From 0335b94c081fd0d8cb50a07060c4de3643417ec8 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 14:51:39 +0000 Subject: [PATCH 01/10] Initial commit of structured fuzzing support using libprotobuf-mutator. --- CMakeLists.txt | 56 ++- curl_fuzzer.cc | 62 ++-- curl_fuzzer.h | 22 +- curl_fuzzer_scenario.cc | 735 ++++++++++++++++++++++++++++++++++++++ curl_fuzzer_scenario.h | 28 ++ schemas/curl_fuzzer.proto | 407 +++++++++++++++++++++ 6 files changed, 1267 insertions(+), 43 deletions(-) create mode 100644 curl_fuzzer_scenario.cc create mode 100644 curl_fuzzer_scenario.h create mode 100644 schemas/curl_fuzzer.proto diff --git a/CMakeLists.txt b/CMakeLists.txt index 03e239ff..76be33bf 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -8,6 +8,44 @@ else() endif() include(ExternalProject) +find_package(Protobuf REQUIRED) + +set(CURL_FUZZER_PROTO ${CMAKE_CURRENT_SOURCE_DIR}/schemas/curl_fuzzer.proto) +protobuf_generate_cpp(CURL_FUZZER_PROTO_SRCS CURL_FUZZER_PROTO_HDRS + ${CURL_FUZZER_PROTO}) + +add_library(curl_fuzzer_proto STATIC ${CURL_FUZZER_PROTO_SRCS}) +target_include_directories(curl_fuzzer_proto PUBLIC + ${CMAKE_CURRENT_BINARY_DIR} + ${PROTOBUF_INCLUDE_DIRS}) +target_link_libraries(curl_fuzzer_proto PUBLIC ${PROTOBUF_LIBRARIES}) + +# Install libprotobuf-mutator +# +# renovate: datasource=github-tags depName=google/libprotobuf-mutator +set(LIB_PROTO_MUTATOR_TAG master) +set(LIB_PROTO_MUTATOR_INSTALL_DIR ${CMAKE_BINARY_DIR}/libprotobuf-mutator-install) +set(LIB_PROTO_MUTATOR_INCLUDE_DIR ${LIB_PROTO_MUTATOR_INSTALL_DIR}/include) +set(LIB_PROTO_MUTATOR_STATIC_LIB ${LIB_PROTO_MUTATOR_INSTALL_DIR}/lib/libprotobuf-mutator.a) +set(LIB_PROTO_MUTATOR_FUZZER_LIB ${LIB_PROTO_MUTATOR_INSTALL_DIR}/lib/libprotobuf-mutator-libfuzzer.a) + +ExternalProject_Add(libprotobuf_mutator_external + GIT_REPOSITORY https://github.com/google/libprotobuf-mutator.git + GIT_TAG ${LIB_PROTO_MUTATOR_TAG} + PREFIX ${CMAKE_BINARY_DIR}/libprotobuf-mutator + CMAKE_ARGS + -DCMAKE_INSTALL_PREFIX=${LIB_PROTO_MUTATOR_INSTALL_DIR} + -DBUILD_SHARED_LIBS=OFF + -DLIB_PROTO_MUTATOR_DOWNLOAD_PROTOBUF=OFF + -DLIB_PROTO_MUTATOR_WITH_LIBFUZZER=ON + -DLIB_PROTO_MUTATOR_EXAMPLES=OFF + -DLIB_PROTO_MUTATOR_TESTING=OFF + -DCMAKE_POSITION_INDEPENDENT_CODE=ON + BUILD_BYPRODUCTS ${LIB_PROTO_MUTATOR_STATIC_LIB} ${LIB_PROTO_MUTATOR_FUZZER_LIB} + INSTALL_COMMAND ${CMAKE_COMMAND} --build . --target install + DOWNLOAD_EXTRACT_TIMESTAMP TRUE + DOWNLOAD_NO_PROGRESS 1 +) # Install zlib # @@ -223,7 +261,8 @@ add_custom_target(deps zstd_external libidn2_external ${GDB_DEP} - openldap_external + openldap_external + libprotobuf_mutator_external ) # Now for the main dependencies! @@ -336,7 +375,11 @@ else() endif() # Common sources and flags -set(COMMON_SOURCES curl_fuzzer.cc curl_fuzzer_tlv.cc curl_fuzzer_callback.cc) +set(COMMON_SOURCES + curl_fuzzer.cc + curl_fuzzer_tlv.cc + curl_fuzzer_callback.cc + curl_fuzzer_scenario.cc) set(COMMON_FLAGS -g -DCURL_DISABLE_DEPRECATION) set(COMMON_LINK_LIBS ${CURL_LIB_DIR}/libcurl.a @@ -348,19 +391,22 @@ set(COMMON_LINK_LIBS ${OPENLDAP_STATIC_LIB_LDAP} ${OPENLDAP_STATIC_LIB_LBER} ${LIB_FUZZING_ENGINE} + ${LIB_PROTO_MUTATOR_FUZZER_LIB} + ${LIB_PROTO_MUTATOR_STATIC_LIB} + curl_fuzzer_proto pthread m ) set(COMMON_LINK_OPTIONS ${LIB_FUZZING_ENGINE_FLAG}) # Ensure that curl and its dependencies are built before the fuzzers -set(FUZZ_DEPS curl_external ${CURL_DEPS} ${LIB_FUZZING_ENGINE_DEP}) +set(FUZZ_DEPS curl_external ${CURL_DEPS} ${LIB_FUZZING_ENGINE_DEP} curl_fuzzer_proto libprotobuf_mutator_external) # Helper macro to define a fuzzer target macro(curl_add_fuzzer _name _proto) add_executable(${_name} ${COMMON_SOURCES}) target_compile_options(${_name} PRIVATE ${COMMON_FLAGS} -DFUZZ_PROTOCOLS_${_proto}) - target_include_directories(${_name} PRIVATE ${CURL_INCLUDE_DIRS}) + target_include_directories(${_name} PRIVATE ${CURL_INCLUDE_DIRS} ${LIB_PROTO_MUTATOR_INCLUDE_DIR} ${LIB_PROTO_MUTATOR_INCLUDE_DIR}/libprotobuf-mutator) target_link_libraries(${_name} PRIVATE ${COMMON_LINK_LIBS}) target_link_options(${_name} PRIVATE ${COMMON_LINK_OPTIONS}) add_dependencies(${_name} ${FUZZ_DEPS}) @@ -387,7 +433,7 @@ curl_add_fuzzer(curl_fuzzer_ws WS) # BUFQ fuzzer add_executable(curl_fuzzer_bufq fuzz_bufq.cc) target_compile_options(curl_fuzzer_bufq PRIVATE ${COMMON_FLAGS}) -target_include_directories(curl_fuzzer_bufq PRIVATE ${CURL_INCLUDE_DIRS}) +target_include_directories(curl_fuzzer_bufq PRIVATE ${CURL_INCLUDE_DIRS} ${LIB_PROTO_MUTATOR_INCLUDE_DIR} ${LIB_PROTO_MUTATOR_INCLUDE_DIR}/libprotobuf-mutator) target_link_libraries(curl_fuzzer_bufq PRIVATE ${COMMON_LINK_LIBS}) target_link_options(curl_fuzzer_bufq PRIVATE ${COMMON_LINK_OPTIONS}) add_dependencies(curl_fuzzer_bufq ${FUZZ_DEPS}) diff --git a/curl_fuzzer.cc b/curl_fuzzer.cc index 0eccea80..1d8a4a2a 100644 --- a/curl_fuzzer.cc +++ b/curl_fuzzer.cc @@ -26,17 +26,19 @@ #include #include #include "curl_fuzzer.h" +#include "curl_fuzzer_scenario.h" -/** - * Fuzzing entry point. This function is passed a buffer containing a test - * case. This test case should drive the CURL API into making a request. - */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +#include + +DEFINE_PROTO_FUZZER(const curl::fuzzer::proto::Scenario &scenario) +{ + CurlFuzzerRunScenario(scenario); +} + +int CurlFuzzerRunScenario(const curl::fuzzer::proto::Scenario &scenario) { int rc = 0; - int tlv_rc; FUZZ_DATA fuzz; - TLV tlv; /* Ignore SIGPIPE errors. We'll handle the errors ourselves. */ signal(SIGPIPE, SIG_IGN); @@ -44,29 +46,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) /* Have to set all fields to zero before getting to the terminate function */ memset(&fuzz, 0, sizeof(FUZZ_DATA)); - if(size < sizeof(TLV_RAW)) { - /* Not enough data for a single TLV - don't continue */ - goto EXIT_LABEL; - } - /* Try to initialize the fuzz data */ - FTRY(fuzz_initialize_fuzz_data(&fuzz, data, size)); + FTRY(fuzz_initialize_fuzz_data(&fuzz)); - for(tlv_rc = fuzz_get_first_tlv(&fuzz, &tlv); - tlv_rc == 0; - tlv_rc = fuzz_get_next_tlv(&fuzz, &tlv)) { - - /* Have the TLV in hand. Parse the TLV. */ - rc = fuzz_parse_tlv(&fuzz, &tlv); - - if(rc != 0) { - /* Failed to parse the TLV. Can't continue. */ - goto EXIT_LABEL; - } - } - - if(tlv_rc != TLV_RC_NO_MORE_TLVS) { - /* A TLV call failed. Can't continue. */ + rc = curl_fuzzer::ApplyScenario(scenario, &fuzz); + if(rc != 0) { goto EXIT_LABEL; } @@ -74,8 +58,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) FTRY(fuzz_set_easy_options(&fuzz)); /** - * Add in more curl options that have been accumulated over possibly - * multiple TLVs. + * Add in more curl options that have been accumulated over the scenario + * execution. */ if(fuzz.header_list != NULL) { curl_easy_setopt(fuzz.easy, CURLOPT_HTTPHEADER, fuzz.header_list); @@ -104,6 +88,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) return 0; } + /** * Utility function to convert 4 bytes to a u32 predictably. */ @@ -127,15 +112,15 @@ uint16_t to_u16(const uint8_t b[2]) /** * Initialize the local fuzz data structure. */ -int fuzz_initialize_fuzz_data(FUZZ_DATA *fuzz, - const uint8_t *data, - size_t data_len) +int fuzz_initialize_fuzz_data(FUZZ_DATA *fuzz) { int rc = 0; int ii; /* Initialize the fuzz data. */ memset(fuzz, 0, sizeof(FUZZ_DATA)); + fuzz->scenario_state = NULL; + fuzz->scenario_state_destructor = NULL; /* Create an easy handle. This will have all of the settings configured on it. */ @@ -143,8 +128,9 @@ int fuzz_initialize_fuzz_data(FUZZ_DATA *fuzz, FCHECK(fuzz->easy != NULL); /* Set up the state parser */ - fuzz->state.data = data; - fuzz->state.data_len = data_len; + fuzz->state.data = NULL; + fuzz->state.data_len = 0; + fuzz->state.data_pos = 0; /* Set up the state of the server sockets. */ for(ii = 0; ii < FUZZ_NUM_CONNECTIONS; ii++) { @@ -275,6 +261,12 @@ void fuzz_terminate_fuzz_data(FUZZ_DATA *fuzz) fuzz->easy = NULL; } + if(fuzz->scenario_state_destructor != NULL && fuzz->scenario_state != NULL) { + fuzz->scenario_state_destructor(fuzz->scenario_state); + fuzz->scenario_state = NULL; + fuzz->scenario_state_destructor = NULL; + } + /* When you have passed the struct curl_httppost pointer to curl_easy_setopt * (using the CURLOPT_HTTPPOST option), you must not free the list until after * you have called curl_easy_cleanup for the curl handle. diff --git a/curl_fuzzer.h b/curl_fuzzer.h index 1e13d710..72f7c7bb 100644 --- a/curl_fuzzer.h +++ b/curl_fuzzer.h @@ -1,3 +1,6 @@ +#ifndef CURL_FUZZER_H +#define CURL_FUZZER_H + /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -23,6 +26,14 @@ #include #include "testinput.h" +namespace curl { +namespace fuzzer { +namespace proto { +class Scenario; +} // namespace proto +} // namespace fuzzer +} // namespace curl + /** * TLV types. */ @@ -433,14 +444,16 @@ typedef struct fuzz_data /* Verbose mode. */ int verbose; + /* Optional structured scenario ownership hook. */ + void *scenario_state; + void (*scenario_state_destructor)(void *state); + } FUZZ_DATA; /* Function prototypes */ uint32_t to_u32(const uint8_t b[4]); uint16_t to_u16(const uint8_t b[2]); -int fuzz_initialize_fuzz_data(FUZZ_DATA *fuzz, - const uint8_t *data, - size_t data_len); +int fuzz_initialize_fuzz_data(FUZZ_DATA *fuzz); int fuzz_set_easy_options(FUZZ_DATA *fuzz); void fuzz_terminate_fuzz_data(FUZZ_DATA *fuzz); void fuzz_free(void **ptr); @@ -474,6 +487,7 @@ int fuzz_select(int nfds, fd_set *exceptfds, struct timeval *timeout); int fuzz_set_allowed_protocols(FUZZ_DATA *fuzz); +int CurlFuzzerRunScenario(const curl::fuzzer::proto::Scenario &scenario); /* Macros */ #define FTRY(FUNC) \ @@ -532,3 +546,5 @@ int fuzz_set_allowed_protocols(FUZZ_DATA *fuzz); } #define FUZZ_MAX(A, B) ((A) > (B) ? (A) : (B)) + +#endif /* CURL_FUZZER_H */ diff --git a/curl_fuzzer_scenario.cc b/curl_fuzzer_scenario.cc new file mode 100644 index 00000000..5b4b506b --- /dev/null +++ b/curl_fuzzer_scenario.cc @@ -0,0 +1,735 @@ +#include "curl_fuzzer_scenario.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +namespace curl_fuzzer { +namespace { + +enum class OptionValueKind { + kUnknown, + kString, + kUint32, + kUint64, + kBool, + kHttpPost, + kMime, +}; + +struct OptionDescriptor { + curl::fuzzer::proto::CurlOptionId id; + OptionValueKind kind; + bool singleton; + const char *name; + CURLoption curlopt; +}; + +#include "generated/curl_fuzzer_option_manifest.inc" + +const OptionDescriptor *LookupDescriptor(curl::fuzzer::proto::CurlOptionId id) { + for(size_t ii = 0; ii < kOptionManifestSize; ++ii) { + if(kOptionManifest[ii].id == id) { + return &kOptionManifest[ii]; + } + } + return nullptr; +} + +class ScenarioState { + public: + ScenarioState() = default; + ScenarioState(const ScenarioState &) = delete; + ScenarioState &operator=(const ScenarioState &) = delete; + + int LoadBlobs(const curl::fuzzer::proto::Scenario &scenario) { + blobs_.clear(); + for(const auto &blob : scenario.blobs()) { + std::vector bytes; + switch(blob.payload_case()) { + case curl::fuzzer::proto::DataBlob::kRaw: + bytes.assign(blob.raw().begin(), blob.raw().end()); + break; + case curl::fuzzer::proto::DataBlob::kUtf8: { + const std::string &utf8 = blob.utf8(); + bytes.assign(utf8.begin(), utf8.end()); + break; + } + case curl::fuzzer::proto::DataBlob::PAYLOAD_NOT_SET: + bytes.clear(); + break; + } + blobs_.emplace(blob.id(), std::move(bytes)); + } + return 0; + } + + const std::vector *LookupBlob(uint32_t id) const { + auto it = blobs_.find(id); + if(it == blobs_.end()) { + return nullptr; + } + return &it->second; + } + + int ResolveBlobRef(const curl::fuzzer::proto::BlobRef &ref, + const uint8_t **data, + size_t *length) const { + auto *blob = LookupBlob(ref.blob_id()); + if(blob == nullptr) { + return 255; + } + size_t offset = ref.has_offset() ? ref.offset() : 0; + if(offset > blob->size()) { + return 255; + } + size_t view_len = ref.has_length() ? ref.length() : (blob->size() - offset); + if(offset + view_len > blob->size()) { + return 255; + } + *data = blob->data() + offset; + *length = view_len; + return 0; + } + + const char *CopyString(std::string_view sv) { + auto owned = std::make_unique(sv.size() + 1); + std::memcpy(owned.get(), sv.data(), sv.size()); + owned[sv.size()] = '\0'; + const char *ptr = owned.get(); + cstrings_.push_back(std::move(owned)); + return ptr; + } + + int HeaderValueToCString(const curl::fuzzer::proto::HeaderValue &value, + const char **out) { + switch(value.value_case()) { + case curl::fuzzer::proto::HeaderValue::kText: + *out = CopyString(value.text()); + return 0; + case curl::fuzzer::proto::HeaderValue::kBlob: { + const uint8_t *data = nullptr; + size_t length = 0; + int rc = ResolveBlobRef(value.blob(), &data, &length); + if(rc != 0) { + return rc; + } + *out = CopyString(std::string_view(reinterpret_cast(data), length)); + return 0; + } + case curl::fuzzer::proto::HeaderValue::VALUE_NOT_SET: + default: + *out = CopyString(""); + return 0; + } + } + + private: + std::unordered_map> blobs_; + std::vector> cstrings_; +}; + +void DestroyScenarioState(void *ptr) { + delete static_cast(ptr); +} + +bool HasStructuredTag(const curl::fuzzer::proto::Scenario &scenario) { + const auto &metadata = scenario.metadata(); + for(const auto &label : metadata.labels()) { + if(label == "structured-scenario" || label == "curl-structured") { + return true; + } + } + const auto &annotations = metadata.annotations(); + auto it = annotations.find("format"); + if(it != annotations.end()) { + const std::string &value = it->second; + if(value == "curl-structured" || value == "curl-structured-v1") { + return true; + } + } + return false; +} + +long ProtoToLong(const curl::fuzzer::proto::SetOption &option) { + if(option.has_int32_value()) { + return static_cast(option.int32_value()); + } + if(option.has_uint32_value()) { + return static_cast(option.uint32_value()); + } + if(option.has_int64_value()) { + return static_cast(option.int64_value()); + } + if(option.has_uint64_value()) { + return static_cast(option.uint64_value()); + } + if(option.has_bool_value()) { + return option.bool_value() ? 1L : 0L; + } + if(option.has_double_value()) { + return static_cast(option.double_value()); + } + return 0L; +} + +curl_off_t ProtoToOffT(const curl::fuzzer::proto::SetOption &option) { + if(option.has_uint64_value()) { + return static_cast(option.uint64_value()); + } + if(option.has_int64_value()) { + return static_cast(option.int64_value()); + } + if(option.has_uint32_value()) { + return static_cast(option.uint32_value()); + } + if(option.has_int32_value()) { + return static_cast(option.int32_value()); + } + return static_cast(ProtoToLong(option)); +} + +int EnsureOptionUnset(FUZZ_DATA *fuzz, CURLoption opt, const OptionDescriptor *desc) { + (void)desc; + if(fuzz->options[opt % 1000] != 0) { + return 255; + } + return 0; +} + +void MarkOptionSet(FUZZ_DATA *fuzz, CURLoption opt) { + fuzz->options[opt % 1000] = 1; +} + +int ApplyStringOption(FUZZ_DATA *fuzz, + const OptionDescriptor *desc, + const char *value) { + CURLcode code = curl_easy_setopt(fuzz->easy, desc->curlopt, value); + if(code != CURLE_OK) { + return static_cast(code); + } + MarkOptionSet(fuzz, desc->curlopt); + return 0; +} + +int ApplyLongOption(FUZZ_DATA *fuzz, + const OptionDescriptor *desc, + long value) { + CURLcode code = curl_easy_setopt(fuzz->easy, desc->curlopt, value); + if(code != CURLE_OK) { + return static_cast(code); + } + MarkOptionSet(fuzz, desc->curlopt); + return 0; +} + +int ApplyOffOption(FUZZ_DATA *fuzz, + const OptionDescriptor *desc, + curl_off_t value) { + CURLcode code = curl_easy_setopt(fuzz->easy, desc->curlopt, value); + if(code != CURLE_OK) { + return static_cast(code); + } + MarkOptionSet(fuzz, desc->curlopt); + return 0; +} + +int ApplySetOption(const curl::fuzzer::proto::SetOption &option, + ScenarioState *state, + FUZZ_DATA *fuzz) { + const OptionDescriptor *desc = LookupDescriptor(option.option_id()); + if(desc == nullptr) { + return 255; + } + + int rc = 0; + switch(desc->kind) { + case OptionValueKind::kString: { + const char *value = nullptr; + if(option.has_string_value()) { + value = state->CopyString(option.string_value()); + } + else if(option.has_blob()) { + const uint8_t *data = nullptr; + size_t len = 0; + rc = state->ResolveBlobRef(option.blob(), &data, &len); + if(rc != 0) { + return rc; + } + value = state->CopyString(std::string_view(reinterpret_cast(data), len)); + } + else { + value = state->CopyString(""); + } + rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); + if(rc != 0) { + return rc; + } + return ApplyStringOption(fuzz, desc, value); + } + case OptionValueKind::kUint32: { + rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); + if(rc != 0) { + return rc; + } + long value = ProtoToLong(option); + return ApplyLongOption(fuzz, desc, value); + } + case OptionValueKind::kUint64: { + rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); + if(rc != 0) { + return rc; + } + curl_off_t value = ProtoToOffT(option); + return ApplyOffOption(fuzz, desc, value); + } + case OptionValueKind::kBool: { + rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); + if(rc != 0) { + return rc; + } + long value = option.has_bool_value() ? (option.bool_value() ? 1L : 0L) : ProtoToLong(option); + return ApplyLongOption(fuzz, desc, value); + } + case OptionValueKind::kHttpPost: { + rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); + if(rc != 0) { + return rc; + } + if(fuzz->httppost == NULL) { + return 255; + } + CURLcode code = curl_easy_setopt(fuzz->easy, desc->curlopt, fuzz->httppost); + if(code != CURLE_OK) { + return static_cast(code); + } + MarkOptionSet(fuzz, desc->curlopt); + return 0; + } + case OptionValueKind::kMime: { + rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); + if(rc != 0) { + return rc; + } + if(fuzz->mime == NULL) { + return 255; + } + CURLcode code = curl_easy_setopt(fuzz->easy, desc->curlopt, fuzz->mime); + if(code != CURLE_OK) { + return static_cast(code); + } + MarkOptionSet(fuzz, desc->curlopt); + return 0; + } + case OptionValueKind::kUnknown: + default: + return 255; + } +} + +int ApplyHeader(const curl::fuzzer::proto::AddHeader &header, + ScenarioState *state, + FUZZ_DATA *fuzz) { + const char *value = nullptr; + int rc = state->HeaderValueToCString(header.value(), &value); + if(rc != 0) { + return rc; + } + curl_slist *new_list = curl_slist_append(fuzz->header_list, value); + if(new_list == NULL) { + return 255; + } + fuzz->header_list = new_list; + fuzz->header_list_count++; + return 0; +} + +int ApplyMailRecipient(const curl::fuzzer::proto::AddMailRecipient &recipient, + ScenarioState *state, + FUZZ_DATA *fuzz) { + const char *value = nullptr; + int rc = state->HeaderValueToCString(recipient.value(), &value); + if(rc != 0) { + return rc; + } + curl_slist *new_list = curl_slist_append(fuzz->mail_recipients_list, value); + if(new_list == NULL) { + return 255; + } + fuzz->mail_recipients_list = new_list; + fuzz->header_list_count++; + return 0; +} + +int ApplyRegisterUpload(const curl::fuzzer::proto::RegisterUpload &upload, + ScenarioState *state, + FUZZ_DATA *fuzz) { + const uint8_t *data = nullptr; + size_t length = 0; + int rc = state->ResolveBlobRef(upload.payload(), &data, &length); + if(rc != 0) { + return rc; + } + fuzz->upload1_data = data; + fuzz->upload1_data_len = length; + fuzz->upload1_data_written = 0; + const OptionDescriptor *upload_desc = LookupDescriptor(curl::fuzzer::proto::CURLOPT_UPLOAD); + if(upload_desc != nullptr) { + rc = EnsureOptionUnset(fuzz, upload_desc->curlopt, upload_desc); + if(rc != 0) { + return rc; + } + rc = ApplyLongOption( + fuzz, + upload_desc, + upload.kind() == curl::fuzzer::proto::TRANSFER_KIND_POSTFIELDS ? 