diff --git a/.gitignore b/.gitignore index 4210a192..e1011fc2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,10 @@ json_unit json_benchmarks +fuzz-testing + +*.dSYM + working html diff --git a/Makefile b/Makefile index ddb73f25..7b500c99 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ all: json_unit # clean up clean: - rm -f json_unit json_benchmarks fuzz + rm -fr json_unit json_benchmarks fuzz fuzz-testing *.dSYM ########################################################################## @@ -28,11 +28,19 @@ json_unit: test/unit.cpp src/json.hpp test/catch.hpp # fuzzing ########################################################################## +# the overall fuzz testing target +fuzz_testing: + rm -fr fuzz-testing + mkdir -p fuzz-testing fuzz-testing/testcases fuzz-testing/out + $(MAKE) fuzz CXX=afl-clang++ + mv fuzz fuzz-testing + find test/json_tests -size -5k -name *json | xargs -I{} cp "{}" fuzz-testing/testcases + @echo "Execute: afl-fuzz -i fuzz-testing/testcases -o fuzz-testing/out fuzz-testing/fuzz" + +# the fuzzer binary fuzz: test/fuzz.cpp src/json.hpp - $(CXX) -std=c++11 $(CXXFLAGS) $(FLAGS) $(CPPFLAGS) -I src -I test $< $(LDFLAGS) -lstdc++ -lm -o $@ -fuzz_testcases: - mkdir -p testcases && find test/ -size -5k -name *json | xargs -I{} cp "{}" testcases - @echo "Test cases suitable for fuzzing have been copied into the testcases directory" + $(CXX) -std=c++11 $(CXXFLAGS) $(FLAGS) $(CPPFLAGS) -I src $< $(LDFLAGS) -o $@ + ########################################################################## # static analyzer diff --git a/README.md b/README.md index a9ca66a1..e99283d5 100644 --- a/README.md +++ b/README.md @@ -394,6 +394,7 @@ I deeply appreciate the help of the following people. - [Corbin Hughes](https://github.com/nibroc) fixed some typos in the contribution guidelines. - [twelsby](https://github.com/twelsby) fixed the array subscript operator, an issue that failed the MSVC build, and floating-point parsing/dumping. He further added support for unsigned integer numbers. - [Volker Diels-Grabsch](https://github.com/vog) fixed a link in the README file. +- [msm-](https://github.com/msm-) added support for american fuzzy lop. Thanks a lot for helping out! diff --git a/test/fuzz.cpp b/test/fuzz.cpp index 1671de5e..569a5623 100644 --- a/test/fuzz.cpp +++ b/test/fuzz.cpp @@ -4,8 +4,7 @@ | | |__ | | | | | | version 2.0.0 |_____|_____|_____|_|___| https://github.com/nlohmann/json -To run under afl: - afl-fuzz -i testcases -o output ./fuzz +Run "make fuzz_testing" and follow the instructions. Licensed under the MIT License . */ @@ -16,27 +15,19 @@ using json = nlohmann::json; int main() { - json *jp; - #ifdef __AFL_HAVE_MANUAL_CONTROL - while (__AFL_LOOP(1000)) { + while (__AFL_LOOP(1000)) + { #endif - jp = new json(); - json j = *jp; - try { - j << std::cin; - } catch (std::invalid_argument e) { - std::cout << "Invalid argument in parsing" << e.what() << '\n'; - } - - if (j.find("foo") != j.end()) { - std::cout << "Found a foo"; - } - - std::cout << j.type() << j << std::endl; - - delete jp; + try + { + json j(std::cin); + } + catch (std::invalid_argument &e) + { + std::cout << "Invalid argument in parsing" << e.what() << '\n'; + } #ifdef __AFL_HAVE_MANUAL_CONTROL - } + } #endif }