开源 企业版 高校版 私有云 模力方舟 AI 队友
代码拉取完成,页面将自动刷新
捐赠
捐赠前请先登录
扫描微信二维码支付
取消
支付完成
支付提示
将跳转至支付宝完成支付
确定
取消
1 Star 0 Fork 0

source-code-analysis/python3.7.4

加入 Gitee
与超过 1400万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
已有帐号? 立即登录
文件
master
分支 (1)
master
master
分支 (1)
master
克隆/下载
克隆/下载
提示
下载代码请复制以下命令到终端执行
为确保你提交的代码身份被 Gitee 正确识别,请执行以下命令完成配置
初次使用 SSH 协议进行代码克隆、推送等操作时,需按下述提示完成 SSH 配置
1 生成 RSA 密钥
2 获取 RSA 公钥内容,并配置到 SSH公钥
在 Gitee 上使用 SVN,请访问 使用指南
使用 HTTPS 协议时,命令行会出现如下账号密码验证步骤。基于安全考虑,Gitee 建议 配置并使用私人令牌 替代登录密码进行克隆、推送等操作
Username for 'https://gitee.com': userName
Password for 'https://userName@gitee.com': # 私人令牌
master
分支 (1)
master
fuzzer.c 5.96 KB
一键复制 编辑 原始数据 按行查看 历史
zhangweibo 提交于 2021年11月17日 13:49 +08:00 . git init
/* A fuzz test for CPython.
The only exposed function is LLVMFuzzerTestOneInput, which is called by
fuzzers and by the _fuzz module for smoke tests.
To build exactly one fuzz test, as when running in oss-fuzz etc.,
build with -D _Py_FUZZ_ONE and -D _Py_FUZZ_<test_name>. e.g. to build
LLVMFuzzerTestOneInput to only run "fuzz_builtin_float", build this file with
-D _Py_FUZZ_ONE -D _Py_FUZZ_fuzz_builtin_float.
See the source code for LLVMFuzzerTestOneInput for details. */
#include <Python.h>
#include <stdlib.h>
#include <inttypes.h>
/* Fuzz PyFloat_FromString as a proxy for float(str). */
static int fuzz_builtin_float(const char* data, size_t size) {
PyObject* s = PyBytes_FromStringAndSize(data, size);
if (s == NULL) return 0;
PyObject* f = PyFloat_FromString(s);
if (PyErr_Occurred() && PyErr_ExceptionMatches(PyExc_ValueError)) {
PyErr_Clear();
}
Py_XDECREF(f);
Py_DECREF(s);
return 0;
}
#define MAX_INT_TEST_SIZE 0x10000
/* Fuzz PyLong_FromUnicodeObject as a proxy for int(str). */
static int fuzz_builtin_int(const char* data, size_t size) {
/* Ignore test cases with very long ints to avoid timeouts
int("9" * 1000000) is not a very interesting test caase */
if (size > MAX_INT_TEST_SIZE) {
return 0;
}
/* Pick a random valid base. (When the fuzzed function takes extra
parameters, it's somewhat normal to hash the input to generate those
parameters. We want to exercise all code paths, so we do so here.) */
int base = _Py_HashBytes(data, size) % 37;
if (base == 1) {
// 1 is the only number between 0 and 36 that is not a valid base.
base = 0;
}
if (base == -1) {
return 0; // An error occurred, bail early.
}
if (base < 0) {
base = -base;
}
PyObject* s = PyUnicode_FromStringAndSize(data, size);
if (s == NULL) {
if (PyErr_ExceptionMatches(PyExc_UnicodeDecodeError)) {
PyErr_Clear();
}
return 0;
}
PyObject* l = PyLong_FromUnicodeObject(s, base);
if (l == NULL && PyErr_ExceptionMatches(PyExc_ValueError)) {
PyErr_Clear();
}
PyErr_Clear();
Py_XDECREF(l);
Py_DECREF(s);
return 0;
}
/* Fuzz PyUnicode_FromStringAndSize as a proxy for unicode(str). */
static int fuzz_builtin_unicode(const char* data, size_t size) {
PyObject* s = PyUnicode_FromStringAndSize(data, size);
if (s == NULL && PyErr_ExceptionMatches(PyExc_UnicodeDecodeError)) {
PyErr_Clear();
}
Py_XDECREF(s);
return 0;
}
#define MAX_JSON_TEST_SIZE 0x10000
/* Initialized in LLVMFuzzerTestOneInput */
PyObject* json_loads_method = NULL;
/* Fuzz json.loads(x) */
static int fuzz_json_loads(const char* data, size_t size) {
/* Since python supports arbitrarily large ints in JSON,
long inputs can lead to timeouts on boring inputs like
`json.loads("9" * 100000)` */
if (size > MAX_JSON_TEST_SIZE) {
