summaryrefslogtreecommitdiffstats
path: root/Modules/_xxtestfuzz
Commit message (Collapse)AuthorAgeFilesLines
* When the Py_CompileStringExFlags fuzzer encounters a SystemError, abort ↵Alex Gaynor2024-02-071-2/+9
| | | | | (#115147) This allows us to catch bugs beyond memory corruption and assertions.
* Add a fuzzer for `Py_CompileStringExFlags` (#111721)Brad Larsen2023-12-109-0/+262
|
* Add a fuzz target for `_elementtree.XMLParser._parse_whole` (#111477)Brad Larsen2023-11-0359-0/+620
| | | * Add a fuzzer for `_elementtree.XMLParser._parse_whole`
* gh-107652: Set up CIFuzz to run fuzz targets continuously (#107653)Illia Volochii2023-10-091-0/+3
| | | | Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
* gh-109098: Fuzz re module instead of internal sre (#109911)Ammar Askar2023-09-261-27/+18
| | | | | * gh-109098: Fuzz re module instead of internal sre * Fix c-analyzer globals test failure * Put globals exception in ignored.tsv
* gh-106320: Move private _PyHash API to the internal C API (#107026)Victor Stinner2023-07-221-0/+5
| | | | | * No longer export most private _PyHash symbols, only export the ones which are needed by shared extensions. * Modules/_xxtestfuzz/fuzzer.c now uses the internal C API.
* gh-104922: remove PY_SSIZE_T_CLEAN (#106315)Inada Naoki2023-07-021-1/+0
|
* gh-104051: fix crash in test_xxtestfuzz with -We (#104052)Irit Katriel2023-05-051-3/+10
|
* gh-73691: Increase size limits in _xxtestfuzz (#99070)Gregory P. Smith2022-11-031-3/+6
| | | | | | | | Now that our int<->str conversions are size limited and we have the _pylong module handling larger integers, we don't need to limit everything just to avoid wasting time in the quadratic time DoS-like case while fuzzing. We can tweak these further after seeing how this goes.
* bpo-29505: Add fuzzer for ast.literal_eval (GH-28777)Ammar Askar2021-10-062-0/+57
| | | This supercedes https://github.com/python/cpython/pull/3437 and fuzzes the method we recommend for unsafe inputs, `ast.literal_eval`. This should exercise the tokenizer and parser.
* bpo-44113: Update __xxtestfuzz not to use Py_SetProgramName (GH-26083)Dong-hee Na2021-05-121-8/+20
|
* Fix typo in fuzzer.c (GH-25013)Ikko Ashimine2021-03-241-2/+2
|
* bpo-43394: Fix -Wstrict-prototypes warnings (GH-24737)Brandt Bucher2021-03-041-5/+5
|
* Fuzz struct.unpack and catch RecursionError in re.compile (GH-18679)Ammar Askar2020-02-285-1/+76
|
* bpo-39245: Switch to public API for Vectorcall (GH-18460)Petr Viktorin2020-02-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The bulk of this patch was generated automatically with: for name in \ PyObject_Vectorcall \ Py_TPFLAGS_HAVE_VECTORCALL \ PyObject_VectorcallMethod \ PyVectorcall_Function \ PyObject_CallOneArg \ PyObject_CallMethodNoArgs \ PyObject_CallMethodOneArg \ ; do echo $name git grep -lwz _$name | xargs -0 sed -i "s/\b_$name\b/$name/g" done old=_PyObject_FastCallDict new=PyObject_VectorcallDict git grep -lwz $old | xargs -0 sed -i "s/\b$old\b/$new/g" and then cleaned up: - Revert changes to in docs & news - Revert changes to backcompat defines in headers - Nudge misaligned comments
* bpo-38823: Clean up _xxtestfuzz initialization. (GH-17216)Brandt Bucher2019-11-211-6/+1
| | | https://bugs.python.org/issue38823
* Fix typos in docs, comments and test assert messages (#14872)Min ho Kim2019-07-211-1/+1
|
* bpo-37483: add _PyObject_CallOneArg() function (#14558)Jeroen Demeyer2019-07-041-2/+2
|
* bpo-29505: Add more fuzzing for re.compile, re.load and csv.reader (GH-14255)Ammar Askar2019-06-308-16/+491
| | | Add more fuzz testing for re.compile, re.load and csv.reader
* bpo-29505: Fuzz json module, enforce size limit on int(x) fuzz (GH-13991)Ammar Askar2019-06-1210-1/+171
| | | | | * bpo-29505: Enable fuzz testing of the json module, enforce size limit on int(x) fuzz and json input size to avoid timeouts. Contributed by by Ammar Askar for Google.
* bpo-29505: Fix interpreter in fuzzing targets to be relocatable (GH-13907)Ammar Askar2019-06-081-0/+8
|
* Avoid UB in test selection macro. (#3407)Devin Jeanpierre2017-09-071-5/+3
| | | | | This fixes the gcc "warning: this use of "defined" may not be portable [-Wexpansion-to-defined]" See discussion in http://bugs.python.org/issue29505
* bpo-29505: Add fuzz tests for float(str), int(str), unicode(str) (#2878)Devin Jeanpierre2017-09-064-0/+222
Add basic fuzz tests for a few common builtin functions. This is an easy place to start, and these functions are probably safe. We'll want to add more fuzz tests later. Lets bootstrap using these. While the fuzz tests are included in CPython and compiled / tested on a very basic level inside CPython itself, the actual fuzzing happens as part of oss-fuzz (https://github.com/google/oss-fuzz). The reason to include the tests in CPython is to make sure that they're maintained as part of the CPython project, especially when (as some eventually will) they use internal implementation details in the test. (This will be necessary sometimes because e.g. the fuzz test should never enter Python's interpreter loop, whereas some APIs only expose themselves publicly as Python functions.) This particular set of changes is part of testing Python's builtins, tracked internally at Google by b/37562550. The _xxtestfuzz module that this change adds need not be shipped with binary distributions of Python.