diff options
Diffstat (limited to 'fuzz/Jellyfin.Api.Fuzz')
| -rw-r--r-- | fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj | 22 | ||||
| -rw-r--r-- | fuzz/Jellyfin.Api.Fuzz/Program.cs | 33 | ||||
| -rw-r--r-- | fuzz/Jellyfin.Api.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt | 1 | ||||
| -rwxr-xr-x | fuzz/Jellyfin.Api.Fuzz/fuzz.sh | 11 |
4 files changed, 67 insertions, 0 deletions
diff --git a/fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj b/fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj new file mode 100644 index 000000000..da46e63a5 --- /dev/null +++ b/fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj @@ -0,0 +1,22 @@ +<Project Sdk="Microsoft.NET.Sdk.Web"> + + <PropertyGroup> + <OutputType>Exe</OutputType> + <TargetFramework>net7.0</TargetFramework> + </PropertyGroup> + + <ItemGroup> + <Reference Include="Jellyfin.Api"> + <HintPath>Jellyfin.Api.dll</HintPath> + </Reference> + </ItemGroup> + + <ItemGroup> + <ProjectReference Include="../../MediaBrowser.Common/MediaBrowser.Common.csproj" /> + </ItemGroup> + + <ItemGroup> + <PackageReference Include="SharpFuzz" /> + </ItemGroup> + +</Project> diff --git a/fuzz/Jellyfin.Api.Fuzz/Program.cs b/fuzz/Jellyfin.Api.Fuzz/Program.cs new file mode 100644 index 000000000..6713322ac --- /dev/null +++ b/fuzz/Jellyfin.Api.Fuzz/Program.cs @@ -0,0 +1,33 @@ +using System; +using System.Collections.Generic; +using Jellyfin.Api.Middleware; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Http.Features; +using Microsoft.Extensions.Primitives; +using SharpFuzz; + +namespace Jellyfin.Api.Fuzz +{ + public static class Program + { + public static void Main(string[] args) + { + switch (args[0]) + { + case "UrlDecodeQueryFeature": Run(UrlDecodeQueryFeature); return; + default: throw new ArgumentException($"Unknown fuzzing function: {args[0]}"); + } + } + + private static void Run(Action<string> action) => Fuzzer.OutOfProcess.Run(action); + + private static void UrlDecodeQueryFeature(string data) + { + var dict = new Dictionary<string, StringValues> + { + { data, StringValues.Empty } + }; + _ = new UrlDecodeQueryFeature(new QueryFeature(new QueryCollection(dict))); + } + } +} diff --git a/fuzz/Jellyfin.Api.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt b/fuzz/Jellyfin.Api.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt new file mode 100644 index 000000000..73f356b93 --- /dev/null +++ b/fuzz/Jellyfin.Api.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt @@ -0,0 +1 @@ +a%3D1%26b%3D2%26c%3D3 diff --git a/fuzz/Jellyfin.Api.Fuzz/fuzz.sh b/fuzz/Jellyfin.Api.Fuzz/fuzz.sh new file mode 100755 index 000000000..edf965562 --- /dev/null +++ b/fuzz/Jellyfin.Api.Fuzz/fuzz.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +dotnet build -c Release ../../Jellyfin.Api/Jellyfin.Api.csproj --output bin +sharpfuzz bin/Jellyfin.Api.dll +cp bin/Jellyfin.Api.dll . + +dotnet build +mkdir -p Findings +AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 ./bin/Debug/net7.0/Jellyfin.Api.Fuzz "$1" |