Add hypothesis harness, tarfile strategies

Author: sethmlarson

Makefile

@@ -1,4 +1,4 @@
-all : fuzzer-html fuzzer-email fuzzer-httpclient fuzzer-json fuzzer-difflib fuzzer-csv fuzzer-decode fuzzer-ast fuzzer-tarfile fuzzer-zipfile fuzzer-re fuzzer-configparser fuzzer-tomllib fuzzer-plistlib fuzzer-xml
+all : fuzzer-html fuzzer-email fuzzer-httpclient fuzzer-json fuzzer-difflib fuzzer-csv fuzzer-decode fuzzer-ast fuzzer-tarfile fuzzer-tarfile-hypothesis fuzzer-zipfile fuzzer-re fuzzer-configparser fuzzer-tomllib fuzzer-plistlib fuzzer-xml
 
 PYTHON_CONFIG_PATH=$(CPYTHON_INSTALL_PATH)/bin/python3-config
 CXXFLAGS += $(shell $(PYTHON_CONFIG_PATH) --cflags)
@@ -26,6 +26,8 @@ fuzzer-zipfile:
 	clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"zipfile.py\"" -ldl $(LDFLAGS) -o fuzzer-zipfile
 fuzzer-tarfile:
 	clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"tarfile.py\"" -ldl $(LDFLAGS) -o fuzzer-tarfile
+fuzzer-tarfile-hypothesis:
+	clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"tarfile_hypothesis.py\"" -ldl $(LDFLAGS) -o fuzzer-tarfile-hypothesis
 fuzzer-configparser:
 	clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"configparser.py\"" -ldl $(LDFLAGS) -o fuzzer-configparser
 fuzzer-tomllib:

hypothesis_strategies/__init__.py

@@ -0,0 +1,71 @@
+# Copyright 2017 Christoph Reiter
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+import os
+import sys
+
+from hypothesis.strategies import (
+    composite,
+    sampled_from,
+    lists,
+    integers,
+    binary,
+    randoms,
+)
+
+
+@composite
+def fspaths(draw, max_size: int | None = None) -> str:
+    """A hypothesis strategy which gives valid path values.
+
+    Valid path values are everything which when passed to open() will not raise
+    ValueError or TypeError (but might raise OSError due to file system or
+    operating system restrictions).
+    """
+
+    if os.name == "nt":
+        hight_surrogate = integers(min_value=0xD800, max_value=0xDBFF).map(
+            lambda i: chr(i)
+        )
+        low_surrogate = integers(min_value=0xDC00, max_value=0xDFFF).map(
+            lambda i: chr(i)
+        )
+        uni_char = integers(min_value=1, max_value=sys.maxunicode).map(lambda i: chr(i))
+        any_char = sampled_from(
+            [draw(uni_char), draw(hight_surrogate), draw(low_surrogate)]
+        )
+        any_text = lists(any_char, max_size=max_size).map(lambda l: "".join(l))
+        path_text = any_text
+    else:
+        unix_path_bytes = binary(max_size=max_size).map(lambda b: b.replace(b"\x00", b" "))
+        path_text = unix_path_bytes.map(
+            lambda b: b.decode(sys.getfilesystemencoding(), "surrogateescape")
+        )
+        r = draw(randoms())
+
+        def shuffle_text(t):
+            l = list(t)
+            r.shuffle(l)
+            return "".join(l)
+
+        path_text = path_text.map(shuffle_text)
+
+    return draw(path_text)

