Tim Rühsen
a6e4703318
Fix oss-fuzz issue #2600 (buffer overflow in libicu code)
...
Added a reproducer corpus and fixed the broken libicu code.
The buffer overflow could be triggered by psl_load(), psl_load_fp(),
psl_is_public_suffix(), psl_is_public_suffix2(), psl_unregistrable_domain(),
and psl_registrable_domain().
2017-07-13 15:40:58 +02:00
Tim Rühsen
3f03987897
Fix fuzz/ regression tester building
2017-07-13 15:39:46 +02:00
Tim Rühsen
631362d3d0
Fuzz all types of builds (idn2, idn, icu, none)
2017-07-12 15:37:35 +02:00
Tim Rühsen
2abce22058
Add UBSAN testing for Travis CI
2017-07-09 20:53:56 +02:00
Tim Rühsen
926cc34ade
Fix uninitialised value created by stack allocation
...
Using valgrind testing the fuzz corpora revealed a missing
check in _add_punycode_if_needed() which lead to a
"Uninitialised value was created by a stack allocation".
Thanks to OSS-fuzz for the corpora, thanks valgrind to find this
issue (asan and ubsan didn't find it).
2017-07-09 20:21:55 +02:00
Tim Rühsen
d583db99b8
Update oss-fuzz target for static linking
2017-07-08 18:02:52 +02:00
Tim Rühsen
467f035f0a
Add one new corpus for libpsl_load_fuzzer
2017-07-08 12:11:50 +02:00
Tim Rühsen
90a1198939
Find static libidn2 via configure
2017-07-06 11:08:20 +02:00
Tim Rühsen
49c9fade7a
Fix fuzz/run-clang.sh for CTRL-C
2017-07-02 21:23:10 +02:00
Tim Rühsen
f2b9b2447a
Remove C++ settings from fuzz/README.md
2017-07-02 21:11:43 +02:00
Tim Rühsen
5e562e6f3b
Update fuzzer corpora and scripts
2017-06-30 19:55:55 +02:00
Tim Rühsen
61824edc3d
Add oss-fuzz corpora downloader
2017-06-26 19:55:04 +02:00
Tim Rühsen
0cbb7089f6
Enable ASan for Travis CI testing
2017-06-20 21:08:35 +02:00
Tim Rühsen
b858480f0d
Add --enable-asan --enable-ubsan to contrib/check-hard
2017-06-20 16:44:41 +02:00
Tim Rühsen
492c884d7d
Fix memory overflow in LIBICU code of psl_str_to_utf8lower()
...
Immediately discovered with the new --enable-asan / --enable-ubsan
configure options, thanks to the fuzz corpora.
2017-06-20 16:30:29 +02:00
Tim Rühsen
47734a6f1f
Add --enable-asan and --enable-usan configure options
2017-06-20 16:27:18 +02:00
Tim Rühsen
e20e6f369b
Add clang's CFI instrumentation
...
Add --enable-cfi ./configure option to enable
LLVM/Clang's Control Flow Integrity for builds.
CFI aborts a program upon detecting certain forms of undefined behavior
that can potentially allow attackers to subvert the program’s control flow.