0L : 1L); + if(rc != 0) { + return rc; + } + } + + const OptionDescriptor *length_desc = + LookupDescriptor(curl::fuzzer::proto::CURLOPT_INFILESIZE_LARGE); + if(length_desc != nullptr) { + rc = EnsureOptionUnset(fuzz, length_desc->curlopt, length_desc); + if(rc != 0) { + return rc; + } + return ApplyOffOption(fuzz, length_desc, static_cast(length)); + } + return 0; +} + +int ApplyMimePart(const curl::fuzzer::proto::MimePart &part, + ScenarioState *state, + curl_mime *mime) { + curl_mimepart *m = curl_mime_addpart(mime); + if(m == NULL) { + return 255; + } + if(!part.name().empty()) { + const char *name = state->CopyString(part.name()); + curl_mime_name(m, name); + } + if(!part.filename().empty()) { + const char *filename = state->CopyString(part.filename()); + curl_mime_filename(m, filename); + } + if(!part.content_type().empty()) { + const char *ctype = state->CopyString(part.content_type()); + curl_mime_type(m, ctype); + } + switch(part.body_case()) { + case curl::fuzzer::proto::MimePart::kBlob: { + const uint8_t *data = nullptr; + size_t len = 0; + int rc = state->ResolveBlobRef(part.blob(), &data, &len); + if(rc != 0) { + return rc; + } + CURLcode code = curl_mime_data(m, reinterpret_cast(data), len); + if(code != CURLE_OK) { + return static_cast(code); + } + break; + } + case curl::fuzzer::proto::MimePart::kInlineData: { + const char *text = state->CopyString(part.inline_data()); + CURLcode code = curl_mime_data(m, text, CURL_ZERO_TERMINATED); + if(code != CURLE_OK) { + return static_cast(code); + } + break; + } + case curl::fuzzer::proto::MimePart::BODY_NOT_SET: + default: + break; + } + for(const auto &header : part.headers()) { + const char *hv = nullptr; + int rc = state->HeaderValueToCString(header, &hv); + if(rc != 0) { + return rc; + } + struct curl_slist *list = curl_slist_append(nullptr, hv); + if(list == NULL) { + return 255; + } + CURLcode code = curl_mime_headers(m, list, 1); + if(code != CURLE_OK) { + return static_cast(code); + } + } + return 0; +} + +int ApplyConfigureMime(const curl::fuzzer::proto::ConfigureMime &config, + ScenarioState *state, + FUZZ_DATA *fuzz) { + if(fuzz->mime == NULL) { + fuzz->mime = curl_mime_init(fuzz->easy); + if(fuzz->mime == NULL) { + return 255; + } + } + for(const auto &part : config.parts()) { + int rc = ApplyMimePart(part, state, fuzz->mime); + if(rc != 0) { + return rc; + } + } + return 0; +} + +int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, + ScenarioState *state, + FUZZ_DATA *fuzz) { + struct curl_httppost *post = NULL; + struct curl_httppost *last = fuzz->httppost; + for(const auto &field : config.fields()) { + const char *name = state->CopyString(field.name()); + CURLFORMcode form_rc = CURL_FORMADD_OK; + switch(field.body_case()) { + case curl::fuzzer::proto::FormField::kInlineData: { + const char *data = state->CopyString(field.inline_data()); + form_rc = curl_formadd(&post, &last, + CURLFORM_COPYNAME, name, + CURLFORM_COPYCONTENTS, data, + CURLFORM_END); + break; + } + case curl::fuzzer::proto::FormField::kBlob: { + const uint8_t *data = nullptr; + size_t len = 0; + int rc = state->ResolveBlobRef(field.blob(), &data, &len); + if(rc != 0) { + return rc; + } + form_rc = curl_formadd(&post, &last, + CURLFORM_COPYNAME, name, + CURLFORM_PTRCONTENTS, data, + CURLFORM_CONTENTLEN, static_cast(len), + CURLFORM_END); + break; + } + case curl::fuzzer::proto::FormField::BODY_NOT_SET: + default: + form_rc = curl_formadd(&post, &last, + CURLFORM_COPYNAME, name, + CURLFORM_END); + break; + } + if(form_rc != CURL_FORMADD_OK) { + return 255; + } + } + if(fuzz->httppost == NULL) { + fuzz->httppost = post; + } + else if(post != NULL) { + fuzz->last_post_part->next = post; + } + fuzz->last_post_part = last; + return 0; +} + +int ApplyResponse(const curl::fuzzer::proto::Response &response, + ScenarioState *state, + FUZZ_RESPONSE *dest) { + const uint8_t *data = nullptr; + size_t len = 0; + int rc = state->ResolveBlobRef(response.payload(), &data, &len); + if(rc != 0) { + return rc; + } + dest->data = data; + dest->data_len = len; + return 0; +} + +int ApplyConnections(const google::protobuf::RepeatedPtrField &connections, + ScenarioState *state, + FUZZ_DATA *fuzz) { + for(const auto &connection : connections) { + if(connection.id() >= FUZZ_NUM_CONNECTIONS) { + continue; + } + FUZZ_SOCKET_MANAGER *manager = &fuzz->sockman[connection.id()]; + if(connection.has_initial_response()) { + int rc = ApplyResponse(connection.initial_response(), state, &manager->responses[0]); + if(rc != 0) { + return rc; + } + } + int idx = 1; + for(const auto &resp : connection.on_readable()) { + if(idx >= TLV_MAX_NUM_RESPONSES) { + break; + } + int rc = ApplyResponse(resp, state, &manager->responses[idx]); + if(rc != 0) { + return rc; + } + idx++; + } + } + return 0; +} + +int ApplyRegisterResponse(const curl::fuzzer::proto::RegisterResponse ®istration, + ScenarioState *state, + FUZZ_DATA *fuzz) { + uint32_t id = registration.connection_id(); + if(id >= FUZZ_NUM_CONNECTIONS) { + return 255; + } + FUZZ_SOCKET_MANAGER *manager = &fuzz->sockman[id]; + switch(registration.stage()) { + case curl::fuzzer::proto::RESPONSE_STAGE_ON_CONNECT: + return ApplyResponse(registration.response(), state, &manager->responses[0]); + case curl::fuzzer::proto::RESPONSE_STAGE_ON_READABLE: { + for(int idx = 1; idx < TLV_MAX_NUM_RESPONSES; ++idx) { + if(manager->responses[idx].data_len == 0 && manager->responses[idx].data == NULL) { + return ApplyResponse(registration.response(), state, &manager->responses[idx]); + } + } + return 255; + } + case curl::fuzzer::proto::RESPONSE_STAGE_UNSPECIFIED: + default: + return 255; + } +} + +int ApplyAction(const