Create a fuzzer for CleanPath.

PiperOrigin-RevId: 343396094 Change-Id: I9651e5006b6ceff270551530d5acce339bea3e09
2020-11-19 16:44:13 -08:00 · 2020-11-19 16:44:13 -08:00 · 55285b3315
commit 55285b3315
parent b33990f2bd
2 changed files with 52 additions and 0 deletions
--- a/tensorflow/security/fuzzing/BUILD
+++ b/tensorflow/security/fuzzing/BUILD
@ -27,6 +27,15 @@ tf_fuzz_target(
    ],
 )

+tf_fuzz_target(
+    name = "cleanpath_fuzz",
+    srcs = ["cleanpath_fuzz.cc"],
+    deps = [
+        "//tensorflow/core/platform:path",
+        "@com_google_absl//absl/strings",
+    ],
+)
+
 tf_fuzz_target(
    name = "consume_leading_digits_fuzz",
    srcs = ["consume_leading_digits_fuzz.cc"],
--- a/tensorflow/security/fuzzing/cleanpath_fuzz.cc
+++ b/tensorflow/security/fuzzing/cleanpath_fuzz.cc
@ -0,0 +1,43 @@
+/* Copyright 2020 The TensorFlow Authors. All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+==============================================================================*/
+
+#include <cstdint>
+#include <cstdlib>
+#include <iostream>
+#include <regex>  // NOLINT
+
+#include "absl/strings/match.h"
+#include "tensorflow/core/platform/path.h"
+
+// This is a fuzzer for tensorflow::io::CleanPath.
+
+namespace {
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  std::string input_path(reinterpret_cast<const char *>(data), size);
+  std::string clean_path = tensorflow::io::CleanPath(input_path);
+
+  // Assert there are no '/./' no directory changes.
+  assert(!absl::StrContains(clean_path, "/./"));
+  // Assert there are no duplicate '/'.
+  assert(!absl::StrContains(clean_path, "//"));
+  // Assert there are no higher up directories after entering a directory.
+  std::regex higher_up_directory("[^.]{1}/[.]{2}");
+  assert(!std::regex_match(clean_path, higher_up_directory));
+
+  return 0;
+}
+
+}  // namespace