Fix fuzz projects (#10416)

This commit is contained in:
Bond-009 2023-10-22 17:01:51 +02:00 committed by GitHub
parent 028b2122ce
commit b16033df03
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 46 additions and 18 deletions

View file

@ -6,6 +6,7 @@ using Emby.Server.Implementations.Library;
using MediaBrowser.Controller;
using MediaBrowser.Controller.Entities;
using MediaBrowser.Model.Entities;
using Microsoft.Extensions.Configuration;
using Moq;
using SharpFuzz;
@ -54,8 +55,16 @@ namespace Emby.Server.Implementations.Fuzz
appHost.Setup(x => x.ReverseVirtualPath(It.IsAny<string>()))
.Returns((string x) => x.Replace(MetaDataPath, VirtualMetaDataPath, StringComparison.Ordinal));
var configSection = new Mock<IConfigurationSection>();
configSection.SetupGet(x => x[It.Is<string>(s => s == MediaBrowser.Controller.Extensions.ConfigurationExtensions.SqliteCacheSizeKey)])
.Returns("0");
var config = new Mock<IConfiguration>();
config.Setup(x => x.GetSection(It.Is<string>(s => s == MediaBrowser.Controller.Extensions.ConfigurationExtensions.SqliteCacheSizeKey)))
.Returns(configSection.Object);
IFixture fixture = new Fixture().Customize(new AutoMoqCustomization { ConfigureMembers = true });
fixture.Inject(appHost);
fixture.Inject(config);
return fixture.Create<SqliteItemRepository>();
}
}

View file

@ -8,4 +8,4 @@ cp bin/Emby.Server.Implementations.dll .
dotnet build
mkdir -p Findings
AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 -m 10240 dotnet bin/Debug/net6.0/Emby.Server.Implementations.Fuzz.dll "$1"
AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 ./bin/Debug/net7.0/Emby.Server.Implementations.Fuzz "$1"

View file

@ -6,8 +6,8 @@
</PropertyGroup>
<ItemGroup>
<Reference Include="Jellyfin.Server">
<HintPath>jellyfin.dll</HintPath>
<Reference Include="Jellyfin.Api">
<HintPath>Jellyfin.Api.dll</HintPath>
</Reference>
</ItemGroup>

View file

@ -1,12 +1,12 @@
using System;
using System.Collections.Generic;
using Jellyfin.Server.Middleware;
using Jellyfin.Api.Middleware;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Features;
using Microsoft.Extensions.Primitives;
using SharpFuzz;
namespace Emby.Server.Implementations.Fuzz
namespace Jellyfin.Api.Fuzz
{
public static class Program
{

11
fuzz/Jellyfin.Api.Fuzz/fuzz.sh Executable file
View file

@ -0,0 +1,11 @@
#!/bin/sh
set -e
dotnet build -c Release ../../Jellyfin.Api/Jellyfin.Api.csproj --output bin
sharpfuzz bin/Jellyfin.Api.dll
cp bin/Jellyfin.Api.dll .
dotnet build
mkdir -p Findings
AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 ./bin/Debug/net7.0/Jellyfin.Api.Fuzz "$1"

View file

@ -1,11 +0,0 @@
#!/bin/sh
set -e
dotnet build -c Release ../../Jellyfin.Server/Jellyfin.Server.csproj --output bin
sharpfuzz bin/jellyfin.dll
cp bin/jellyfin.dll .
dotnet build
mkdir -p Findings
AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 -m 10240 dotnet bin/Debug/net6.0/Jellyfin.Server.Fuzz.dll "$1"

20
fuzz/README.md Normal file
View file

@ -0,0 +1,20 @@
# Jellyfin fuzzing
## Setup
Install AFL++
```sh
git clone https://github.com/AFLplusplus/AFLplusplus
cd AFLplusplus
make all
sudo make install
```
Install SharpFuzz.CommandLine global .NET tool
```sh
dotnet tool install --global SharpFuzz.CommandLine
```
## Running
Run the `fuzz.sh` in the directory corresponding to the project you want to fuzz.
The script takes a parameter of which fuzz case you want to run.

View file

@ -1,12 +1,11 @@
using System.Collections.Generic;
using System.Linq;
using Jellyfin.Api.Middleware;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Features;
using Microsoft.Extensions.Primitives;
using Xunit;
namespace Jellyfin.Server.Tests
namespace Jellyfin.Api.Middleware.Tests
{
public static class UrlDecodeQueryFeatureTests
{