fuzz-bus-match: new fuzzer

This fuzzer is based on test-bus-match. Even the initial corpus is derived entirely from it. https://bugzilla.redhat.com/show_bug.cgi?id=1935084 shows an crash in bus_match_parse(). I checked the coverage stats on oss-fuzz, and sadly existing fuzzing did not cover this code at all.
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2021-03-04 21:29:48 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2021-03-06 09:32:18 +0100
commit: 84f11eda20e99f8496731a19dda41bffe862b99c (patch)
tree: 8abab30631ac39deeb7173829a5a3e6df77b61ef /test/fuzz
parent: test-bus-match: small modernization (diff)
download: systemd-84f11eda20e99f8496731a19dda41bffe862b99c.tar.xz
systemd-84f11eda20e99f8496731a19dda41bffe862b99c.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/test/fuzz/fuzz-bus-match/test.input b/test/fuzz/fuzz-bus-match/test.input
new file mode 100644
index 0000000000..92c02fc75a
--- /dev/null
+++ b/test/fuzz/fuzz-bus-match/test.input
@@ -0,0 +1,18 @@
+arg2='wal\'do',sender='foo',type='signal',interface='bar.x',
+arg2='wal\'do2',sender='foo',type='signal',interface='bar.x',
+arg3='test',sender='foo',type='signal',interface='bar.x',
+arg3='test',sender='foo',type='method_call',interface='bar.x',
+
+interface='quux.x'
+interface='bar.x'
+member='waldo',path='/foo/bar'
+path='/foo/bar'
+path_namespace='/foo'
+path_namespace='/foo/quux'
+arg1='two'
+member='waldo',arg2path='/prefix/'
+member=waldo,path='/foo/bar',arg3namespace='prefix'
+arg4has='pi'
+arg4has='pa'
+arg4has='po'
+arg4='pi'
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2021-03-04 21:29:48 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2021-03-06 09:32:18 +0100
commit	84f11eda20e99f8496731a19dda41bffe862b99c (patch)
tree	8abab30631ac39deeb7173829a5a3e6df77b61ef /test/fuzz
parent	test-bus-match: small modernization (diff)
download	systemd-84f11eda20e99f8496731a19dda41bffe862b99c.tar.xz systemd-84f11eda20e99f8496731a19dda41bffe862b99c.zip