hypothesis_strategies/fspaths.py

@@ -0,0 +1,74 @@
+from hypothesis import strategies as st, given
+
+
+import io
+import tarfile
+
+import hypothesis.strategies as st
+from .fspaths import fspaths
+
+
+def tar_integers(
+    format: int, digits: int = 1, allow_negative: bool = False
+) -> st.SearchStrategy[int]:
+    """tar has a unique way of encoding integers that is format-dependent
+    and based on the number of "digits" allowed for a value.
+    """
+    if digits <= 0:
+        raise ValueError("Digits must be greater than one.")
+    if format == tarfile.GNU_FORMAT:
+        min_value = -(256 ** (digits - 1)) if allow_negative else 0
+        max_value = (256 ** (digits - 1)) - 1
+    else:
+        min_value = 0
+        max_value = (4**digits) - 1
+    return st.integers(min_value=min_value, max_value=max_value)
+
+
+@st.composite
+def tar_archives(draw):
+    buf = io.BytesIO()
+    format = draw(
+        st.sampled_from((tarfile.GNU_FORMAT, tarfile.PAX_FORMAT, tarfile.USTAR_FORMAT))
+    )
+    tar = tarfile.TarFile(fileobj=buf, format=format, mode="w")
+    types = list(tarfile.REGULAR_TYPES)
+
+    for _ in range(draw(st.integers(min_value=1, max_value=10))):
+        info = tarfile.TarInfo(
+            name=draw(fspaths(max_size=tarfile.LENGTH_NAME))
+        )
+        fileobj = None
+
+        info.type = draw(st.sampled_from(types))
+        info.mode = draw(tar_integers(format=format, digits=8))
+        info.uid = draw(tar_integers(format=format, digits=8))
+        info.gid = draw(tar_integers(format=format, digits=8))
+        info.mtime = draw(tar_integers(format=format, digits=12))
+        info.devmajor = draw(tar_integers(format=format, digits=8))
+        info.devminor = draw(tar_integers(format=format, digits=8))
+
+        if draw(st.booleans()):
+            info.linkname = draw(fspaths(max_size=tarfile.LENGTH_LINK))
+
+        def maybe_set_pax_header(obj, name, value):
+            if draw(st.booleans()):
+                obj.pax_headers[name] = value
+
+        if format == tarfile.PAX_FORMAT:
+            maybe_set_pax_header(info, "uname", draw(st.text(max_size=32)))
+            maybe_set_pax_header(info, "gname", draw(st.text(max_size=32)))
+            maybe_set_pax_header(
+                info,
+                "path",
+                draw(fspaths(max_size=tarfile.LENGTH_NAME)),
+            )
+            maybe_set_pax_header(
+                info,
+                "linkpath",
+                draw(fspaths(max_size=tarfile.LENGTH_LINK)),
+            )
+
+        tar.addfile(info, fileobj=fileobj)
+
+    return buf.getvalue()

hypothesis_strategies/tar.py

@@ -0,0 +1 @@
+hypothesis

requirements.in

@@ -0,0 +1,14 @@
+#
+# This file is autogenerated by pip-compile with Python 3.13
+# by the following command:
+#
+#    pip-compile --generate-hashes --output-file=requirements.txt requirements.in
+#
+hypothesis==6.148.8 \
+    --hash=sha256:c1842f47f974d74661b3779a26032f8b91bc1eb30d84741714d3712d7f43e85e \
+    --hash=sha256:fa6b2ae029bc02f9d2d6c2257b0cbf2dc3782362457d2027a038ad7f4209c385
+    # via -r requirements.in
+sortedcontainers==2.4.0 \
+    --hash=sha256:25caa5a06cc30b6b83d11423433f65d1f9d76c4c6a0c90e3379eaa43b9bfdb88 \
+    --hash=sha256:a163dcaede0f1c021485e957a39245190e74249897e2ae4b2aa38595db237ee0
+    # via hypothesis

requirements.txt

@@ -0,0 +1,15 @@
+import io
+import tarfile
+
+from hypothesis import given
+from hypothesis_strategies import tar
+
+
+
+@given(tar.tar_archives())
+def tar_archive_fuzz_target(tar_archive: bytes) -> None:
+    tarfile.TarFile(fileobj=io.BytesIO(tar_archive))
+
+
+# Exposes the Hypothesis fuzz target for integrating with OSS-Fuzz.
+FuzzerRunOne = tar_archive_fuzz_target.hypothesis.fuzz_one_input