From 880266bf61d22995db0973c9c1bdfa9096593820 Mon Sep 17 00:00:00 2001
From: ado <adnan.abd0124@gmail.com>
Date: Sun, 3 Mar 2024 01:24:17 +0100
Subject: [PATCH] Add oss-fuzz cifuzz ci

---
 .github/workflows/fuzz.yml | 56 ++++++++++++++++++++++++++
 fuzz/build.sh              |  5 +++
 fuzz/ssp_fuzz.cpp          | 81 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 142 insertions(+)
 create mode 100644 .github/workflows/fuzz.yml
 create mode 100755 fuzz/build.sh
 create mode 100644 fuzz/ssp_fuzz.cpp

diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml
new file mode 100644
index 0000000..9d4f740
--- /dev/null
+++ b/.github/workflows/fuzz.yml
@@ -0,0 +1,56 @@
+name: coverage-ci
+
+on:
+  workflow_dispatch:
+
+  push:
+    branches:
+      - master
+      - feature/**
+      - improvement/**
+      - bugfix/**
+
+  pull_request:
+    branches:
+      - master
+      - feature/**
+      - improvement/**
+      - bugfix/**
+
+jobs:
+  fuzzing:
+    runs-on: ubuntu-latest
+
+    name: "Fuzzing"
+    
+    steps:
+      - name: Build Fuzzers
+        id: build
+        uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+        with:
+          oss-fuzz-project-name: 'ssp'
+          language: c++
+
+      - name: Run Fuzzers
+        uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+        with:
+          oss-fuzz-project-name: 'ssp'
+          language: c++
+          fuzz-seconds: 60
+          output-sarif: true
+
+      - name: Upload Crash
+        uses: actions/upload-artifact@v3
+        if: failure() && steps.build.outcome == 'success'
+        with:
+          name: artifacts
+          path: ./out/artifacts
+
+      - name: Upload Sarif
+        if: always() && steps.build.outcome == 'success'
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: cifuzz-sarif/results.sarif
+          checkout_path: cifuzz-sarif
+          category: CIFuzz
diff --git a/fuzz/build.sh b/fuzz/build.sh
new file mode 100755
index 0000000..e1fe684
--- /dev/null
+++ b/fuzz/build.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env sh
+
+$CXX $CFLAGS $CXXFLAGS $LIB_FUZZING_ENGINE $SRC/fuzz/ssp_fuzz.cpp
+     -I $SRC/include
+     -o $OUT/ssp_fuzz
diff --git a/fuzz/ssp_fuzz.cpp b/fuzz/ssp_fuzz.cpp
new file mode 100644
index 0000000..478a0af
--- /dev/null
+++ b/fuzz/ssp_fuzz.cpp
@@ -0,0 +1,81 @@
+#include "../ssp.hpp"
+#include <filesystem>
+#include <iostream>
+#include <unistd.h>
+
+template <typename... Ts>
+void test_ssp_file_mode(const uint8_t* data, size_t size,
+                        std::string delim = ss::default_delimiter) {
+    std::string file_name = std::filesystem::temp_directory_path().append(
+        "ss_fuzzer" + std::to_string(getpid()) + ".csv");
+    FILE* file = std::fopen(file_name.c_str(), "wb");
+    if (!file) {
+        std::exit(1);
+    }
+    std::fwrite(data, size, 1, file);
+    std::fclose(file);
+
+    ss::parser<Ts...> p{file_name.c_str(), delim};
+    while (!p.eof()) {
+        try {
+            const auto& [s0, s1] =
+                p.template get_next<std::string, std::string>();
+            if (s0.size() == 10000) {
+                std::cout << s0.size() << std::endl;
+            }
+        } catch (ss::exception& e) {
+            continue;
+        }
+    }
+
+    std::remove(file_name.c_str());
+}
+
+template <typename... Ts>
+void test_ssp_buffer_mode(const uint8_t* data, size_t size,
+                          std::string delim = ss::default_delimiter) {
+    ss::parser<Ts...> p{(const char*)data, size, delim};
+    while (!p.eof()) {
+        try {
+            const auto& [s0, s1] =
+                p.template get_next<std::string, std::string>();
+            if (s0.size() == 10000) {
+                std::cout << s0.size() << std::endl;
+            }
+        } catch (ss::exception& e) {
+            continue;
+        }
+    }
+}
+
+template <typename... Ts>
+void test_ssp(const uint8_t* data, size_t size) {
+    test_ssp_file_mode<Ts...>(data, size);
+    test_ssp_file_mode<Ts..., ss::throw_on_error>(data, size);
+
+    test_ssp_file_mode<Ts...>(data, size, ":::");
+    test_ssp_file_mode<Ts..., ss::throw_on_error>(data, size, ":::");
+
+    test_ssp_buffer_mode<Ts...>(data, size);
+    test_ssp_buffer_mode<Ts..., ss::throw_on_error>(data, size);
+
+    test_ssp_buffer_mode<Ts...>(data, size, ":::");
+    test_ssp_buffer_mode<Ts..., ss::throw_on_error>(data, size, ":::");
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+    using escape = ss::escape<'\\'>;
+    using quote = ss::quote<'"'>;
+    using trim = ss::trim<' ', '\t'>;
+    using multiline_r = ss::multiline_restricted<5>;
+
+    test_ssp<>(data, size);
+    test_ssp<escape>(data, size);
+    test_ssp<quote>(data, size);
+    test_ssp<trim>(data, size);
+    test_ssp<quote, escape>(data, size);
+    test_ssp<escape, quote, multiline_r, trim>(data, size);
+    test_ssp<escape, quote, multiline_r, trim, ss::ignore_empty>(data, size);
+
+    return 0;
+}