summaryrefslogtreecommitdiff
path: root/Meta/Lagom
AgeCommit message (Collapse)Author
2020-11-29Meta: Add GitHub Actions workflow for Lagom with FuzzersLuke
There are cases where Lagom will build with GCC but not Clang. This often goes unnoticed for a while as we don't often build with Clang. However, this is now important to test in CI because of the OSS-Fuzz integration. Note that this only tests the build, it does not run any tests. Note that it also only builds LagomCore, Lagom and the fuzzers. It does not build the other programs that use Lagom.
2020-11-29Lagom: Mention OSS-Fuzz in ReadMeNico Weber
We added OSS-Fuzz integration in #4154, but documentation about it is spread across several pull requests, IRC, and issues. Let's collect the important bits in the ReadMe.
2020-11-29Lagom: Add a Shell parser fuzzerAnotherTest
2020-11-29Lagom: Add Regex fuzzersLinus Groh
2020-11-27Lagom: Various fixes to make Lagom run on OSS-Fuzz (#4176)DavidKorczynski
2020-11-27LibRegex: Add a regular expression libraryEmanuel Sprung
This commit is a mix of several commits, squashed into one because the commits before 'Move regex to own Library and fix all the broken stuff' were not fixable in any elegant way. The commits are listed below for "historical" purposes: - AK: Add options/flags and Errors for regular expressions Flags can be provided for any possible flavour by adding a new scoped enum. Handling of flags is done by templated Options class and the overloaded '|' and '&' operators. - AK: Add Lexer for regular expressions The lexer parses the input and extracts tokens needed to parse a regular expression. - AK: Add regex Parser and PosixExtendedParser This patchset adds a abstract parser class that can be derived to implement different parsers. A parser produces bytecode to be executed within the regex matcher. - AK: Add regex matcher This patchset adds an regex matcher based on the principles of the T-REX VM. The bytecode pruduced by the respective Parser is put into the matcher and the VM will recursively execute the bytecode according to the available OpCodes. Possible improvement: the recursion could be replaced by multi threading capabilities. To match a Regular expression, e.g. for the Posix standard regular expression matcher use the following API: ``` Pattern<PosixExtendedParser> pattern("^.*$"); auto result = pattern.match("Well, hello friends!\nHello World!"); // Match whole needle EXPECT(result.count == 1); EXPECT(result.matches.at(0).view.starts_with("Well")); EXPECT(result.matches.at(0).view.end() == "!"); result = pattern.match("Well, hello friends!\nHello World!", PosixFlags::Multiline); // Match line by line EXPECT(result.count == 2); EXPECT(result.matches.at(0).view == "Well, hello friends!"); EXPECT(result.matches.at(1).view == "Hello World!"); EXPECT(pattern.has_match("Well,....")); // Just check if match without a result, which saves some resources. ``` - AK: Rework regex to work with opcodes objects This patchsets reworks the matcher to work on a more structured base. For that an abstract OpCode class and derived classes for the specific OpCodes have been added. The respective opcode logic is contained in each respective execute() method. - AK: Add benchmark for regex - AK: Some optimization in regex for runtime and memory - LibRegex: Move regex to own Library and fix all the broken stuff Now regex works again and grep utility is also in place for testing. This commit also fixes the use of regex.h in C by making `regex_t` an opaque (-ish) type, which makes its behaviour consistent between C and C++ compilers. Previously, <regex.h> would've blown C compilers up, and even if it didn't, would've caused a leak in C code, and not in C++ code (due to the existence of `OwnPtr` inside the struct). To make this whole ordeal easier to deal with (for now), this pulls the definitions of `reg*()` into LibRegex. pros: - The circular dependency between LibC and LibRegex is broken - Eaiser to test (without accidentally pulling in the host's libc!) cons: - Using any of the regex.h functions will require the user to link -lregex - The symbols will be missing from libc, which will be a big surprise down the line (especially with shared libs). Co-Authored-By: Ali Mohammad Pur <ali.mpfard@gmail.com>
2020-11-26Lagom: Rename FuzzBMP to FuzzBMPLoaderNico Weber
2020-11-26Lagom: Make BMP fuzzer look like the other image loader fuzzersNico Weber
2020-11-26Lagom: Add fuzzers for remaining image loaders: ICO, PNG, PBM, PGMNico Weber
2020-11-25Lagom: Fix FuzzJs buildLinus Groh
This was broken with the JS::Parser::Error position changes, but I don't actually see a reason to do anything with the parser errors here, so let's remove it and consider simply not crashing a success. :^)
2020-11-20Lagom: Add a gif loader fuzzerNico Weber
2020-11-19Lagom: Add a jpg fuzzerNico Weber
2020-11-19Lagom: Make fuzzer cmake less repetitiveNico Weber
2020-11-19Lagom: Add a PPM fuzzerNico Weber
It finds the problem fixed in 69518bd178ebfaa but nothing else.