2017-06-19 17:14:29 +02:00
Tim Rühsen
d417badedb
New corpora for libpsl_load_fuzzer
2017-06-19 10:49:26 +02:00
Tim Rühsen
81737c9260
New OSS-Fuzz corpora for libpsl_load_dafsa_fuzzer
2017-06-19 10:44:20 +02:00
Tim Rühsen
fa69455d07
Add fuzz/ stuff to .gitignore
2017-06-14 14:37:23 +02:00
Tim Rühsen
f304dbe324
More fuzzer improvements
2017-06-14 12:48:58 +02:00
Tim Rühsen
43f460d4c5
New OSS-Fuzz corpora for libpsl_fuzzer
2017-06-14 11:40:56 +02:00
Tim Rühsen
44db84e6ec
More corpora for libpsl_load_dafsa_fuzzer
2017-06-14 10:00:49 +02:00
Tim Rühsen
666c07b364
New fuzz/libpsl_load_fuzzer.c plus corpus directory
2017-06-14 09:49:07 +02:00
Tim Rühsen
6ca1304bd4
Fix libpsl_load_dafsa_fuzzer for libc6 < 2.22
2017-06-14 09:07:54 +02:00
Tim Rühsen
d686c1fff7
Fix memleak in _psl_is_public_suffix() (found by fuzzing)
2017-06-13 22:24:18 +02:00
Tim Rühsen
812e887530
New fuzz corpora
2017-06-13 22:17:09 +02:00
Tim Rühsen
896a5e299a
Enhance fuzzing
2017-06-13 22:16:14 +02:00
Tim Rühsen
e8f083e867
Add function calls to fuzz/libpsl_fuzzer.c
2017-06-12 17:07:54 +02:00
Tim Rühsen
9da4e94c1a
Update fuzz/README.md
2017-06-12 17:07:07 +02:00
Tim Rühsen
e584007f42
* src/psl.c (psl_str_to_utf8lower): Fix docs
2017-06-12 17:00:53 +02:00
Tim Rühsen
045bf63031
Fix double free in psl_load_fp(), found by fuzzing
2017-06-09 22:53:19 +02:00
Tim Rühsen
bce2e9acb0
fuzz/fuzzer.h: Add extern 'C'
2017-06-09 20:35:46 +02:00
Tim Rühsen
f41c6aaf63
Add fuzzing architecture
2017-06-09 16:27:37 +02:00
Tim Rühsen
fa2985a535
Update PSL submodule
2017-06-09 11:01:17 +02:00
Tim Rühsen
a33feb8ff4
Fix typos found by ka7/misspell_fixer
2017-04-19 11:46:27 +02:00
Tim Rühsen
d23cf2bf17
Update PSL submodule
2017-04-19 11:43:11 +02:00
Tim Rühsen
448f6e4564
Fix order of files in psl_latest()
...
If 'dist_filename' and 'filename' are given and both have the same
age, we want 'dist_filename' (expected DAFSA) being loaded.
2017-02-21 12:18:29 +01:00
Tim Rühsen
8fddb72033
Release v0.17.0
2017-01-16 12:57:25 +01:00
Tim Rühsen
2aa06e17c8
Update PSL submodule
2017-01-16 12:14:37 +01:00
Tim Rühsen
eda8276b5f
Use NON-TRANSITIONAL toASCII() with libicu
2017-01-16 10:47:21 +01:00
Tim Rühsen
26d0856d0a
Fix typo
2017-01-16 10:26:12 +01:00
Tim Rühsen
526768cc5d
Use TR46 non-transitional with libidn2 >= 0.14
...
I changed my mind after talking with the cURL
maintainer Daniel Stenberg.
See https://github.com/curl/curl/pull/1207
2017-01-14 15:47:44 +01:00
Tim Rühsen
71059c2c6d
Work around https://github.com/eddyxu/cpp-coveralls/issues/108
2017-01-04 20:25:38 +01:00
Tim Rühsen
1a06a6c888
Add coveralls token to .travis_coveralls.sh
2017-01-04 17:19:05 +01:00
Tim Rühsen
31684dc7fd
Add psl_latest() and psl_dist_filename() to tests
2017-01-04 17:10:57 +01:00
Tim Rühsen
a3f6134a5e
Amend .travis_coveralls.sh
2017-01-04 16:54:09 +01:00
Tim Rühsen
2c17d56234
Use TR46 transitional with libidn2 >= 0.14
2017-01-03 12:30:43 +01:00
Tim Rühsen
7d5f3a67af
Release v0.16.1
2016-12-15 13:01:45 +01:00
Tim Rühsen
d4ea513f27
Add --use-latest-psl to tools/psl, now default
...
Fixes #76
2016-12-15 12:51:35 +01:00