Commit583c011

authored

Merge pull request#1997 from DaveLak/fuzzing/fuzz-targets/git-broken-fuzz-submodule-test

Fuzzing: Fix Broken Fuzz Test for Git Submodule Handling

2 parents333786c +7751d0b commit583c011Copy full SHA for 583c011

File tree

1 file changed

+42

-17

lines changed

fuzzing/fuzz-targets
- fuzz_submodule.py

1 file changed

+42

-17

lines changed

`‎fuzzing/fuzz-targets/fuzz_submodule.py`

Lines changed: 42 additions & 17 deletions

Original file line number	Diff line number	Diff line change
`@@ -9,11 +9,17 @@`
`9`	`9`	`get_max_filename_length,`
`10`	`10`	`)`
`11`	`11`
`12`		`-# Setup thegit environment`
	`12`	`+# Setup theGit environment`
`13`	`13`	`setup_git_environment()`
`14`	`14`	`fromgitimportRepo,GitCommandError,InvalidGitRepositoryError`
`15`	`15`
`16`	`16`
	`17`	`+defsanitize_input(input_str,max_length=255):`
	`18`	`+"""Sanitize and truncate inputs to avoid invalid Git operations."""`
	`19`	`+sanitized="".join(chforchininput_strifch.isalnum()orchin ("-","_","."))`
	`20`	`+returnsanitized[:max_length]`
	`21`	`+`
	`22`	`+`
`17`	`23`	`defTestOneInput(data):`
`18`	`24`	`fdp=atheris.FuzzedDataProvider(data)`
`19`	`25`
`@@ -24,12 +30,23 @@ def TestOneInput(data):`
`24`	`30`	`try:`
`25`	`31`	`withtempfile.TemporaryDirectory()assubmodule_temp_dir:`
`26`	`32`	`sub_repo=Repo.init(submodule_temp_dir,bare=fdp.ConsumeBool())`
`27`		`-sub_repo.index.commit(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(1,512)))`
	`33`	`+commit_message=sanitize_input(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(1,512)))`
	`34`	`+sub_repo.index.commit(commit_message)`
`28`	`35`
`29`		`-submodule_name=fdp.ConsumeUnicodeNoSurrogates(`
`30`		`-fdp.ConsumeIntInRange(1,max(1,get_max_filename_length(repo.working_tree_dir)))`
	`36`	`+submodule_name=sanitize_input(`
	`37`	`+fdp.ConsumeUnicodeNoSurrogates(`
	`38`	`+fdp.ConsumeIntInRange(1,get_max_filename_length(repo.working_tree_dir))`
	`39`	`+ )`
`31`	`40`	`)`
`32`		`-submodule_path=os.path.join(repo.working_tree_dir,submodule_name)`
	`41`	`+`
	`42`	`+submodule_path=os.path.relpath(`
	`43`	`+os.path.join(repo.working_tree_dir,submodule_name),`
	`44`	`+start=repo.working_tree_dir,`
	`45`	`+ )`
	`46`	`+`
	`47`	`+# Ensure submodule_path is valid`
	`48`	`+ifnotsubmodule_nameorsubmodule_name.startswith("/")or".."insubmodule_name:`
	`49`	`+return-1# Reject invalid input so they are not added to the corpus`
`33`	`50`
`34`	`51`	`submodule=repo.create_submodule(submodule_name,submodule_path,url=sub_repo.git_dir)`
`35`	`52`	`repo.index.commit("Added submodule")`
`@@ -39,25 +56,38 @@ def TestOneInput(data):`
`39`	`56`	`value_length=fdp.ConsumeIntInRange(1,max(1,fdp.remaining_bytes()))`
`40`	`57`
`41`	`58`	`writer.set_value(`
`42`		`-fdp.ConsumeUnicodeNoSurrogates(key_length),fdp.ConsumeUnicodeNoSurrogates(value_length)`
	`59`	`+sanitize_input(fdp.ConsumeUnicodeNoSurrogates(key_length)),`
	`60`	`+sanitize_input(fdp.ConsumeUnicodeNoSurrogates(value_length)),`
`43`	`61`	`)`
`44`	`62`	`writer.release()`
`45`	`63`
`46`		`-submodule.update(init=fdp.ConsumeBool(),dry_run=fdp.ConsumeBool(),force=fdp.ConsumeBool())`
	`64`	`+submodule.update(`
	`65`	`+init=fdp.ConsumeBool(),`
	`66`	`+dry_run=fdp.ConsumeBool(),`
	`67`	`+force=fdp.ConsumeBool(),`
	`68`	`+ )`
	`69`	`+`
`47`	`70`	`submodule_repo=submodule.module()`
`48`	`71`
`49`		`-new_file_name=fdp.ConsumeUnicodeNoSurrogates(`
`50`		`-fdp.ConsumeIntInRange(1,max(1,get_max_filename_length(submodule_repo.working_tree_dir)))`
	`72`	`+new_file_name=sanitize_input(`
	`73`	`+fdp.ConsumeUnicodeNoSurrogates(`
	`74`	`+fdp.ConsumeIntInRange(1,get_max_filename_length(submodule_repo.working_tree_dir))`
	`75`	`+ )`
`51`	`76`	`)`
`52`	`77`	`new_file_path=os.path.join(submodule_repo.working_tree_dir,new_file_name)`
`53`	`78`	`withopen(new_file_path,"wb")asnew_file:`
`54`	`79`	`new_file.write(fdp.ConsumeBytes(fdp.ConsumeIntInRange(1,512)))`
	`80`	`+`
`55`	`81`	`submodule_repo.index.add([new_file_path])`
`56`	`82`	`submodule_repo.index.commit("Added new file to submodule")`
`57`	`83`
`58`	`84`	`repo.submodule_update(recursive=fdp.ConsumeBool())`
`59`		`-submodule_repo.head.reset(commit="HEAD~1",working_tree=fdp.ConsumeBool(),head=fdp.ConsumeBool())`
`60`		`-# Use fdp.PickValueInList to ensure at least one of 'module' or 'configuration' is True`
	`85`	`+submodule_repo.head.reset(`
	`86`	`+commit="HEAD~1",`
	`87`	`+working_tree=fdp.ConsumeBool(),`
	`88`	`+head=fdp.ConsumeBool(),`
	`89`	`+ )`
	`90`	`+`
`61`	`91`	`module_option_value,configuration_option_value=fdp.PickValueInList(`
`62`	`92`	`[(True,False), (False,True), (True,True)]`
`63`	`93`	`)`
`@@ -82,12 +112,7 @@ def TestOneInput(data):`
`82`	`112`	`):`
`83`	`113`	`return-1`
`84`	`114`	`exceptExceptionase:`
`85`		`-ifisinstance(e,ValueError)and"embedded null byte"instr(e):`
`86`		`-return-1`
`87`		`-elifisinstance(e,OSError)and"File name too long"instr(e):`
`88`		`-return-1`
`89`		`-else:`
`90`		`-returnhandle_exception(e)`
	`115`	`+returnhandle_exception(e)`
`91`	`116`
`92`	`117`
`93`	`118`	`defmain():`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit583c011

File tree

1 file changed

1 file changed

`‎fuzzing/fuzz-targets/fuzz_submodule.py`

0 commit comments