower than 3.16. We do that to ensure all policies
introduced by CMake up to version 3.16 have their behavior set to
NEW.

Pick-to: 6.2
Task-number: QTBUG-95018
Change-Id: Ieaf82c10987dd797d86a3fd4a986a67e72de486a
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
2021-09-22 19:36:49 +02:00
Robert Löhning
d54d91c0ad Fuzzing: Discard more logging output from QSslCertificate
When linked to OpenSSL, qt.tlsbackend.ossl will log.

Change-Id: I6f0e3c3e6af73b29cff93b8efe39933e5b36d493
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2021-08-30 22:05:49 +02:00
Robert Löhning
8694104809 Fuzzing: Remove .pro-files of libfuzzer tests
They were replaced by CMake files and oss-fuzz was updated to use the
latter. No need to still maintain qmake based builds.

Change-Id: If38f39c23ef3a58c33c428341486b62fd0a81888
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
2021-08-24 22:04:38 +02:00
Joerg Bornemann
0e92ec9728 Remove dysfunctional -coverage configure argument
The -coverage argument merely added compiler flags for the Qt build.  It
was never properly ported to the CMake build, and it doesn't seem
feasible to have configure arguments for every possible compiler option.

The same can be achieved by passing the needed compiler option to CMake,
for example: CMAKE_CXX_FLAGS=-fsanitize-coverage=trace-pc-guard

Pick-to: 6.2
Fixes: QTBUG-86227
Change-Id: Ieef9acaedc0a839f9fb35b4403395eea28643864
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
2021-08-10 12:00:13 +02:00
Robert Löhning
129b0a8d34 Fuzzing: Guide the compiler to the right ctor of QCalendar
Change-Id: I4e828f6ce33636eaef4f51e94e0879d735736ef1
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2021-07-26 18:37:12 +02:00
Robert Löhning
a7fa9db9b1 fuzzing: Add instructions how to reproduce issues from oss-fuzz
Change-Id: I278516f527990b3c4477436a82695e68b5f6a713
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
2021-06-16 22:53:36 +00:00
Robert Löhning
82499a6a28 Fuzzing: Discard logging output from QSslCertificate
It's pointless in a fuzzer and slows down execution.

Change-Id: I0d36ed8814cf8fb332c196ea7e24eae8ee4d3c6e
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
2021-05-31 17:11:05 +02:00
Robert Löhning
75cdbb85ea Fuzzing: Discard logging output from QTextDocument
It's pointless in a fuzzer and slows down execution.

Change-Id: I160d7fd761118f9eba9b98fc024aef293e021845
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
2021-05-31 17:10:58 +02:00
Robert Löhning
8b691ce245 Fuzzing: Add CMake project files for fuzz targets
Change-Id: Ied44bfd2c83d5590066146187a7333b677ceb179
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
2021-05-31 16:44:06 +02:00
Robert Löhning
7acce0c525 Fuzzing: Test different calendar systems
Change-Id: I61be9f09d4299674e9cf9daf1d4dbbf90f3d2d2d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2021-04-26 17:51:38 +02:00
Robert Löhning
c62a193ca3 Fuzzing: Simplify figuring out the failing datetime format
Task-number: QTBUG-92275
Change-Id: I732e72e614163b536c3fa9187011c57fea639b92
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2021-04-12 19:08:07 +02:00
Robert Loehning
379799b10d Fuzzing: Provide link to oss-fuzz
Change-Id: Iac77faac8bd901504073b1aacd067a42e349eca3
Pick-to: 5.15 6.0
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2020-12-11 13:45:25 +00:00
Edward Welbourne
28e4a8421c Fuzzing: Add a test for QDateTime::fromString
This patch adds a basic fuzzing test for
QDateTime::fromString.