2020-11-14Lagom: Use -fsanitize=fuzzer, not -fsanitize=fuzzer-no-linkNico Weber
Fuzzers don't link for me without this change.
2020-11-14Lagom: Add a gemini fuzzerNico Weber
Didn't find anything interesting, but might as well check it in.
2020-11-14Lagom: Augment fuzzing readme a bitNico Weber
Recommend using asan, don't set the c compiler (c++ compiler is sufficient), mention how to run on several cores, and how to get less output.
2020-11-12Lagom: Add ntpquery to lagom buildNico Weber
2020-11-10Userland: Add an "adjtime" utilityNico Weber
It's a thin userland wrapper around adjtime(2). It can be used to view current pending time adjustments, and root can use it to smoothly adjust the system time. As far as I can tell, other systems don't have a userland utility for this, but it seems useful. Useful enough that I'm adding it to the lagom build so I can use it on my linux box too :)
2020-11-08Lagom/Fuzzers: Add a Dockerfile for FuzzilliJsLinus Groh
Based on Fedora. This allows building and running FuzzilliJs and Fuzzilli itself in a Docker/Podman container.
2020-11-07Documentation: Update required GCC version to >= 10Linus Groh
I initially thought as long as Lagom is not built >= 9 would be fine, but LagomCore is always built for the code generators.
2020-11-07Lagom/Fuzzers: Add Fuzzilli version of FuzzJsLuke
Fuzzilli is a JavaScript engine fuzzer made by googleprojectzero. https://github.com/googleprojectzero/fuzzilli/
2020-11-02Travis: Update host GCC to version 10Linus Groh
This allows us to use the latest C++20 features in programs which we compile and run as part of Lagom.
2020-10-30LibTLS: (Almost) verify certificate chain against root CA certificatesAnotherTest
Also adds a very primitive systemwide ca_certs.ini file.
2020-10-29CMake: Use CONFIGURE_DEPENDS in existing globs.asynts
2020-09-12Meta: Describe how to analyze an LLVM fuzzer crashBen Wiederhake
2020-09-12Meta+LibGfx: Fuzz BMP parsingBen Wiederhake
2020-09-12LibJS: Fix start position of multi-line tokensBen Wiederhake
This broke in case of unterminated regular expressions, causing goofy location numbers, and 'source_location_hint' to eat up all memory: Unexpected token UnterminatedRegexLiteral. Expected statement (line: 2, column: 4294967292)
2020-09-01Build: Add some -Wno-unknown-warning-option flags to CXXFLAGSAndreas Kling
Patch from Anonymous.
2020-08-24Meta+Userland: Run the TLS test tooAnotherTest
While this _does_ add a point of failure, it'll be a pretty bad day when google goes down. And this is unlikely to put a (positive) dent in their incoming requests, so let's just roll with it until we have our own TLS server.
