From ea544eb48bb7414a76b059ff285b63ce1cf1fbda Mon Sep 17 00:00:00 2001 From: Arseny Kapoulkine Date: Thu, 9 Feb 2017 09:53:04 -0800 Subject: tests: Add fuzzing dictionaries Hopefully this will allow for better fuzzing coverage --- Makefile | 2 +- tests/fuzz_parse.dict | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++ tests/fuzz_xpath.dict | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 145 insertions(+), 1 deletion(-) create mode 100644 tests/fuzz_parse.dict create mode 100644 tests/fuzz_xpath.dict diff --git a/Makefile b/Makefile index e483e02..500675c 100644 --- a/Makefile +++ b/Makefile @@ -70,7 +70,7 @@ endif fuzz_%: $(BUILD)/fuzz_% @mkdir -p build/$@ - $< build/$@ tests/data_$* + $< build/$@ tests/data_$* -max_len=1024 -dict=tests/fuzz_$*.dict clean: rm -rf $(BUILD) diff --git a/tests/fuzz_parse.dict b/tests/fuzz_parse.dict new file mode 100644 index 0000000..b1a0067 --- /dev/null +++ b/tests/fuzz_parse.dict @@ -0,0 +1,72 @@ +# +# AFL dictionary for XML +# ---------------------- +# +# Several basic syntax elements and attributes, modeled on libxml2. +# +# Created by Michal Zalewski +# + +attr_encoding=" encoding=\"1\"" +attr_generic=" a=\"1\"" +attr_href=" href=\"1\"" +attr_standalone=" standalone=\"no\"" +attr_version=" version=\"1\"" +attr_xml_base=" xml:base=\"1\"" +attr_xml_id=" xml:id=\"1\"" +attr_xml_lang=" xml:lang=\"1\"" +attr_xml_space=" xml:space=\"1\"" +attr_xmlns=" xmlns=\"1\"" + +entity_builtin="<" +entity_decimal="" +entity_external="&a;" +entity_hex="" + +string_any="ANY" +string_brackets="[]" +string_cdata="CDATA" +string_col_fallback=":fallback" +string_col_generic=":a" +string_col_include=":include" +string_dashes="--" +string_empty="EMPTY" +string_empty_dblquotes="\"\"" +string_empty_quotes="''" +string_entities="ENTITIES" +string_entity="ENTITY" +string_fixed="#FIXED" +string_id="ID" +string_idref="IDREF" +string_idrefs="IDREFS" +string_implied="#IMPLIED" +string_nmtoken="NMTOKEN" +string_nmtokens="NMTOKENS" +string_notation="NOTATION" +string_parentheses="()" +string_pcdata="#PCDATA" +string_percent="%a" +string_public="PUBLIC" +string_required="#REQUIRED" +string_schema=":schema" +string_system="SYSTEM" +string_ucs4="UCS-4" +string_utf16="UTF-16" +string_utf8="UTF-8" +string_xmlns="xmlns:" + +tag_attlist="" +tag_doctype="" +tag_open_close="" +tag_open_exclamation="" +tag_xml_q="" diff --git a/tests/fuzz_xpath.dict b/tests/fuzz_xpath.dict new file mode 100644 index 0000000..c469f6e --- /dev/null +++ b/tests/fuzz_xpath.dict @@ -0,0 +1,72 @@ +"boolean" +"count" +"contains" +"concat" +"ceiling" +"false" +"floor" +"id" +"last" +"lang" +"local-name" +"name" +"namespace-uri" +"normalize-space" +"not" +"number" +"position" +"round" +"string" +"string-length" +"starts-with" +"substring-before" +"substring-after" +"substring" +"sum" +"translate" +"true" +"ancestor" +"ancestor-or-self" +"attribute" +"child" +"descendant" +"descendant-or-self" +"following" +"following-sibling" +"namespace" +"parent" +"preceding" +"preceding-sibling" +"self" +"comment" +"node" +"processing-instruction" +"text" +"or" +"and" +"div" +"mod" +">" +">=" +"<" +"<=" +"!" +"!=" +"=" +"+" +"-" +"*" +"|" +"$" +"(" +")" +"[" +"]" +"," +"//" +"/" +".." +"." +"@" +"::" +":" -- cgit v1.2.3