From d9e14f44626ef504210b400797fc6a1477e1e437 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20St=C3=B6neberg?=
 <firewave@users.noreply.github.com>
Date: Sat, 1 Jun 2024 12:42:55 +0200
Subject: [PATCH] test/cli/fuzz_test.py: added test for fuzzing crashes with C
 code (#6466)

---
 oss-fuzz/Makefile     |  6 +++---
 test/cli/fuzz_test.py | 18 +++++++++++++++---
 tools/dmake/dmake.cpp |  6 +++---
 3 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/oss-fuzz/Makefile b/oss-fuzz/Makefile
index b002a6b02f6..5d4a77403a4 100644
--- a/oss-fuzz/Makefile
+++ b/oss-fuzz/Makefile
@@ -124,15 +124,15 @@ preprare-samples:
 
 do-fuzz: oss-fuzz-client preprare-samples
 	mkdir -p corpus
-	./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout
+	./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-crash_c ../test/cli/fuzz-timeout
 
 dedup-corpus: oss-fuzz-client preprare-samples
 	mv corpus corpus_
 	mkdir -p corpus
-	./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus corpus_ samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -merge=1
+	./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus corpus_ samples ../test/cli/fuzz-crash ../test/cli/fuzz-crash_c ../test/cli/fuzz-timeout -merge=1
 
 # jobs:
-# ./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -workers=12 -jobs=9
+# ./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-crash_c ../test/cli/fuzz-timeout -workers=12 -jobs=9
 
 # minimize:
 # ./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 -minimize_crash=1 crash-0123456789abcdef
diff --git a/test/cli/fuzz_test.py b/test/cli/fuzz_test.py
index fe9b65d5278..3264b6c34eb 100644
--- a/test/cli/fuzz_test.py
+++ b/test/cli/fuzz_test.py
@@ -18,13 +18,25 @@ def test_fuzz_crash():
     assert failures == {}
 
 
+def test_fuzz_crash_c():
+    failures = {}
+
+    fuzz_crash_dir = os.path.join(__script_dir, 'fuzz-crash_c')
+    # TODO: remove check if we have test data
+    if not os.path.exists(fuzz_crash_dir):
+        return
+    for f in os.listdir(fuzz_crash_dir):
+        ret, stdout, _ = cppcheck(['-q', '--language=c', '--enable=all', '--inconclusive', f], cwd=fuzz_crash_dir)
+        if ret != 0:
+            failures[f] = stdout
+
+    assert failures == {}
+
+
 def test_fuzz_timeout():
     failures = []
 
     fuzz_timeout_dir = os.path.join(__script_dir, 'fuzz-timeout')
-    # TODO: remove check if we have test data
-    if not os.path.exists(fuzz_timeout_dir):
-        return
     for f in os.listdir(fuzz_timeout_dir):
         try:
             ret, stdout, _ = cppcheck(['-q', '--language=c++', '--enable=all', '--inconclusive', f], cwd=fuzz_timeout_dir, timeout=5)
diff --git a/tools/dmake/dmake.cpp b/tools/dmake/dmake.cpp
index fc9e329be76..04819eac30f 100644
--- a/tools/dmake/dmake.cpp
+++ b/tools/dmake/dmake.cpp
@@ -376,15 +376,15 @@ static void write_ossfuzz_makefile(std::vector<std::string> libfiles_prio, std::
     fout << '\n';
     fout << "do-fuzz: oss-fuzz-client preprare-samples\n";
     fout << "\tmkdir -p corpus\n";
-    fout << "\t./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout\n";
+    fout << "\t./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-crash_c ../test/cli/fuzz-timeout\n";
     fout << '\n';
     fout << "dedup-corpus: oss-fuzz-client preprare-samples\n";
     fout << "\tmv corpus corpus_\n";
     fout << "\tmkdir -p corpus\n";
-    fout << "\t./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus corpus_ samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -merge=1\n";
+    fout << "\t./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus corpus_ samples ../test/cli/fuzz-crash ../test/cli/fuzz-crash_c ../test/cli/fuzz-timeout -merge=1\n";
     fout << '\n';
     fout << "# jobs:\n";
-    fout << "# ./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -workers=12 -jobs=9\n";
+    fout << "# ./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-crash_c ../test/cli/fuzz-timeout -workers=12 -jobs=9\n";
     fout << '\n';
     fout << "# minimize:\n";
     fout << "# ./oss-fuzz-client -only_ascii=1 -timeout=5 -detect_leaks=0 -minimize_crash=1 crash-0123456789abcdef\n";