return 0;
}
PyObject* input_bytes = PyBytes_FromStringAndSize(data, size);
if (input_bytes == NULL) {
return 0;
}
PyObject* parsed = PyObject_CallFunctionObjArgs(json_loads_method, input_bytes, NULL);
/* Ignore ValueError as the fuzzer will more than likely
generate some invalid json and values */
if (parsed == NULL && PyErr_ExceptionMatches(PyExc_ValueError)) {
PyErr_Clear();
}
/* Ignore RecursionError as the fuzzer generates long sequences of
arrays such as `[[[...` */
if (parsed == NULL && PyErr_ExceptionMatches(PyExc_RecursionError)) {
PyErr_Clear();
}
/* Ignore unicode errors, invalid byte sequences are common */
if (parsed == NULL && PyErr_ExceptionMatches(PyExc_UnicodeDecodeError)) {
PyErr_Clear();
}
Py_DECREF(input_bytes);
Py_XDECREF(parsed);
return 0;
}
/* Run fuzzer and abort on failure. */
static int _run_fuzz(const uint8_t *data, size_t size, int(*fuzzer)(const char* , size_t)) {
int rv = fuzzer((const char*) data, size);
if (PyErr_Occurred()) {
/* Fuzz tests should handle expected errors for themselves.
This is last-ditch check in case they didn't. */
PyErr_Print();
abort();
}
/* Someday the return value might mean something, propagate it. */
return rv;
}
/* CPython generates a lot of leak warnings for whatever reason. */
int __lsan_is_turned_off(void) { return 1; }
int LLVMFuzzerInitialize(int *argc, char ***argv) {
wchar_t* wide_program_name = Py_DecodeLocale(*argv[0], NULL);
Py_SetProgramName(wide_program_name);
return 0;
}
/* Fuzz test interface.
This returns the bitwise or of all fuzz test's return values.
All fuzz tests must return 0, as all nonzero return codes are reserved for
future use -- we propagate the return values for that future case.
(And we bitwise or when running multiple tests to verify that normally we
only return 0.) */
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
if (!Py_IsInitialized()) {
/* LLVMFuzzerTestOneInput is called repeatedly from the same process,
with no separate initialization phase, sadly, so we need to
initialize CPython ourselves on the first run. */
Py_InitializeEx(0);
}
#if !defined(_Py_FUZZ_ONE) || defined(_Py_FUZZ_fuzz_json_loads)
if (json_loads_method == NULL) {
PyObject* json_module = PyImport_ImportModule("json");
json_loads_method = PyObject_GetAttrString(json_module, "loads");
}
#endif
int rv = 0;
#if !defined(_Py_FUZZ_ONE) || defined(_Py_FUZZ_fuzz_builtin_float)
rv |= _run_fuzz(data, size, fuzz_builtin_float);
#endif
#if !defined(_Py_FUZZ_ONE) || defined(_Py_FUZZ_fuzz_builtin_int)
rv |= _run_fuzz(data, size, fuzz_builtin_int);
#endif
#if !defined(_Py_FUZZ_ONE) || defined(_Py_FUZZ_fuzz_builtin_unicode)
rv |= _run_fuzz(data, size, fuzz_builtin_unicode);
#endif
#if !defined(_Py_FUZZ_ONE) || defined(_Py_FUZZ_fuzz_json_loads)
rv |= _run_fuzz(data, size, fuzz_json_loads);
#endif
return rv;
}
Loading...
举报
举报成功
我们将于2个工作日内通过站内信反馈结果给你!
请认真填写举报原因,尽可能描述详细。
请选择举报类型
取消
发送
误判申诉

此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。

如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。

取消
提交

简介

暂无描述
取消

发行版

暂无发行版

贡献者

全部

近期动态

不能加载更多了
编辑仓库简介
简介内容
主页
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/python_sourcecode/python3.7.4.git
git@gitee.com:python_sourcecode/python3.7.4.git
python_sourcecode
python3.7.4
python3.7.4
master
点此查找更多帮助

搜索帮助

评论
仓库举报
回到顶部
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册

AltStyle によって変換されたページ (->オリジナル) /