:wrench: Fuzzit

diff --git a/.github/workflows/fuzzit.yml b/.github/workflows/fuzzit.yml
new file mode 100644 (file)
index 0000000..95fd4fb
--- /dev/null
+++ b/.github/workflows/fuzzit.yml
@@ -0,0 +1,35 @@
+
+name: Fuzzing
+
+on:
+  push:
+    branches:    
+    - 'master'
+
+jobs:
+  build:
+    name: Fuzzing
+    runs-on: ubuntu-latest
+    if: "!contains(github.event.head_commit.message, '[skip ci]')"
+
+    steps:
+    - name: Build Gwion
+      uses: fennecdjay/gwion-action@v1
+      with:
+        dir: .
+        ref: ${{ github.sha }}
+      env:
+        CC: clang
+        CFLAGS: -fsanitize-coverage=trace-pc-guard 
+
+     - name: Build fuzzer
+       run: ${CC} -fsanitize=fuzzer -Iutil/include -Iast/include -Iinclude -fsanitize=fuzzer scripts/fuzzer.c libgwion.a util/libgwion_util.a ast/libgwion_ast.a -o fuzzer
+       env:
+         CC: clang
+
+     - name: Setup fuzzit tool
+       run: |
+         wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/latest/download/fuzzit_Linux_x86_64
+         chmod a+x fuzzit
+         ./fuzzit auth ${{ secrets.FUZZIT }}
+         ./fuzzit ./fuzzit create job --type fuzzing gwion fuzzer

diff --git a/scripts/fuzzer.c b/scripts/fuzzer.c
new file mode 100644 (file)
index 0000000..ee1b02e
--- /dev/null
+++ b/scripts/fuzzer.c
@@ -0,0 +1,30 @@
+#include "gwion_util.h"
+#include "gwion_ast.h"
+#include "gwion_ast.h"
+#include "gwion_env.h"
+#include "vm.h"
+#include "gwion.h"
+#include "arg.h"
+#include "compile.h"
+
+static struct Gwion_ gwion;
+
+static void initialize() {
+  Arg arg = { .loop=-1 };
+  const m_bool ini = gwion_ini(&gwion, &arg);
+  arg_release(&arg);
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  if(!gwion.mp)
+    initialize();
+  push_global(&gwion, "[afl]");
+  m_str str = mp_calloc2(gwion.mp, Size + 1);
+  memcpy(str, Data, Size);
+  str[Size] = '\0';
+  if(compile_string(&gwion, "libfuzzer", str))
+    gwion_run(&gwion);
+  pop_global(&gwion);
+  mp_free2(gwion.mp, Size + 1, str);
+  return 0;
+}