Task-number: QTBUG-87104
Pick-to: 5.15
Change-Id: Icc51386f06f6d4d2a4495734f7fa45de80c6e065
Reviewed-by: Robert Loehning <robert.loehning@qt.io>
2020-11-19 12:28:45 +01:00
Alexandru Croitor
403213240c CMake: Regenerate projects to use new qt_internal_ API
Modify special case locations to use the new API as well.
Clean up some stale .prev files that are not needed anymore.
Clean up some project files that are not used anymore.

Task-number: QTBUG-86815
Change-Id: I9947da921f98686023c6bb053dfcc101851276b5
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
2020-09-23 16:59:06 +02:00
Lars Schmertmann
6ce2f3f26b Add ; to Q_UNUSED
This is required to remove the ; from the macro with Qt 6.

Task-number: QTBUG-82978
Change-Id: I3f0b6717956ca8fa486bed9817b89dfa19f5e0e1
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
2020-07-07 11:51:48 +02:00
Robert Loehning
873c099788 Fuzzing: Add fuzz target for QCryptographicHash::result
Pick-to: 5.15
Change-Id: Ifc12358dd8cb932fe62c13975554d753a4f1afd9
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2020-06-26 14:41:42 +02:00
Robert Loehning
96065b7227 Fuzzing: Test svg images
Pick-to: 5.15
Change-Id: I1467d07eaaa1233417cd3a18fd65ec3322181984
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
2020-06-19 19:16:28 +02:00
Robert Loehning
927a82f5e0 Fuzzing: Don't try to load huge valid images
They are justified in using huge memory.

Pick-to: 5.15
Change-Id: Id16d2ea67cfac0e031d05258173391e222b41097
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
2020-06-15 09:31:56 +00:00
Robert Loehning
4c9acd103b Fuzzing: Add fuzz target for QImage::loadFromData
Pick-to: 5.15
Change-Id: Ie67eb9be80fe42d463c566c728c73c9c92c2081b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
2020-05-19 23:18:16 +02:00
Qt Forward Merge Bot
efd7757154 Merge remote-tracking branch 'origin/5.15' into dev
Conflicts:
	src/widgets/widgets/qabstractbutton.cpp
	src/widgets/widgets/qbuttongroup.cpp
	src/widgets/widgets/qbuttongroup.h
	src/widgets/widgets/qsplashscreen.cpp
	tests/auto/widgets/widgets/qbuttongroup/tst_qbuttongroup.cpp
        tests/benchmarks/opengl/main.cpp

  Needed update:
	src/plugins/platforms/cocoa/CMakeLists.txt

Change-Id: I7be4baebb63844ec2b3e0de859ca9de1bc730bb5
2020-04-22 15:28:01 +02:00
Robert Loehning
33b1662f16 Fuzzing: Add fuzz target for QCborStreamReader::next
Change-Id: I8e7d90d89b66395370809935b1cb5bf144bded49
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2020-04-16 21:12:00 +02:00
Robert Loehning
5e3b32b608 Fuzzing: Add fuzz target for QTextStream's extraction operator
Change-Id: Ia5fa2e36f5439ebcc323d6d18c33c2dd58404aba
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
2020-04-14 23:39:36 +02:00
Qt Forward Merge Bot
8823bb8d30 Merge remote-tracking branch 'origin/5.15' into dev
Conflicts:
	examples/opengl/doc/src/cube.qdoc
	src/corelib/global/qlibraryinfo.cpp
	src/corelib/text/qbytearray_p.h
	src/corelib/text/qlocale_data_p.h
	src/corelib/time/qhijricalendar_data_p.h
	src/corelib/time/qjalalicalendar_data_p.h
	src/corelib/time/qromancalendar_data_p.h
	src/network/ssl/qsslcertificate.h
	src/widgets/doc/src/graphicsview.qdoc
	src/widgets/widgets/qcombobox.cpp
	src/widgets/widgets/qcombobox.h
	tests/auto/corelib/tools/qscopeguard/tst_qscopeguard.cpp
	tests/auto/widgets/widgets/qcombobox/tst_qcombobox.cpp
	tests/benchmarks/corelib/io/qdiriterator/qdiriterator.pro
	tests/manual/diaglib/debugproxystyle.cpp
	tests/manual/diaglib/qwidgetdump.cpp
	tests/manual/diaglib/qwindowdump.cpp
	tests/manual/diaglib/textdump.cpp
	util/locale_database/cldr2qlocalexml.py
	util/locale_database/qlocalexml.py
	util/locale_database/qlocalexml2cpp.py

