diff --git a/fuzz/Emby.Server.Implementations.Fuzz/Program.cs b/fuzz/Emby.Server.Implementations.Fuzz/Program.cs index 03b2964948..1571b5ab07 100644 --- a/fuzz/Emby.Server.Implementations.Fuzz/Program.cs +++ b/fuzz/Emby.Server.Implementations.Fuzz/Program.cs @@ -6,6 +6,7 @@ using Emby.Server.Implementations.Library; using MediaBrowser.Controller; using MediaBrowser.Controller.Entities; using MediaBrowser.Model.Entities; +using Microsoft.Extensions.Configuration; using Moq; using SharpFuzz; @@ -54,8 +55,16 @@ namespace Emby.Server.Implementations.Fuzz appHost.Setup(x => x.ReverseVirtualPath(It.IsAny())) .Returns((string x) => x.Replace(MetaDataPath, VirtualMetaDataPath, StringComparison.Ordinal)); + var configSection = new Mock(); + configSection.SetupGet(x => x[It.Is(s => s == MediaBrowser.Controller.Extensions.ConfigurationExtensions.SqliteCacheSizeKey)]) + .Returns("0"); + var config = new Mock(); + config.Setup(x => x.GetSection(It.Is(s => s == MediaBrowser.Controller.Extensions.ConfigurationExtensions.SqliteCacheSizeKey))) + .Returns(configSection.Object); + IFixture fixture = new Fixture().Customize(new AutoMoqCustomization { ConfigureMembers = true }); fixture.Inject(appHost); + fixture.Inject(config); return fixture.Create(); } } diff --git a/fuzz/Emby.Server.Implementations.Fuzz/fuzz.sh b/fuzz/Emby.Server.Implementations.Fuzz/fuzz.sh index 37e6bdb764..aa2a34cdde 100755 --- a/fuzz/Emby.Server.Implementations.Fuzz/fuzz.sh +++ b/fuzz/Emby.Server.Implementations.Fuzz/fuzz.sh @@ -8,4 +8,4 @@ cp bin/Emby.Server.Implementations.dll . dotnet build mkdir -p Findings -AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 -m 10240 dotnet bin/Debug/net6.0/Emby.Server.Implementations.Fuzz.dll "$1" +AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 ./bin/Debug/net7.0/Emby.Server.Implementations.Fuzz "$1" diff --git a/fuzz/Jellyfin.Server.Fuzz/Jellyfin.Server.Fuzz.csproj b/fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj similarity index 83% rename from fuzz/Jellyfin.Server.Fuzz/Jellyfin.Server.Fuzz.csproj rename to fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj index 20bc4c7244..da46e63a5e 100644 --- a/fuzz/Jellyfin.Server.Fuzz/Jellyfin.Server.Fuzz.csproj +++ b/fuzz/Jellyfin.Api.Fuzz/Jellyfin.Api.Fuzz.csproj @@ -6,8 +6,8 @@ - - jellyfin.dll + + Jellyfin.Api.dll diff --git a/fuzz/Jellyfin.Server.Fuzz/Program.cs b/fuzz/Jellyfin.Api.Fuzz/Program.cs similarity index 92% rename from fuzz/Jellyfin.Server.Fuzz/Program.cs rename to fuzz/Jellyfin.Api.Fuzz/Program.cs index e47286c131..6713322ac8 100644 --- a/fuzz/Jellyfin.Server.Fuzz/Program.cs +++ b/fuzz/Jellyfin.Api.Fuzz/Program.cs @@ -1,12 +1,12 @@ using System; using System.Collections.Generic; -using Jellyfin.Server.Middleware; +using Jellyfin.Api.Middleware; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Features; using Microsoft.Extensions.Primitives; using SharpFuzz; -namespace Emby.Server.Implementations.Fuzz +namespace Jellyfin.Api.Fuzz { public static class Program { diff --git a/fuzz/Jellyfin.Server.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt b/fuzz/Jellyfin.Api.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt similarity index 100% rename from fuzz/Jellyfin.Server.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt rename to fuzz/Jellyfin.Api.Fuzz/Testcases/UrlDecodeQueryFeature/test1.txt diff --git a/fuzz/Jellyfin.Api.Fuzz/fuzz.sh b/fuzz/Jellyfin.Api.Fuzz/fuzz.sh new file mode 100755 index 0000000000..edf9655626 --- /dev/null +++ b/fuzz/Jellyfin.Api.Fuzz/fuzz.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +dotnet build -c Release ../../Jellyfin.Api/Jellyfin.Api.csproj --output bin +sharpfuzz bin/Jellyfin.Api.dll +cp bin/Jellyfin.Api.dll . + +dotnet build +mkdir -p Findings +AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 ./bin/Debug/net7.0/Jellyfin.Api.Fuzz "$1" diff --git a/fuzz/Jellyfin.Server.Fuzz/fuzz.sh b/fuzz/Jellyfin.Server.Fuzz/fuzz.sh deleted file mode 100755 index 303eb21356..0000000000 --- a/fuzz/Jellyfin.Server.Fuzz/fuzz.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -e - -dotnet build -c Release ../../Jellyfin.Server/Jellyfin.Server.csproj --output bin -sharpfuzz bin/jellyfin.dll -cp bin/jellyfin.dll . - -dotnet build -mkdir -p Findings -AFL_SKIP_BIN_CHECK=1 afl-fuzz -i "Testcases/$1" -o "Findings/$1" -t 5000 -m 10240 dotnet bin/Debug/net6.0/Jellyfin.Server.Fuzz.dll "$1" diff --git a/fuzz/README.md b/fuzz/README.md new file mode 100644 index 0000000000..25ba7d05cc --- /dev/null +++ b/fuzz/README.md @@ -0,0 +1,20 @@ +# Jellyfin fuzzing + +## Setup + +Install AFL++ +```sh +git clone https://github.com/AFLplusplus/AFLplusplus +cd AFLplusplus +make all +sudo make install +``` + +Install SharpFuzz.CommandLine global .NET tool +```sh +dotnet tool install --global SharpFuzz.CommandLine +``` + +## Running +Run the `fuzz.sh` in the directory corresponding to the project you want to fuzz. +The script takes a parameter of which fuzz case you want to run. diff --git a/tests/Jellyfin.Server.Tests/UrlDecodeQueryFeatureTests.cs b/tests/Jellyfin.Api.Tests/Middleware/UrlDecodeQueryFeatureTests.cs similarity index 92% rename from tests/Jellyfin.Server.Tests/UrlDecodeQueryFeatureTests.cs rename to tests/Jellyfin.Api.Tests/Middleware/UrlDecodeQueryFeatureTests.cs index 93e0656856..1ff7e7b7a4 100644 --- a/tests/Jellyfin.Server.Tests/UrlDecodeQueryFeatureTests.cs +++ b/tests/Jellyfin.Api.Tests/Middleware/UrlDecodeQueryFeatureTests.cs @@ -1,12 +1,11 @@ using System.Collections.Generic; using System.Linq; -using Jellyfin.Api.Middleware; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Features; using Microsoft.Extensions.Primitives; using Xunit; -namespace Jellyfin.Server.Tests +namespace Jellyfin.Api.Middleware.Tests { public static class UrlDecodeQueryFeatureTests {