Skip to content

Commit 538d93d

Browse files
AdamKorczAdamKorcz
committed
Fuzzing: Add 4 fuzzers
Signed-off-by: AdamKorcz <[email protected]>
1 parent 7d4c95f commit 538d93d

5 files changed

Lines changed: 112 additions & 6 deletions

File tree

contrib/fuzz/cap_fuzzer.go

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
// +build gofuzz
2+
3+
/*
4+
Copyright The containerd Authors.
5+
Licensed under the Apache License, Version 2.0 (the "License");
6+
you may not use this file except in compliance with the License.
7+
You may obtain a copy of the License at
8+
http://www.apache.org/licenses/LICENSE-2.0
9+
Unless required by applicable law or agreed to in writing, software
10+
distributed under the License is distributed on an "AS IS" BASIS,
11+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
See the License for the specific language governing permissions and
13+
limitations under the License.
14+
*/
15+
16+
package fuzz
17+
18+
import (
19+
"bytes"
20+
21+
"github.com/containerd/containerd/pkg/cap"
22+
)
23+
24+
func FuzzParseProcPIDStatus(data []byte) int {
25+
_, _ = cap.ParseProcPIDStatus(bytes.NewReader(data))
26+
return 1
27+
}

contrib/fuzz/content_fuzzer.go

Lines changed: 33 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@ import (
3232

3333
"github.com/containerd/containerd/content"
3434
"github.com/containerd/containerd/content/local"
35+
"github.com/containerd/containerd/images/archive"
3536
)
3637

3738
// checkBlobPath performs some basic validation
@@ -87,8 +88,7 @@ func populateBlobStore(ctx context.Context, cs content.Store, f *fuzz.ConsumeFuz
8788
}
8889

8990
for dgst, p := range blobs {
90-
d, err := checkWrite(ctx, cs, dgst, p)
91-
_ = d
91+
_, err := checkWrite(ctx, cs, dgst, p)
9292
if err != nil {
9393
return blobs, err
9494
}
@@ -112,7 +112,6 @@ func FuzzCSWalk(data []byte) int {
112112

113113
f := fuzz.NewConsumer(data)
114114
blobs, err := populateBlobStore(ctx, cs, f)
115-
_ = blobs
116115
if err != nil {
117116
return 0
118117
}
@@ -136,3 +135,34 @@ func FuzzCSWalk(data []byte) int {
136135
}
137136
return 1
138137
}
138+
139+
func FuzzArchiveExport(data []byte) int {
140+
f := fuzz.NewConsumer(data)
141+
manifest := ocispec.Descriptor{}
142+
err := f.GenerateStruct(&manifest)
143+
if err != nil {
144+
return 0
145+
}
146+
ctx := context.Background()
147+
tmpdir, err := ioutil.TempDir("", "fuzzing-")
148+
if err != nil {
149+
return 0
150+
}
151+
defer os.RemoveAll(tmpdir)
152+
cs, err := local.NewStore(tmpdir)
153+
if err != nil {
154+
return 0
155+
}
156+
_, err = populateBlobStore(ctx, cs, f)
157+
if err != nil {
158+
return 0
159+
}
160+
w, err := os.Create("fuzz-output-file")
161+
if err != nil {
162+
return 0
163+
}
164+
defer w.Close()
165+
defer os.Remove("fuzz-output-file")
166+
_ = archive.Export(ctx, cs, w, archive.WithManifest(manifest, "name"))
167+
return 1
168+
}

contrib/fuzz/cri_fuzzer.go

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
// +build gofuzz
2+
3+
/*
4+
Copyright The containerd Authors.
5+
Licensed under the Apache License, Version 2.0 (the "License");
6+
you may not use this file except in compliance with the License.
7+
You may obtain a copy of the License at
8+
http://www.apache.org/licenses/LICENSE-2.0
9+
Unless required by applicable law or agreed to in writing, software
10+
distributed under the License is distributed on an "AS IS" BASIS,
11+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
See the License for the specific language governing permissions and
13+
limitations under the License.
14+
*/
15+
16+
package fuzz
17+
18+
import (
19+
fuzz "github.com/AdaLogics/go-fuzz-headers"
20+
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
21+
22+
"github.com/containerd/containerd/pkg/cri/server"
23+
)
24+
25+
func FuzzParseAuth(data []byte) int {
26+
f := fuzz.NewConsumer(data)
27+
auth := &runtime.AuthConfig{}
28+
err := f.GenerateStruct(auth)
29+
if err != nil {
30+
return 0
31+
}
32+
host, err := f.GetString()
33+
if err != nil {
34+
return 0
35+
}
36+
_, _, _ = server.ParseAuth(auth, host)
37+
return 1
38+
}

contrib/fuzz/docker_fuzzer.go

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@ import (
2929
"net/http"
3030
"net/http/httptest"
3131
"net/url"
32+
33+
refDocker "github.com/containerd/containerd/reference/docker"
3234
)
3335

3436
func FuzzFetcher(data []byte) int {
@@ -76,3 +78,8 @@ func FuzzFetcher(data []byte) int {
7678
}
7779
return 1
7880
}
81+
82+
func FuzzParseDockerRef(data []byte) int {
83+
_, _ = refDocker.ParseDockerRef(string(data))
84+
return 1
85+
}

contrib/fuzz/oss_fuzz_build.sh

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -28,11 +28,15 @@ mv contrib/fuzz/container_fuzzer.go integration/client/
2828

2929

3030
compile_go_fuzzer github.com/containerd/containerd/remotes/docker FuzzFetcher fuzz_fetcher
31+
compile_go_fuzzer github.com/containerd/containerd/remotes/docker FuzzParseDockerRef fuzz_parse_docker_ref
3132
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzFiltersParse fuzz_filters_parse
3233
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzPlatformsParse fuzz_platforms_parse
3334
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzApply fuzz_apply
3435
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzImportIndex fuzz_import_index
3536
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzCSWalk fuzz_cs_walk
37+
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzArchiveExport fuzz_archive_export
38+
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzParseAuth fuzz_parse_auth
39+
compile_go_fuzzer github.com/containerd/containerd/contrib/fuzz FuzzParseProcPIDStatus fuzz_parse_proc_pid_status
3640

3741
# FuzzCreateContainer requires more setup than the fuzzers above.
3842
# We need the binaries from "make".
@@ -70,6 +74,6 @@ for i in $( ls *_test.go ); do mv $i ./${i%.*}_fuzz.go; done
7074
# Remove windows test to avoid double declarations:
7175
rm ./client_windows_test_fuzz.go
7276
rm ./helpers_windows_test_fuzz.go
73-
compile_go_fuzzer . FuzzCreateContainerNoTearDown fuzz_create_container_no_teardown
74-
compile_go_fuzzer . FuzzCreateContainerWithTearDown fuzz_create_container_with_teardown
75-
compile_go_fuzzer . FuzzNoTearDownWithDownload fuzz_no_teardown_with_download
77+
compile_go_fuzzer github.com/containerd/containerd/integration/client FuzzCreateContainerNoTearDown fuzz_create_container_no_teardown
78+
compile_go_fuzzer github.com/containerd/containerd/integration/client FuzzCreateContainerWithTearDown fuzz_create_container_with_teardown
79+
compile_go_fuzzer github.com/containerd/containerd/integration/client FuzzNoTearDownWithDownload fuzz_no_teardown_with_download

0 commit comments

Comments
 (0)