Resolution of util/locale_database/ are based on:
https://codereview.qt-project.org/c/qt/qtbase/+/294250
and src/corelib/{text,time}/*_data_p.h were then regenerated by
running those scripts.

Updated CMakeLists.txt in each of
	tests/auto/corelib/serialization/qcborstreamreader/
	tests/auto/corelib/serialization/qcborvalue/
	tests/auto/gui/kernel/
and generated new ones in each of
	tests/auto/gui/kernel/qaddpostroutine/
	tests/auto/gui/kernel/qhighdpiscaling/
	tests/libfuzzer/corelib/text/qregularexpression/optimize/
	tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/
	tests/libfuzzer/gui/text/qtextdocument/sethtml/
	tests/libfuzzer/gui/text/qtextdocument/setmarkdown/
	tests/libfuzzer/gui/text/qtextlayout/beginlayout/
by running util/cmake/pro2cmake.py on their changed .pro files.

Changed target name in
	tests/auto/gui/kernel/qaction/qaction.pro
	tests/auto/gui/kernel/qaction/qactiongroup.pro
	tests/auto/gui/kernel/qshortcut/qshortcut.pro
to ensure unique target names for CMake

Changed tst_QComboBox::currentIndex to not test the
currentIndexChanged(QString), as that one does not exist in Qt 6
anymore.

Change-Id: I9a85705484855ae1dc874a81f49d27a50b0dcff7
2020-04-08 20:11:39 +02:00
Robert Loehning
f5a58cccc2 Fuzzing: ignore logging output from QColorSpace
Change-Id: Ica549be24c8873854934f4ba24f2b3f7cb077e25
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
2020-03-30 19:05:33 +01:00
Robert Loehning
cd57dae62f Fuzzing: Add QGuiApplication to gui fuzz targets
Change-Id: I3713701f63d9d8938fbb42ad1ae2f0c4ae813e94
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
2020-03-30 19:05:22 +01:00
Robert Loehning
2b91374261 Fuzzing: Add fuzz target for QRegularExpression::optimize
Change-Id: I693af83caed60cdffc83af368a15567d72524844
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
2020-03-25 20:07:04 +01:00
Robert Loehning
9133bdcf26 Fuzzing: Add fuzz target for ctor of QSslCertificate
Change-Id: I483f17e7cb6108e5096cf57594183a206f605fbc
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2020-03-13 14:51:02 +01:00
Robert Loehning
cb1145fb26 Fuzzing: Add fuzz target for QCborValue::fromCbor
Change-Id: I59fbab99849a23c553520db33d6c7182dc7b114d
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
2020-02-27 19:36:30 +01:00
Robert Loehning
a2206b74ae Fuzzing: Follow style of having lower case names
Change-Id: If33d9cf67fa13aa6a813b1f545c19dabe2fbb59d
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2020-02-13 22:24:03 +01:00
Robert Loehning
5e66ea373a Fuzzing: Move fuzz target to match path of tested code
Change-Id: I3e96f5ba89e9126ff8626f0e98397ad996fb1cd3
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
2020-01-07 21:15:09 +01:00
Robert Loehning
1f87fb359f Fuzzing: Allow linking to other fuzzing engines
oss-fuzz sets the environment variable LIB_FUZZING_ENGINE
to link with AFL or libFuzzer. If this variable is not set,
libFuzzer will be used as before, only that the right qmake
variable will be used for doing so.

