From 1ef2b2ac806a34684b4036f163c6c27cdb3a34b8 Mon Sep 17 00:00:00 2001
From: =?utf8?q?J=C3=A9r=C3=A9mie=20Astor?= <astor.jeremie@wanadoo.fr>
Date: Sun, 17 May 2020 12:01:18 +0200
Subject: [PATCH] :wrench: Fuzzit

---
 .github/workflows/fuzzit.yml | 35 +++++++++++++++++++++++++++++++++++
 scripts/fuzzer.c             | 30 ++++++++++++++++++++++++++++++
 2 files changed, 65 insertions(+)
 create mode 100644 .github/workflows/fuzzit.yml
 create mode 100644 scripts/fuzzer.c

diff --git a/.github/workflows/fuzzit.yml b/.github/workflows/fuzzit.yml
new file mode 100644
index 00000000..95fd4fb9
--- /dev/null
+++ b/.github/workflows/fuzzit.yml
@@ -0,0 +1,35 @@
+
+name: Fuzzing
+
+on:
+  push:
+    branches:    
+    - 'master'
+
+jobs:
+  build:
+    name: Fuzzing
+    runs-on: ubuntu-latest
+    if: "!contains(github.event.head_commit.message, '[skip ci]')"
+
+    steps:
+    - name: Build Gwion
+      uses: fennecdjay/gwion-action@v1
+      with:
+        dir: .
+        ref: ${{ github.sha }}
+      env:
+        CC: clang
+        CFLAGS: -fsanitize-coverage=trace-pc-guard 
+
+     - name: Build fuzzer
+       run: ${CC} -fsanitize=fuzzer -Iutil/include -Iast/include -Iinclude -fsanitize=fuzzer scripts/fuzzer.c libgwion.a util/libgwion_util.a ast/libgwion_ast.a -o fuzzer
+       env:
+         CC: clang
+
+     - name: Setup fuzzit tool
+       run: |
+         wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/latest/download/fuzzit_Linux_x86_64
+         chmod a+x fuzzit
+         ./fuzzit auth ${{ secrets.FUZZIT }}
+         ./fuzzit ./fuzzit create job --type fuzzing gwion fuzzer
diff --git a/scripts/fuzzer.c b/scripts/fuzzer.c
new file mode 100644
index 00000000..ee1b02ef
--- /dev/null
+++ b/scripts/fuzzer.c
@@ -0,0 +1,30 @@
+#include "gwion_util.h"
+#include "gwion_ast.h"
+#include "gwion_ast.h"
+#include "gwion_env.h"
+#include "vm.h"
+#include "gwion.h"
+#include "arg.h"
+#include "compile.h"
+
+static struct Gwion_ gwion;
+
+static void initialize() {
+  Arg arg = { .loop=-1 };
+  const m_bool ini = gwion_ini(&gwion, &arg);
+  arg_release(&arg);
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  if(!gwion.mp)
+    initialize();
+  push_global(&gwion, "[afl]");
+  m_str str = mp_calloc2(gwion.mp, Size + 1);
+  memcpy(str, Data, Size);
+  str[Size] = '\0';
+  if(compile_string(&gwion, "libfuzzer", str))
+    gwion_run(&gwion);
+  pop_global(&gwion);
+  mp_free2(gwion.mp, Size + 1, str);
+  return 0;
+}
-- 
2.43.0