2020-08-15Lagom: Add LibHTTP to Lagom (it builds fine without changes)Andreas Kling
2020-08-10Lagom+LibELF: Add an ELF fuzzer, and tweak the code to survive a few minutes ↵Nico Weber
of fuzzing (#3071) If a buffer smaller than Elf32_Ehdr was passed to Image, header() would do an out-of-bounds read. Make parse() check for that. Make most Image methods assert that the image is_valid(). For that to work, set m_valid early in Image::parse() instead of only at its end. Also reorder a few things so that the fuzzer doesn't hit (valid) assertions, which were harmless from a security PoV but which still allowed userspace to crash the kernel with an invalid ELF file. Make dbgprintf()s configurable at run time so that the fuzzer doesn't produce lots of logspam.
2020-08-09Lagom: Pass -Wno-deprecated-copy to clang tooNico Weber
Due to Serenity's use of concepts, it now requires clang 10 or newer, and clang 10 or newer both understands and requires -Wno-deprecated-copy.
2020-08-09disasm: For ELF files, disassemble .text sectionNico Weber
Since disasm is built in lagom, this requires adding LibELF to lagom.
2020-08-04Build: Make things build with clang without needing local changesNico Weber
Useful for sanitizer fuzzer builds. clang doesn't have a -fconcepts switch (I'm guessing it just enables concepts automatically with -std=c++2a, but I haven't checked), and at least the version on my system doesn't understand -Wno-deprecated-move, so pass these two flags only to gcc. In return, disable -Woverloaded-virtual which fires in many places. The preceding commits fixed the handful of -Wunused-private-field warnings that clang emitted.
2020-08-04LibCompress: Add LibCompressstelar7
For now this only contains DEFLATE, and a very simple Zlib Eventually GZip, etc. can go here as well.
2020-07-29Lagom: Clean up glob after puff.c -> puff.cpp renameNico Weber
2020-07-27Lagom: Build with -std=c++2a -Wno-deprecated-copyAndreas Kling
2020-07-23Lagom: Add LibGemini, LibGfxNico Weber
They are dependencies of LibWeb and might be useful for running test-web on GitHub actions one day.
2020-07-14Lagom: Add a markdown fuzzerNico Weber
2020-07-14Lagom: Add a note on how to build the fuzzers to readmeNico Weber
2020-07-06LibJS/test-js: Create test-js program, prepare for test suite refactorMatthew Olsson
This moves most of the work from run-tests.sh to test-js.cpp. This way, we have a lot more control over how the test suite runs, as well as how it outputs. This should result in some cool functionality! This commit also refactors test-common.js to mimic the jest library. This should allow tests to be much more expressive :)
2020-07-05Shell: Build as part of Lagom as wellAnotherTest
Bringing the Serenity Shell to your very own host system :^)
2020-06-13AK: JsonParser improvementsMatthew Olsson
- Parsing invalid JSON no longer asserts Instead of asserting when coming across malformed JSON, JsonParser::parse now returns an Optional<JsonValue>. - Disallow trailing commas in JSON objects and arrays - No longer parse 'undefined', as that is a purely JS thing - No longer allow non-whitespace after anything consumed by the initial parse() call. Examples of things that were valid and no longer are: - undefineddfz - {"foo": 1}abcd - [1,2,3]4 - JsonObject.for_each_member now iterates in original insertion order
2020-06-07Meta: Run Crypto tests in CIAnotherTest
We skip the tests that are not self-contained (TLS) to avoid adding extra variables to the tests.
2020-06-01Lagom: Fix target nameSergey Bugaev
2020-05-27Lagom: Build LibCrypto, LibTLS and test-crypto :^)Andreas Kling
2020-05-15LibJS: Let parser keep track of errorsLinus Groh
Rather than printing them to stderr directly the parser now keeps a Vector<Error>, which allows the "owner" of the parser to consume them individually after parsing. The Error struct has a message, line number, column number and a to_string() helper function to format this information into a meaningful error message. The Function() constructor will now include an error message when throwing a SyntaxError.
2020-05-14Build: Switch to CMake :^)Sergey Bugaev
Closes https://github.com/SerenityOS/serenity/issues/2080
2020-05-09Lagom: Add missing copyright header to FuzzJS.cppLinus Groh