Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf4b95cf

Browse files
committed
Fix Fuzzer Crash in ClusterFuzz Due to Missing Git Executable
A Git executable is not globally available in the ClusterFuzz containerenvironment where OSS-Fuzz executes fuzz tests, causing an error in the fuzzharnesses when GitPython attempts to initialize, crashing the tests before theycan run.To avoid this issue, we bundle the `git` binary that is available in the OSS-Fuzzbuild container with the fuzz harness via Pyinstaller's `--add-binary` flag in`build.sh` and use GitPython's `git.refresh(<full-path-to-git-executable>)`method inside a Pyinstaller runtime check to initialize GitPython with thebundled Git executable when running from the bundled application.In all other execution environments, we assume a `git` executable is availableglobally.Fixes:-#1905-google/oss-fuzz#10600
1 parentbc7bd22 commitf4b95cf

File tree

3 files changed

+15
-7
lines changed

3 files changed

+15
-7
lines changed

‎fuzzing/fuzz-targets/fuzz_config.py

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,16 +20,21 @@
2020
importatheris
2121
importsys
2222
importio
23+
importos
2324
fromconfigparserimportMissingSectionHeaderError,ParsingError
2425

2526
withatheris.instrument_imports():
26-
fromgitimportGitConfigParser
27+
importgit
2728

2829

2930
defTestOneInput(data):
31+
ifgetattr(sys,"frozen",False)andhasattr(sys,"_MEIPASS"):
32+
path_to_bundled_git_binary=os.path.abspath(os.path.join(os.path.dirname(__file__),"git"))
33+
git.refresh(path_to_bundled_git_binary)
34+
3035
sio=io.BytesIO(data)
3136
sio.name="/tmp/fuzzconfig.config"
32-
git_config=GitConfigParser(sio)
37+
git_config=git.GitConfigParser(sio)
3338
try:
3439
git_config.read()
3540
except (MissingSectionHeaderError,ParsingError,UnicodeDecodeError):

‎fuzzing/fuzz-targets/fuzz_tree.py

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,11 +24,14 @@
2424
importshutil
2525

2626
withatheris.instrument_imports():
27-
fromgit.objectsimportTree
28-
fromgit.repoimportRepo
27+
importgit
2928

3029

3130
defTestOneInput(data):
31+
ifgetattr(sys,"frozen",False)andhasattr(sys,"_MEIPASS"):
32+
path_to_bundled_git_binary=os.path.abspath(os.path.join(os.path.dirname(__file__),"git"))
33+
git.refresh(path_to_bundled_git_binary)
34+
3235
fdp=atheris.FuzzedDataProvider(data)
3336
git_dir="/tmp/.git"
3437
head_file=os.path.join(git_dir,"HEAD")
@@ -46,9 +49,9 @@ def TestOneInput(data):
4649
os.mkdir(common_dir)
4750
os.mkdir(objects_dir)
4851

49-
_repo=Repo("/tmp/")
52+
_repo=git.Repo("/tmp/")
5053

51-
fuzz_tree=Tree(_repo,Tree.NULL_BIN_SHA,0,"")
54+
fuzz_tree=git.Tree(_repo,git.Tree.NULL_BIN_SHA,0,"")
5255
try:
5356
fuzz_tree._deserialize(io.BytesIO(data))
5457
exceptIndexError:

‎fuzzing/oss-fuzz-scripts/build.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ find "$SEED_DATA_DIR" \( -name '*_seed_corpus.zip' -o -name '*.options' -o -name
1414

1515
# Build fuzzers in $OUT.
1616
find"$SRC/gitpython/fuzzing" -name'fuzz_*.py' -print0|while IFS=read -r -d'' fuzz_harness;do
17-
compile_python_fuzzer"$fuzz_harness"
17+
compile_python_fuzzer"$fuzz_harness" --add-binary="$(command -v git):."
1818

1919
common_base_dictionary_filename="$SEED_DATA_DIR/__base.dict"
2020
if [[-r"$common_base_dictionary_filename" ]];then

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp