summaryrefslogtreecommitdiffstats
path: root/Modules/_xxtestfuzz/fuzzer.c
Commit message (Collapse)AuthorAgeFilesLines
* gh-73691: Increase size limits in _xxtestfuzz (#99070)Gregory P. Smith2022-11-031-3/+6
| | | | | | | | Now that our int<->str conversions are size limited and we have the _pylong module handling larger integers, we don't need to limit everything just to avoid wasting time in the quadratic time DoS-like case while fuzzing. We can tweak these further after seeing how this goes.
* bpo-29505: Add fuzzer for ast.literal_eval (GH-28777)Ammar Askar2021-10-061-0/+56
| | | This supercedes https://github.com/python/cpython/pull/3437 and fuzzes the method we recommend for unsafe inputs, `ast.literal_eval`. This should exercise the tokenizer and parser.
* bpo-44113: Update __xxtestfuzz not to use Py_SetProgramName (GH-26083)Dong-hee Na2021-05-121-8/+20
|
* Fix typo in fuzzer.c (GH-25013)Ikko Ashimine2021-03-241-2/+2
|
* bpo-43394: Fix -Wstrict-prototypes warnings (GH-24737)Brandt Bucher2021-03-041-5/+5
|
* Fuzz struct.unpack and catch RecursionError in re.compile (GH-18679)Ammar Askar2020-02-281-1/+75
|
* bpo-39245: Switch to public API for Vectorcall (GH-18460)Petr Viktorin2020-02-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The bulk of this patch was generated automatically with: for name in \ PyObject_Vectorcall \ Py_TPFLAGS_HAVE_VECTORCALL \ PyObject_VectorcallMethod \ PyVectorcall_Function \ PyObject_CallOneArg \ PyObject_CallMethodNoArgs \ PyObject_CallMethodOneArg \ ; do echo $name git grep -lwz _$name | xargs -0 sed -i "s/\b_$name\b/$name/g" done old=_PyObject_FastCallDict new=PyObject_VectorcallDict git grep -lwz $old | xargs -0 sed -i "s/\b$old\b/$new/g" and then cleaned up: - Revert changes to in docs & news - Revert changes to backcompat defines in headers - Nudge misaligned comments
* Fix typos in docs, comments and test assert messages (#14872)Min ho Kim2019-07-211-1/+1
|
* bpo-37483: add _PyObject_CallOneArg() function (#14558)Jeroen Demeyer2019-07-041-2/+2
|
* bpo-29505: Add more fuzzing for re.compile, re.load and csv.reader (GH-14255)Ammar Askar2019-06-301-16/+265
| | | Add more fuzz testing for re.compile, re.load and csv.reader
* bpo-29505: Fuzz json module, enforce size limit on int(x) fuzz (GH-13991)Ammar Askar2019-06-121-1/+52
| | | | | * bpo-29505: Enable fuzz testing of the json module, enforce size limit on int(x) fuzz and json input size to avoid timeouts. Contributed by by Ammar Askar for Google.
* bpo-29505: Fix interpreter in fuzzing targets to be relocatable (GH-13907)Ammar Askar2019-06-081-0/+8
|
* Avoid UB in test selection macro. (#3407)Devin Jeanpierre2017-09-071-5/+3
| | | | | This fixes the gcc "warning: this use of "defined" may not be portable [-Wexpansion-to-defined]" See discussion in http://bugs.python.org/issue29505
* bpo-29505: Add fuzz tests for float(str), int(str), unicode(str) (#2878)Devin Jeanpierre2017-09-061-0/+120
Add basic fuzz tests for a few common builtin functions. This is an easy place to start, and these functions are probably safe. We'll want to add more fuzz tests later. Lets bootstrap using these. While the fuzz tests are included in CPython and compiled / tested on a very basic level inside CPython itself, the actual fuzzing happens as part of oss-fuzz (https://github.com/google/oss-fuzz). The reason to include the tests in CPython is to make sure that they're maintained as part of the CPython project, especially when (as some eventually will) they use internal implementation details in the test. (This will be necessary sometimes because e.g. the fuzz test should never enter Python's interpreter loop, whereas some APIs only expose themselves publicly as Python functions.) This particular set of changes is part of testing Python's builtins, tracked internally at Google by b/37562550. The _xxtestfuzz module that this change adds need not be shipped with binary distributions of Python.