Change-Id: If9fe7739a8d2d4a76f4633a75cad3d2e935f3b61
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
2020-01-03 18:05:08 +01:00
Qt Forward Merge Bot
a5e4a67e8b Merge remote-tracking branch 'origin/5.14' into 5.15
Change-Id: I1c68f2f6bc35d344c60a1898b68bf2ca79e54a9d
2019-11-23 01:00:23 +01:00
Robert Loehning
924887965c Fuzzing: Update location of testcases in Readme
At the time of writing, they were still planned to be in qtbase.

Change-Id: I27cba2bbd176d930990270ea68f077ec6e0a2d5b
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
2019-11-21 13:41:18 +01:00
Qt Forward Merge Bot
adc7bbe910 Merge remote-tracking branch 'origin/5.14' into 5.15
Conflicts:
	src/gui/rhi/qshader.cpp
	tests/auto/corelib/time/qtimezone/tst_qtimezone.cpp

Change-Id: I1c4ae718eb3592a0a0a90af9d11553f3ab68cad5
2019-11-15 16:29:40 +01:00
Robert Loehning
6e42ed217c configure: Add sanitizer "fuzzer-no-link"
Adds instrumentation for fuzzing to the binaries but links to the usual
main function instead of a fuzzer's. The similar sanitizer "fuzzer"
should then be used only for building the test itself.

Requires clang 6 or higher.

Change-Id: I24ee1f018b0b97f2977dc86fbdc29a164d7c4e01
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2019-11-14 15:45:02 +01:00
Robert Loehning
6961d46b6e Fuzzing: Add comment how to recude noise in iccparser's fuzzer
With logging enabled, all the output will slow down
execution and fill up your hard disc in about a day.

Task-number: QTBUG-79050
Change-Id: I5dcac2f349f7dbe471a5e6dd7006b89d312aeeaf
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
2019-11-13 12:37:44 +02:00
Robert Loehning
d6734e8ab7 Fuzzing: Don't copy input data to QByteArray
Change-Id: I603413805dca46a85709c2ab6ff573687849572e
Reviewed-by: Albert Astals Cid <albert.astals.cid@kdab.com>
2019-10-09 17:16:09 +02:00
Robert Loehning
af8f3c5da4 Add libfuzzer test for QTextLayout::beginLayout()
Task-number: QTBUG-77819
Change-Id: I34e9cbaa615896222bcf947012cfed9f6c3186c7
Reviewed-by: Rainer Keller <Rainer.Keller@qt.io>
2019-10-07 15:40:34 +02:00
Robert Loehning
de182ea0be Add libfuzzer test for QTextDocument::setMarkdown()
Change-Id: I729d4a3bb276523011a6f17a800e72aa34540e47
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
2019-10-04 14:47:59 +02:00
Allan Sandfeld Jensen
a2c1109152 Harden ICC parser
Add missing implicit size checks of tags by passing the already checked
explicitly given size forward.

Also adds my fuzzing test for the ICC parser as it is security critical,
by being used by multiple image formats.

Change-Id: Ieb632ccb78f9b445a276959ffbd66fa04a7a5b45
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
2019-07-31 21:47:04 +02:00
Robert Loehning
3bee5a470a Fix typos in readme
Change-Id: Ifecb1bac475512241de9bcf195955409bb3adaff
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
2019-07-11 14:17:08 +02:00
Robert Loehning
eb25acc05b Improve project files of libfuzzer tests
Change-Id: I7977beb1bbc142326a3cc48435b91ec7293e2cff
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2019-03-13 11:18:40 +00:00
Robert Loehning
866112973d Add libfuzzer test for QTextDocument::setHtml()
Change-Id: I88d634841906cdf7994ea05d80caf586c2dec02a
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
2019-01-24 18:21:19 +00:00
Robert Loehning
1422a66458 Add libfuzzer test for QXmlStreamReader::readNext()
Change-Id: I8a15057954dbb09200bcef8a89a8008e0e9fad9c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
2019-01-24 18:21:10 +00:00