From cae753425ecc7ab6025d4366fc9b5e565f47e6b2 Mon Sep 17 00:00:00 2001 From: yhirose Date: Fri, 1 May 2026 21:28:45 +0900 Subject: [PATCH] Run all fuzzers via make fuzz_test --- .gitignore | 3 +++ test/Makefile | 29 ++++++++++++++++++++++++----- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index c20b6bd..0e0be8b 100644 --- a/.gitignore +++ b/.gitignore @@ -43,6 +43,9 @@ test/test_mbedtls test/test_wolfssl test/test_no_tls test/server_fuzzer +test/client_fuzzer +test/header_parser_fuzzer +test/url_parser_fuzzer test/test_proxy test/test_proxy_mbedtls test/test_proxy_wolfssl diff --git a/test/Makefile b/test/Makefile index cd04acb..f035b24 100644 --- a/test/Makefile +++ b/test/Makefile @@ -251,16 +251,35 @@ test_proxy_mbedtls : test_proxy.cc ../httplib.h Makefile cert.pem test_proxy_wolfssl : test_proxy.cc ../httplib.h Makefile cert.pem $(CXX) -o $@ -I.. $(CXXFLAGS) test_proxy.cc $(TEST_ARGS_WOLFSSL) -# Runs server_fuzzer.cc based on value of $(LIB_FUZZING_ENGINE). -# Usage: make fuzz_test LIB_FUZZING_ENGINE=/path/to/libFuzzer -fuzz_test: server_fuzzer - ./server_fuzzer fuzzing/corpus/* +# Runs all fuzz harnesses based on the value of $(LIB_FUZZING_ENGINE). +# By default LIB_FUZZING_ENGINE is standalone_fuzz_target_runner.o, so each +# fuzzer is replayed over its regression corpus. +# Override for actual fuzzing: +# make fuzz_test LIB_FUZZING_ENGINE=/path/to/libFuzzer +fuzz_test: server_fuzzer client_fuzzer header_parser_fuzzer url_parser_fuzzer + ./server_fuzzer fuzzing/corpus/[0-9]* fuzzing/corpus/issue1264 fuzzing/corpus/clusterfuzz-testcase-minimized-server_fuzzer-* + ./client_fuzzer fuzzing/corpus/clusterfuzz-testcase-minimized-client_fuzzer-* + ./header_parser_fuzzer fuzzing/corpus/clusterfuzz-testcase-minimized-header_parser_fuzzer-* + @matches=$$(find fuzzing/corpus -maxdepth 1 -type f -name 'clusterfuzz-testcase-minimized-url_parser_fuzzer-*'); \ + if [ -n "$$matches" ]; then ./url_parser_fuzzer $$matches; else echo "(no url_parser_fuzzer corpus)"; fi # Fuzz target, so that you can choose which $(LIB_FUZZING_ENGINE) to use. server_fuzzer : fuzzing/server_fuzzer.cc ../httplib.h standalone_fuzz_target_runner.o $(CXX) -o $@ -I.. $(CXXFLAGS) $< $(OPENSSL_SUPPORT) $(ZLIB_SUPPORT) $(BROTLI_SUPPORT) $(LIB_FUZZING_ENGINE) $(ZSTD_SUPPORT) $(LIBS) @file $@ +client_fuzzer : fuzzing/client_fuzzer.cc ../httplib.h standalone_fuzz_target_runner.o + $(CXX) -o $@ -I.. $(CXXFLAGS) $< $(OPENSSL_SUPPORT) $(ZLIB_SUPPORT) $(BROTLI_SUPPORT) $(LIB_FUZZING_ENGINE) $(ZSTD_SUPPORT) $(LIBS) + @file $@ + +header_parser_fuzzer : fuzzing/header_parser_fuzzer.cc ../httplib.h standalone_fuzz_target_runner.o + $(CXX) -o $@ -I.. $(CXXFLAGS) $< $(OPENSSL_SUPPORT) $(ZLIB_SUPPORT) $(BROTLI_SUPPORT) $(LIB_FUZZING_ENGINE) $(ZSTD_SUPPORT) $(LIBS) + @file $@ + +url_parser_fuzzer : fuzzing/url_parser_fuzzer.cc ../httplib.h standalone_fuzz_target_runner.o + $(CXX) -o $@ -I.. $(CXXFLAGS) $< $(OPENSSL_SUPPORT) $(ZLIB_SUPPORT) $(BROTLI_SUPPORT) $(LIB_FUZZING_ENGINE) $(ZSTD_SUPPORT) $(LIBS) + @file $@ + # Standalone fuzz runner, which just reads inputs from fuzzing/corpus/ dir and # feeds it to server_fuzzer. standalone_fuzz_target_runner.o : fuzzing/standalone_fuzz_target_runner.cpp @@ -273,5 +292,5 @@ cert.pem: ./gen-certs.sh clean: - rm -rf test test_split test_mbedtls test_split_mbedtls test_wolfssl test_split_wolfssl test_no_tls, test_split_no_tls test_proxy test_proxy_mbedtls test_proxy_wolfssl test_benchmark server_fuzzer *.pem *.0 *.o *.1 *.srl httplib.h httplib.cc _build* *.dSYM *_shard_*.log cpp-httplib + rm -rf test test_split test_mbedtls test_split_mbedtls test_wolfssl test_split_wolfssl test_no_tls, test_split_no_tls test_proxy test_proxy_mbedtls test_proxy_wolfssl test_benchmark server_fuzzer client_fuzzer header_parser_fuzzer url_parser_fuzzer *.pem *.0 *.o *.1 *.srl httplib.h httplib.cc _build* *.dSYM *_shard_*.log cpp-httplib