|
780e432a
|
2024-06-11T16:58:09
|
|
fuzz: Move to per-context error handler
|
|
|
116d8c01
|
2024-06-11T15:48:32
|
|
fuzz: Move to per-context resource loader
|
|
|
caa8bb38
|
2024-05-19T19:31:54
|
|
fuzz: Move back to xmlSetExternalEntityLoader
xmlParserInputBufferCreateFilenameDefault can't report malloc failures.
|
|
|
b3cb41be
|
2024-05-13T12:18:08
|
|
fuzz: Add xmllint fuzzer
|
|
|
510c7988
|
2024-04-23T18:43:12
|
|
fuzz: Remove reader pass from XML fuzzers
The reader API is fuzzed separately now.
|
|
|
d463733f
|
2024-02-01T19:31:03
|
|
fuzz: Reenable malloc failure check when serializing
|
|
|
84e50a0c
|
2024-02-01T17:02:24
|
|
fuzz: Don't check for malloc failures when serializing
DTD serialization doesn't report malloc failures yet.
|
|
|
30d83977
|
2024-01-04T15:18:14
|
|
fuzz: Disable catalogs
The catalogs API doesn't report OOM errors. It's basically impossible
to use it safely in its current form.
|
|
|
e115194e
|
2023-12-10T18:32:21
|
|
fuzz: Check malloc failure reports in XML fuzzers
|
|
|
c13a0191
|
2023-10-14T22:48:12
|
|
fuzz: Test xmlTextReaderRead after EOF or failure
|
|
|
fa481873
|
2023-09-30T14:45:53
|
|
fuzz: Disable XML_PARSE_SAX1 option in xml fuzzer
There a no plans to fix quadratic behavior in the legacy SAX1 interface.
|
|
|
f9d717af
|
2023-09-21T13:05:49
|
|
fuzz: Allow to fuzz without push, reader or output modules
|
|
|
da274bfa
|
2023-09-21T01:29:40
|
|
build: Fix build when certain modules are disabled
|
|
|
4eba9f9c
|
2023-03-12T16:15:54
|
|
fuzz: Separate fuzzer for DTD validation
|
|
|
42322eba
|
2023-03-08T13:59:03
|
|
fuzz: Inject random malloc failures
Fixes #344.
|
|
|
541b1e28
|
2023-03-08T13:59:00
|
|
fuzz: Support variable integer sizes in fuzz data
Also switch to big-endian.
|
|
|
09dac45a
|
2022-12-26T17:49:27
|
|
fuzz: Add separate XInclude fuzzer
XIncludes involve XPath processing which can still lead to timeouts when
fuzzing. This will probably take a while to fix. The rest of the XML
parsing code should hopefully run without timeouts now. OSS-Fuzz only
shows a single timeout test case, so separate the XInclude from the core
XML fuzzer.
|
|
|
c885bebb
|
2022-12-23T23:06:32
|
|
fuzz: Remove size limit, disable XInclude
Now that entity expansion issues should be fixed, we should get more
interesting timeout errors from OSS-Fuzz. Disable XInclude for now,
since it often timeouts in XPath computations. The XInclude tests should
be moved to a separate fuzz target.
|
|
|
85c817a2
|
2021-02-22T21:28:21
|
|
Improve fuzzer stability
- Add more calls to xmlInitializeCatalog.
- Call xmlResetLastError after fuzzing each input.
|
|
|
e2b975c3
|
2020-12-18T00:50:34
|
|
Handle malloc failures in fuzzing code
Avoid misdiagnosis in OOM situations.
|
|
|
9086988f
|
2020-12-16T15:41:52
|
|
Enforce maximum length of fuzz input
Remove the libfuzzer max_len option which doesn't apply to other
fuzzing engines. Enforce the maximum length directly in the fuzz
targets. For the xml target, lower the maximum when expanding entities
to avoid timeout and OOM errors.
|
|
|
8c3ef083
|
2020-08-24T23:17:34
|
|
Pass URL of main entity in XML fuzzer
|
|
|
6c128fd5
|
2020-06-05T13:43:45
|
|
Fuzz XInclude engine
|
|
|
00ed736e
|
2020-06-05T12:49:25
|
|
Add a couple of libFuzzer targets
- XML fuzzer
Currently tests the pull parser, push parser and reader, as well as
serialization. Supports splitting fuzz data into multiple documents
for things like external DTDs or entities. The seed corpus is built
from parts of the test suite.
- Regexp fuzzer
Seed corpus was statically generated from test suite.
- URI fuzzer
Tests parsing and most other functions from uri.c.
|