curl::fuzzer::proto::Action &action, + ScenarioState *state, + FUZZ_DATA *fuzz) { + switch(action.kind_case()) { + case curl::fuzzer::proto::Action::kSetOption: + return ApplySetOption(action.set_option(), state, fuzz); + case curl::fuzzer::proto::Action::kAddHeader: + return ApplyHeader(action.add_header(), state, fuzz); + case curl::fuzzer::proto::Action::kAddMailRecipient: + return ApplyMailRecipient(action.add_mail_recipient(), state, fuzz); + case curl::fuzzer::proto::Action::kConfigureMime: + return ApplyConfigureMime(action.configure_mime(), state, fuzz); + case curl::fuzzer::proto::Action::kConfigureHttpPost: + return ApplyConfigureHttpPost(action.configure_http_post(), state, fuzz); + case curl::fuzzer::proto::Action::kRegisterUpload: + return ApplyRegisterUpload(action.register_upload(), state, fuzz); + case curl::fuzzer::proto::Action::kRegisterResponse: + return ApplyRegisterResponse(action.register_response(), state, fuzz); + case curl::fuzzer::proto::Action::KIND_NOT_SET: + default: + return 0; + } +} + +int ApplyGlobalDefaults(const curl::fuzzer::proto::GlobalConfig &config, + ScenarioState *state, + FUZZ_DATA *fuzz) { + for(const auto &option : config.defaults()) { + int rc = ApplySetOption(option, state, fuzz); + if(rc != 0) { + return rc; + } + } + if(!config.allowed_protocols().empty()) { + std::string protocols; + for(size_t ii = 0; ii < static_cast(config.allowed_protocols_size()); ++ii) { + if(ii > 0) { + protocols.append(","); + } + protocols.append(config.allowed_protocols(ii)); + } + const char *value = state->CopyString(protocols); + CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_PROTOCOLS_STR, value); + if(code != CURLE_OK) { + return static_cast(code); + } + } + if(config.timeout_ms() != 0) { + CURLcode code = + curl_easy_setopt(fuzz->easy, CURLOPT_TIMEOUT_MS, static_cast(config.timeout_ms())); + if(code != CURLE_OK) { + return static_cast(code); + } + } + if(config.server_response_timeout_ms() != 0) { + CURLcode code = curl_easy_setopt(fuzz->easy, + CURLOPT_SERVER_RESPONSE_TIMEOUT, + static_cast(config.server_response_timeout_ms())); + if(code != CURLE_OK) { + return static_cast(code); + } + } + if(config.verbose()) { + CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_VERBOSE, 1L); + if(code != CURLE_OK) { + return static_cast(code); + } + } + return 0; +} + +} // namespace + +bool TryParseScenario(const uint8_t *data, + size_t size, + curl::fuzzer::proto::Scenario *out) { + if(size < 2) { + return false; + } + curl::fuzzer::proto::Scenario scenario; + if(!scenario.ParseFromArray(data, static_cast(size))) { + return false; + } + if(!HasStructuredTag(scenario) && + scenario.actions_size() == 0 && + scenario.connections_size() == 0 && + scenario.blobs_size() == 0) { + return false; + } + out->Swap(&scenario); + return true; +} + +int ApplyScenario(const curl::fuzzer::proto::Scenario &scenario, + FUZZ_DATA *fuzz) { + auto state = std::make_unique(); + int rc = state->LoadBlobs(scenario); + if(rc != 0) { + return rc; + } + rc = ApplyGlobalDefaults(scenario.global(), state.get(), fuzz); + if(rc != 0) { + return rc; + } + for(const auto &action : scenario.actions()) { + rc = ApplyAction(action, state.get(), fuzz); + if(rc != 0) { + return rc; + } + } + rc = ApplyConnections(scenario.connections(), state.get(), fuzz); + if(rc != 0) { + return rc; + } + + fuzz->scenario_state = state.release(); + fuzz->scenario_state_destructor = DestroyScenarioState; + return 0; +} + +} // namespace curl_fuzzer diff --git a/curl_fuzzer_scenario.h b/curl_fuzzer_scenario.h new file mode 100644 index 00000000..87805630 --- /dev/null +++ b/curl_fuzzer_scenario.h @@ -0,0 +1,28 @@ +#ifndef CURL_FUZZER_SCENARIO_H_ +#define CURL_FUZZER_SCENARIO_H_ + +#include +#include + +#include "curl_fuzzer.h" +#include "curl_fuzzer.pb.h" + +namespace curl_fuzzer { + +// Attempt to parse the input buffer as a structured Scenario proto. Returns +// true on success and writes the decoded scenario to |out|. The parsed data is +// independent of the original buffer once this function returns. +bool TryParseScenario(const uint8_t *data, + size_t size, + curl::fuzzer::proto::Scenario *out); + +// Apply a decoded Scenario onto the existing FUZZ_DATA setup. On success the +// FUZZ_DATA instance is ready for curl option setup (fuzz_set_easy_options) and +// subsequent execution. Returns 0 on success, or a non-zero error code that +// matches the legacy TLV error semantics. +int ApplyScenario(const curl::fuzzer::proto::Scenario &scenario, + FUZZ_DATA *fuzz); + +} // namespace curl_fuzzer + +#endif // CURL_FUZZER_SCENARIO_H_ diff --git a/schemas/curl_fuzzer.proto b/schemas/curl_fuzzer.proto new file mode 100644 index 00000000..4e91236a --- /dev/null +++ b/schemas/curl_fuzzer.proto @@ -0,0 +1,407 @@ +syntax = "proto3"; + +package curl.fuzzer.proto; + +// Structured scenario description for the curl fuzzing harness. Mirrors the +// design documented in SPEC.md and is intended for consumption by +// libprotobuf-mutator powered fuzz targets as well as tooling that converts +// between legacy TLV corpora and the structured representation. + +message Scenario { + GlobalConfig global = 1; + repeated Action actions = 2; + repeated Connection connections = 3; + repeated DataBlob blobs = 4; + Metadata metadata = 5; +} + +// Global options and defaults that apply before individual actions run. +message GlobalConfig { + repeated SetOption defaults = 1; + repeated string allowed_protocols = 2; + uint32 timeout_ms = 3; + uint32 server_response_timeout_ms = 4; + bool verbose = 5; +} + +message SetOption { + CurlOptionId option_id = 1; + OptionScope scope = 2; + oneof value { + string string_value = 10; + BlobRef blob = 11; + int32 int32_value = 12; + uint32 uint32_value = 13; + int64 int64_value = 14; + uint64 uint64_value = 15; + bool bool_value = 16; + double double_value = 17; + } +} + +// A single configuration step executed before the transfer starts. +message Action { + oneof kind { + SetOption set_option = 1; + AddHeader add_header = 2; + AddMailRecipient add_mail_recipient = 3; + ConfigureMime configure_mime = 4; + ConfigureHttpPost configure_http_post = 5; + RegisterUpload register_upload = 6; + RegisterResponse register_response = 7; + } +} + +message AddHeader { + HeaderValue value = 1; +} + +message AddMailRecipient { + HeaderValue value = 1; +} + +message ConfigureMime { + repeated MimePart parts = 1; +} + +message ConfigureHttpPost { + repeated FormField fields = 1; +} + +message RegisterUpload { + BlobRef payload = 1; + TransferKind kind = 2; + uint64 size_hint = 3; +} + +message RegisterResponse { + uint32 connection_id = 1; // Default: 0 (primary connection) + ResponseStage stage = 2; + Response response = 3; +} + +// Target connection behaviour once libcurl connects. +message Connection { + uint32 id = 1; // 0 == primary, 1 == secondary, etc. + Response initial_response = 2; + repeated Response on_readable = 3; + ShutdownPolicy shutdown_policy = 4; + OptionalDelay idle_after_send = 5; +} + +message Response { + BlobRef payload = 1; + ResponseHint hint = 2; + OptionalDelay delay_before = 3; +} + +message ResponseHint { + bool chunked = 1; + bool websocket_frame = 2; + bool tls_record = 3; +} + +message OptionalDelay { + uint32 milliseconds = 1; +} + +// Canonical storage for reusable byte buffers. +message DataBlob { + uint32 id = 1; + oneof payload { + bytes raw = 2; + string utf8 = 3; + } + uint32 max_mutation_size = 4; + repeated string tags = 5; +} + +message BlobRef { + uint32 blob_id = 1; + optional uint32 offset = 2; + optional uint32 length = 3; +} + +message Metadata { + string description = 1; + repeated string labels = 2; + map annotations = 3; + repeated string provenance = 4; +} + +message HeaderValue { + oneof value { + string text = 1; + BlobRef blob = 2; + } +} + +message MimePart { + string name = 1; + oneof body { + BlobRef blob = 2; + string inline_data = 3; + } + string filename = 4; + string content_type = 5; + repeated HeaderValue headers = 6; +} + +message FormField { + string name = 1; + oneof body { + BlobRef blob = 2; + string inline_data = 3; + } + string filename = 4; + string content_type = 5; +} + +// Scope for options that support multiple namespaces (e.g. proxy vs easy). +enum OptionScope { + OPTION_SCOPE_UNSPECIFIED = 0; + OPTION_SCOPE_DEFAULT = 1; + OPTION_SCOPE_PROXY = 2; + OPTION_SCOPE_DOH = 3; + OPTION_SCOPE_TLS = 4; +} + +enum TransferKind { + TRANSFER_KIND_UNSPECIFIED = 0; + TRANSFER_KIND_UPLOAD = 1; + TRANSFER_KIND_POSTFIELDS = 2; + TRANSFER_KIND_SEND = 3; +} + +enum ResponseStage { + RESPONSE_STAGE_UNSPECIFIED = 0; + RESPONSE_STAGE_ON_CONNECT = 1; + RESPONSE_STAGE_ON_READABLE = 2; +} + +enum ShutdownPolicy { + SHUTDOWN_POLICY_UNSPECIFIED = 0; + SHUTDOWN_POLICY_HALF_CLOSE_AFTER_LAST_RESPONSE = 1; + SHUTDOWN_POLICY_KEEP_OPEN = 2; + SHUTDOWN_POLICY_CLOSE_IMMEDIATELY = 3; +} + +// Mapping of structured options to libcurl option identifiers. The enum names +// intentionally mirror libcurl's `CURLOPT_*` constants for readability. +enum CurlOptionId { + CURL_OPTION_UNSPECIFIED = 0; + CURLOPT_ABSTRACT_UNIX_SOCKET = 1; + CURLOPT_ACCEPTTIMEOUT_MS = 2; + CURLOPT_ACCEPT_ENCODING = 3; + CURLOPT_ADDRESS_SCOPE = 4; + CURLOPT_ALTSVC_CTRL = 5; + CURLOPT_APPEND = 6; + CURLOPT_AUTOREFERER = 7; + CURLOPT_AWS_SIGV4 = 8; + CURLOPT_BUFFERSIZE = 9; + CURLOPT_CAINFO = 10; + CURLOPT_CAPATH = 11; + CURLOPT_CA_CACHE_TIMEOUT = 12; + CURLOPT_CERTINFO = 13; + CURLOPT_CONNECTTIMEOUT = 14; + CURLOPT_CONNECTTIMEOUT_MS = 15; + CURLOPT_CONNECT_ONLY = 16; + CURLOPT_COOKIE = 17; + CURLOPT_COOKIEFILE = 18; + CURLOPT_COOKIEJAR = 19; + CURLOPT_COOKIELIST = 20; + CURLOPT_COOKIESESSION = 21; + CURLOPT_CUSTOMREQUEST = 22; + CURLOPT_DEFAULT_PROTOCOL = 23; + CURLOPT_DIRLISTONLY = 24; + CURLOPT_DISALLOW_USERNAME_IN_URL = 25; + CURLOPT_DNS_CACHE_TIMEOUT = 26; + CURLOPT_DNS_INTERFACE = 27; + CURLOPT_DNS_LOCAL_IP4 = 28; + CURLOPT_DNS_LOCAL_IP6 = 29; + CURLOPT_DNS_SERVERS = 30; + CURLOPT_DNS_SHUFFLE_ADDRESSES = 31; + CURLOPT_DOH_SSL_VERIFYHOST = 32; + CURLOPT_DOH_SSL_VERIFYPEER = 33; + CURLOPT_DOH_SSL_VERIFYSTATUS = 34; + CURLOPT_DOH_URL = 35; + CURLOPT_ECH = 36; + CURLOPT_EXPECT_100_TIMEOUT_MS = 37; + CURLOPT_FAILONERROR = 38; + CURLOPT_FILETIME = 39; + CURLOPT_FOLLOWLOCATION = 40; + CURLOPT_FORBID_REUSE = 41; + CURLOPT_FRESH_CONNECT = 42; + CURLOPT_FTPPORT = 43; + CURLOPT_FTPSSLAUTH = 44; + CURLOPT_FTP_ACCOUNT = 45; + CURLOPT_FTP_ALTERNATIVE_TO_USER = 46; + CURLOPT_FTP_CREATE_MISSING_DIRS = 47; + CURLOPT_FTP_FILEMETHOD = 48; + CURLOPT_FTP_SKIP_PASV_IP = 49; + CURLOPT_FTP_SSL_CCC = 50; + CURLOPT_FTP_USE_EPRT = 51; + CURLOPT_FTP_USE_EPSV = 52; + CURLOPT_FTP_USE_PRET = 53; + CURLOPT_GSSAPI_DELEGATION = 54; + CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS = 55; + CURLOPT_HAPROXYPROTOCOL = 56; + CURLOPT_HAPROXY_CLIENT_IP = 57; + CURLOPT_HEADER = 58; + CURLOPT_HEADEROPT = 59; + CURLOPT_HSTS_CTRL = 60; + CURLOPT_HTTP09_ALLOWED = 61; + CURLOPT_HTTPAUTH = 62; + CURLOPT_HTTPGET = 63; + CURLOPT_HTTPPOST = 64; + CURLOPT_HTTPPROXYTUNNEL = 65; + CURLOPT_HTTP_CONTENT_DECODING = 66; + CURLOPT_HTTP_TRANSFER_DECODING = 67; + CURLOPT_HTTP_VERSION = 68; + CURLOPT_IGNORE_CONTENT_LENGTH = 69; + CURLOPT_INFILESIZE_LARGE = 70; + CURLOPT_INTERFACE = 71; + CURLOPT_IPRESOLVE = 72; + CURLOPT_ISSUERCERT = 73; + CURLOPT_KEEP_SENDING_ON_ERROR = 74; + CURLOPT_KEYPASSWD = 75; + CURLOPT_KRBLEVEL = 76; + CURLOPT_LOCALPORT = 77; + CURLOPT_LOCALPORTRANGE = 78; + CURLOPT_LOGIN_OPTIONS = 79; + CURLOPT_LOW_SPEED_LIMIT = 80; + CURLOPT_LOW_SPEED_TIME = 81; + CURLOPT_MAIL_AUTH = 82; + CURLOPT_MAIL_FROM = 83; + CURLOPT_MAIL_RCPT_ALLOWFAILS = 84; + CURLOPT_MAXAGE_CONN = 85; + CURLOPT_MAXCONNECTS = 86; + CURLOPT_MAXFILESIZE = 87; + CURLOPT_MAXFILESIZE_LARGE = 88; + CURLOPT_MAXLIFETIME_CONN = 89; + CURLOPT_MAXREDIRS = 90; + CURLOPT_MAX_RECV_SPEED_LARGE = 91; + CURLOPT_MAX_SEND_SPEED_LARGE = 92; + CURLOPT_MIMEPOST = 93; + CURLOPT_MIME_OPTIONS = 94; + CURLOPT_NETRC = 95; + CURLOPT_NEW_DIRECTORY_PERMS = 96; + CURLOPT_NEW_FILE_PERMS = 97; + CURLOPT_NOBODY = 98; + CURLOPT_NOPROGRESS = 99; + CURLOPT_NOPROXY = 100; + CURLOPT_NOSIGNAL = 101; + CURLOPT_PASSWORD = 102; + CURLOPT_PATH_AS_IS = 103; + CURLOPT_PINNEDPUBLICKEY = 104; + CURLOPT_PIPEWAIT = 105; + CURLOPT_PORT = 106; + CURLOPT_POST = 107; + CURLOPT_POSTFIELDS = 108; + CURLOPT_POSTFIELDSIZE = 109; + CURLOPT_POSTFIELDSIZE_LARGE = 110; + CURLOPT_POSTREDIR = 111; + CURLOPT_PRE_PROXY = 112; + CURLOPT_PROXY = 113; + CURLOPT_PROXYAUTH = 114; + CURLOPT_PROXYPASSWORD = 115; + CURLOPT_PROXYPORT = 116; + CURLOPT_PROXYTYPE = 117; + CURLOPT_PROXYUSERNAME = 118; + CURLOPT_PROXYUSERPWD = 119; + CURLOPT_PROXY_CAINFO = 120; + CURLOPT_PROXY_CAPATH = 121; + CURLOPT_PROXY_CRLFILE = 122; + CURLOPT_PROXY_ISSUERCERT = 123; + CURLOPT_PROXY_KEYPASSWD = 124; + CURLOPT_PROXY_PINNEDPUBLICKEY = 125; + CURLOPT_PROXY_SERVICE_NAME = 126; + CURLOPT_PROXY_SSLCERT = 127; + CURLOPT_PROXY_SSLCERTTYPE = 128; + CURLOPT_PROXY_SSLKEY = 129; + CURLOPT_PROXY_SSLKEYTYPE = 130; + CURLOPT_PROXY_SSLVERSION = 131; + CURLOPT_PROXY_SSL_CIPHER_LIST = 132; + CURLOPT_PROXY_SSL_OPTIONS = 133; + CURLOPT_PROXY_SSL_VERIFYHOST = 134; + CURLOPT_PROXY_SSL_VERIFYPEER = 135; + CURLOPT_PROXY_TLS13_CIPHERS = 136; + CURLOPT_PROXY_TLSAUTH_PASSWORD = 137; + CURLOPT_PROXY_TLSAUTH_TYPE = 138; + CURLOPT_PROXY_TLSAUTH_USERNAME = 139; + CURLOPT_PROXY_TRANSFER_MODE = 140; + CURLOPT_QUICK_EXIT = 141; + CURLOPT_RANGE = 142; + CURLOPT_REDIR_PROTOCOLS_STR = 143; + CURLOPT_REFERER = 144; + CURLOPT_REQUEST_TARGET = 145; + CURLOPT_RESUME_FROM = 146; + CURLOPT_RESUME_FROM_LARGE = 147; + CURLOPT_RTSP_CLIENT_CSEQ = 148; + CURLOPT_RTSP_REQUEST = 149; + CURLOPT_RTSP_SERVER_CSEQ = 150; + CURLOPT_RTSP_SESSION_ID = 151; + CURLOPT_RTSP_STREAM_URI = 152; + CURLOPT_RTSP_TRANSPORT = 153; + CURLOPT_SASL_AUTHZID = 154; + CURLOPT_SASL_IR = 155; + CURLOPT_SERVER_RESPONSE_TIMEOUT_MS = 156; + CURLOPT_SERVICE_NAME = 157; + CURLOPT_SOCKS5_AUTH = 158; + CURLOPT_SOCKS5_GSSAPI_NEC = 159; + CURLOPT_SSH_AUTH_TYPES = 160; + CURLOPT_SSH_COMPRESSION = 161; + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 = 162; + CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 = 163; + CURLOPT_SSH_KNOWNHOSTS = 164; + CURLOPT_SSH_PRIVATE_KEYFILE = 165; + CURLOPT_SSH_PUBLIC_KEYFILE = 166; + CURLOPT_SSLCERT = 167; + CURLOPT_SSLCERTTYPE = 168; + CURLOPT_SSLENGINE = 169; + CURLOPT_SSLENGINE_DEFAULT = 170; + CURLOPT_SSLKEY = 171; + CURLOPT_SSLKEYTYPE = 172; + CURLOPT_SSLVERSION = 173; + CURLOPT_SSL_CIPHER_LIST = 174; + CURLOPT_SSL_EC_CURVES = 175; + CURLOPT_SSL_ENABLE_ALPN = 176; + CURLOPT_SSL_FALSESTART = 177; + CURLOPT_SSL_OPTIONS = 178; + CURLOPT_SSL_SESSIONID_CACHE = 179; + CURLOPT_SSL_VERIFYHOST = 180; + CURLOPT_SSL_VERIFYPEER = 181; + CURLOPT_SSL_VERIFYSTATUS = 182; + CURLOPT_STREAM_WEIGHT = 183; + CURLOPT_SUPPRESS_CONNECT_HEADERS = 184; + CURLOPT_TCP_FASTOPEN = 185; + CURLOPT_TCP_KEEPALIVE = 186; + CURLOPT_TCP_KEEPCNT = 187; + CURLOPT_TCP_KEEPIDLE = 188; + CURLOPT_TCP_KEEPINTVL = 189; + CURLOPT_TCP_NODELAY = 190; + CURLOPT_TFTP_BLKSIZE = 191; + CURLOPT_TFTP_NO_OPTIONS = 192; + CURLOPT_TIMECONDITION = 193; + CURLOPT_TIMEVALUE = 194; + CURLOPT_TIMEVALUE_LARGE = 195; + CURLOPT_TLS13_CIPHERS = 196; + CURLOPT_TLSAUTH_PASSWORD = 197; + CURLOPT_TLSAUTH_TYPE = 198; + CURLOPT_TLSAUTH_USERNAME = 199; + CURLOPT_TRANSFERTEXT = 200; + CURLOPT_TRANSFER_ENCODING = 201; + CURLOPT_UNIX_SOCKET_PATH = 202; + CURLOPT_UNRESTRICTED_AUTH = 203; + CURLOPT_UPKEEP_INTERVAL_MS = 204; + CURLOPT_UPLOAD = 205; + CURLOPT_UPLOAD_BUFFERSIZE = 206; + CURLOPT_URL = 207; + CURLOPT_USERAGENT = 208; + CURLOPT_USERNAME = 209; + CURLOPT_USERPWD = 210; + CURLOPT_USE_SSL = 211; + CURLOPT_WILDCARDMATCH = 212; + CURLOPT_WS_OPTIONS = 213; + CURLOPT_XOAUTH2_BEARER = 214; +} From db21ba712a410074632fbbced96bd02d805cc801 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 15:16:40 +0000 Subject: [PATCH 02/10] Add generator for curl options --- generated/curl_fuzzer_option_manifest.inc | 218 +++++++++ schemas/curl_fuzzer.proto | 428 +++++++++--------- schemas/curl_fuzzer_supported_curlopts.txt | 214 +++++++++ .../generate_option_manifest.py | 193 ++++++++ 4 files changed, 839 insertions(+), 214 deletions(-) create mode 100644 generated/curl_fuzzer_option_manifest.inc create mode 100644 schemas/curl_fuzzer_supported_curlopts.txt create mode 100644 src/curl_fuzzer_tools/generate_option_manifest.py diff --git a/generated/curl_fuzzer_option_manifest.inc b/generated/curl_fuzzer_option_manifest.inc new file mode 100644 index 00000000..a54f0f0d --- /dev/null +++ b/generated/curl_fuzzer_option_manifest.inc @@ -0,0 +1,218 @@ +// Generated by src/curl_fuzzer_tools/generate_option_manifest.py +static constexpr OptionDescriptor kOptionManifest[] = { + {curl::fuzzer::proto::CURLOPT_ABSTRACT_UNIX_SOCKET, OptionValueKind::kString, true, "CURLOPT_ABSTRACT_UNIX_SOCKET", CURLOPT_ABSTRACT_UNIX_SOCKET}, + {curl::fuzzer::proto::CURLOPT_ACCEPTTIMEOUT_MS, OptionValueKind::kUint32, true, "CURLOPT_ACCEPTTIMEOUT_MS", CURLOPT_ACCEPTTIMEOUT_MS}, + {curl::fuzzer::proto::CURLOPT_ACCEPT_ENCODING, OptionValueKind::kString, true, "CURLOPT_ACCEPT_ENCODING", CURLOPT_ACCEPT_ENCODING}, + {curl::fuzzer::proto::CURLOPT_ADDRESS_SCOPE, OptionValueKind::kUint32, true, "CURLOPT_ADDRESS_SCOPE", CURLOPT_ADDRESS_SCOPE}, + {curl::fuzzer::proto::CURLOPT_ALTSVC_CTRL, OptionValueKind::kUint32, true, "CURLOPT_ALTSVC_CTRL", CURLOPT_ALTSVC_CTRL}, + {curl::fuzzer::proto::CURLOPT_APPEND, OptionValueKind::kUint32, true, "CURLOPT_APPEND", CURLOPT_APPEND}, + {curl::fuzzer::proto::CURLOPT_AUTOREFERER, OptionValueKind::kUint32, true, "CURLOPT_AUTOREFERER", CURLOPT_AUTOREFERER}, + {curl::fuzzer::proto::CURLOPT_AWS_SIGV4, OptionValueKind::kString, true, "CURLOPT_AWS_SIGV4", CURLOPT_AWS_SIGV4}, + {curl::fuzzer::proto::CURLOPT_BUFFERSIZE, OptionValueKind::kUint32, true, "CURLOPT_BUFFERSIZE", CURLOPT_BUFFERSIZE}, + {curl::fuzzer::proto::CURLOPT_CAINFO, OptionValueKind::kString, true, "CURLOPT_CAINFO", CURLOPT_CAINFO}, + {curl::fuzzer::proto::CURLOPT_CAPATH, OptionValueKind::kString, true, "CURLOPT_CAPATH", CURLOPT_CAPATH}, + {curl::fuzzer::proto::CURLOPT_CA_CACHE_TIMEOUT, OptionValueKind::kUint32, true, "CURLOPT_CA_CACHE_TIMEOUT", CURLOPT_CA_CACHE_TIMEOUT}, + {curl::fuzzer::proto::CURLOPT_CERTINFO, OptionValueKind::kUint32, true, "CURLOPT_CERTINFO", CURLOPT_CERTINFO}, + {curl::fuzzer::proto::CURLOPT_CONNECTTIMEOUT, OptionValueKind::kUint32, true, "CURLOPT_CONNECTTIMEOUT", CURLOPT_CONNECTTIMEOUT}, + {curl::fuzzer::proto::CURLOPT_CONNECTTIMEOUT_MS, OptionValueKind::kUint32, true, "CURLOPT_CONNECTTIMEOUT_MS", CURLOPT_CONNECTTIMEOUT_MS}, + {curl::fuzzer::proto::CURLOPT_CONNECT_ONLY, OptionValueKind::kUint32, true, "CURLOPT_CONNECT_ONLY", CURLOPT_CONNECT_ONLY}, + {curl::fuzzer::proto::CURLOPT_COOKIE, OptionValueKind::kString, true, "CURLOPT_COOKIE", CURLOPT_COOKIE}, + {curl::fuzzer::proto::CURLOPT_COOKIEFILE, OptionValueKind::kString, true, "CURLOPT_COOKIEFILE", CURLOPT_COOKIEFILE}, + {curl::fuzzer::proto::CURLOPT_COOKIEJAR, OptionValueKind::kString, true, "CURLOPT_COOKIEJAR", CURLOPT_COOKIEJAR}, + {curl::fuzzer::proto::CURLOPT_COOKIELIST, OptionValueKind::kString, true, "CURLOPT_COOKIELIST", CURLOPT_COOKIELIST}, + {curl::fuzzer::proto::CURLOPT_COOKIESESSION, OptionValueKind::kUint32, true, "CURLOPT_COOKIESESSION", CURLOPT_COOKIESESSION}, + {curl::fuzzer::proto::CURLOPT_CUSTOMREQUEST, OptionValueKind::kString, true, "CURLOPT_CUSTOMREQUEST", CURLOPT_CUSTOMREQUEST}, + {curl::fuzzer::proto::CURLOPT_DEFAULT_PROTOCOL, OptionValueKind::kString, true, "CURLOPT_DEFAULT_PROTOCOL", CURLOPT_DEFAULT_PROTOCOL}, + {curl::fuzzer::proto::CURLOPT_DIRLISTONLY, OptionValueKind::kUint32, true, "CURLOPT_DIRLISTONLY", CURLOPT_DIRLISTONLY}, + {curl::fuzzer::proto::CURLOPT_DISALLOW_USERNAME_IN_URL, OptionValueKind::kUint32, true, "CURLOPT_DISALLOW_USERNAME_IN_URL", CURLOPT_DISALLOW_USERNAME_IN_URL}, + {curl::fuzzer::proto::CURLOPT_DNS_CACHE_TIMEOUT, OptionValueKind::kUint32, true, "CURLOPT_DNS_CACHE_TIMEOUT", CURLOPT_DNS_CACHE_TIMEOUT}, + {curl::fuzzer::proto::CURLOPT_DNS_INTERFACE, OptionValueKind::kString, true, "CURLOPT_DNS_INTERFACE", CURLOPT_DNS_INTERFACE}, + {curl::fuzzer::proto::CURLOPT_DNS_LOCAL_IP4, OptionValueKind::kString, true, "CURLOPT_DNS_LOCAL_IP4", CURLOPT_DNS_LOCAL_IP4}, + {curl::fuzzer::proto::CURLOPT_DNS_LOCAL_IP6, OptionValueKind::kString, true, "CURLOPT_DNS_LOCAL_IP6", CURLOPT_DNS_LOCAL_IP6}, + {curl::fuzzer::proto::CURLOPT_DNS_SERVERS, OptionValueKind::kString, true, "CURLOPT_DNS_SERVERS", CURLOPT_DNS_SERVERS}, + {curl::fuzzer::proto::CURLOPT_DNS_SHUFFLE_ADDRESSES, OptionValueKind::kUint32, true, "CURLOPT_DNS_SHUFFLE_ADDRESSES", CURLOPT_DNS_SHUFFLE_ADDRESSES}, + {curl::fuzzer::proto::CURLOPT_DOH_SSL_VERIFYHOST, OptionValueKind::kUint32, true, "CURLOPT_DOH_SSL_VERIFYHOST", CURLOPT_DOH_SSL_VERIFYHOST}, + {curl::fuzzer::proto::CURLOPT_DOH_SSL_VERIFYPEER, OptionValueKind::kUint32, true, "CURLOPT_DOH_SSL_VERIFYPEER", CURLOPT_DOH_SSL_VERIFYPEER}, + {curl::fuzzer::proto::CURLOPT_DOH_SSL_VERIFYSTATUS, OptionValueKind::kUint32, true, "CURLOPT_DOH_SSL_VERIFYSTATUS", CURLOPT_DOH_SSL_VERIFYSTATUS}, + {curl::fuzzer::proto::CURLOPT_DOH_URL, OptionValueKind::kString, true, "CURLOPT_DOH_URL", CURLOPT_DOH_URL}, + {curl::fuzzer::proto::CURLOPT_ECH, OptionValueKind::kString, true, "CURLOPT_ECH", CURLOPT_ECH}, + {curl::fuzzer::proto::CURLOPT_EXPECT_100_TIMEOUT_MS, OptionValueKind::kUint32, true, "CURLOPT_EXPECT_100_TIMEOUT_MS", CURLOPT_EXPECT_100_TIMEOUT_MS}, + {curl::fuzzer::proto::CURLOPT_FAILONERROR, OptionValueKind::kUint32, true, "CURLOPT_FAILONERROR", CURLOPT_FAILONERROR}, + {curl::fuzzer::proto::CURLOPT_FILETIME, OptionValueKind::kUint32, true, "CURLOPT_FILETIME", CURLOPT_FILETIME}, + {curl::fuzzer::proto::CURLOPT_FOLLOWLOCATION, OptionValueKind::kUint32, true, "CURLOPT_FOLLOWLOCATION", CURLOPT_FOLLOWLOCATION}, + {curl::fuzzer::proto::CURLOPT_FORBID_REUSE, OptionValueKind::kUint32, true, "CURLOPT_FORBID_REUSE", CURLOPT_FORBID_REUSE}, + {curl::fuzzer::proto::CURLOPT_FRESH_CONNECT, OptionValueKind::kUint32, true, "CURLOPT_FRESH_CONNECT", CURLOPT_FRESH_CONNECT}, + {curl::fuzzer::proto::CURLOPT_FTPPORT, OptionValueKind::kString, true, "CURLOPT_FTPPORT", CURLOPT_FTPPORT}, + {curl::fuzzer::proto::CURLOPT_FTPSSLAUTH, OptionValueKind::kUint32, true, "CURLOPT_FTPSSLAUTH", CURLOPT_FTPSSLAUTH}, + {curl::fuzzer::proto::CURLOPT_FTP_ACCOUNT, OptionValueKind::kString, true, "CURLOPT_FTP_ACCOUNT", CURLOPT_FTP_ACCOUNT}, + {curl::fuzzer::proto::CURLOPT_FTP_ALTERNATIVE_TO_USER, OptionValueKind::kString, true, "CURLOPT_FTP_ALTERNATIVE_TO_USER", CURLOPT_FTP_ALTERNATIVE_TO_USER}, + {curl::fuzzer::proto::CURLOPT_FTP_CREATE_MISSING_DIRS, OptionValueKind::kUint32, true, "CURLOPT_FTP_CREATE_MISSING_DIRS", CURLOPT_FTP_CREATE_MISSING_DIRS}, + {curl::fuzzer::proto::CURLOPT_FTP_FILEMETHOD, OptionValueKind::kUint32, true, "CURLOPT_FTP_FILEMETHOD", CURLOPT_FTP_FILEMETHOD}, + {curl::fuzzer::proto::CURLOPT_FTP_SKIP_PASV_IP, OptionValueKind::kUint32, true, "CURLOPT_FTP_SKIP_PASV_IP", CURLOPT_FTP_SKIP_PASV_IP}, + {curl::fuzzer::proto::CURLOPT_FTP_SSL_CCC, OptionValueKind::kUint32, true, "CURLOPT_FTP_SSL_CCC", CURLOPT_FTP_SSL_CCC}, + {curl::fuzzer::proto::CURLOPT_FTP_USE_EPRT, OptionValueKind::kUint32, true, "CURLOPT_FTP_USE_EPRT", CURLOPT_FTP_USE_EPRT}, + {curl::fuzzer::proto::CURLOPT_FTP_USE_EPSV, OptionValueKind::kUint32, true, "CURLOPT_FTP_USE_EPSV", CURLOPT_FTP_USE_EPSV}, + {curl::fuzzer::proto::CURLOPT_FTP_USE_PRET, OptionValueKind::kUint32, true, "CURLOPT_FTP_USE_PRET", CURLOPT_FTP_USE_PRET}, + {curl::fuzzer::proto::CURLOPT_GSSAPI_DELEGATION, OptionValueKind::kUint32, true, "CURLOPT_GSSAPI_DELEGATION", CURLOPT_GSSAPI_DELEGATION}, + {curl::fuzzer::proto::CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS, OptionValueKind::kUint32, true, "CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS", CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS}, + {curl::fuzzer::proto::CURLOPT_HAPROXYPROTOCOL, OptionValueKind::kUint32, true, "CURLOPT_HAPROXYPROTOCOL", CURLOPT_HAPROXYPROTOCOL}, + {curl::fuzzer::proto::CURLOPT_HAPROXY_CLIENT_IP, OptionValueKind::kString, true, "CURLOPT_HAPROXY_CLIENT_IP", CURLOPT_HAPROXY_CLIENT_IP}, + {curl::fuzzer::proto::CURLOPT_HEADER, OptionValueKind::kUint32, true, "CURLOPT_HEADER", CURLOPT_HEADER}, + {curl::fuzzer::proto::CURLOPT_HEADEROPT, OptionValueKind::kUint32, true, "CURLOPT_HEADEROPT", CURLOPT_HEADEROPT}, + {curl::fuzzer::proto::CURLOPT_HSTS_CTRL, OptionValueKind::kUint32, true, "CURLOPT_HSTS_CTRL", CURLOPT_HSTS_CTRL}, + {curl::fuzzer::proto::CURLOPT_HTTP09_ALLOWED, OptionValueKind::kUint32, true, "CURLOPT_HTTP09_ALLOWED", CURLOPT_HTTP09_ALLOWED}, + {curl::fuzzer::proto::CURLOPT_HTTPAUTH, OptionValueKind::kUint32, true, "CURLOPT_HTTPAUTH", CURLOPT_HTTPAUTH}, + {curl::fuzzer::proto::CURLOPT_HTTPGET, OptionValueKind::kUint32, true, "CURLOPT_HTTPGET", CURLOPT_HTTPGET}, + {curl::fuzzer::proto::CURLOPT_HTTPPOST, OptionValueKind::kHttpPost, true, "CURLOPT_HTTPPOST", CURLOPT_HTTPPOST}, + {curl::fuzzer::proto::CURLOPT_HTTPPROXYTUNNEL, OptionValueKind::kUint32, true, "CURLOPT_HTTPPROXYTUNNEL", CURLOPT_HTTPPROXYTUNNEL}, + {curl::fuzzer::proto::CURLOPT_HTTP_CONTENT_DECODING, OptionValueKind::kUint32, true, "CURLOPT_HTTP_CONTENT_DECODING", CURLOPT_HTTP_CONTENT_DECODING}, + {curl::fuzzer::proto::CURLOPT_HTTP_TRANSFER_DECODING, OptionValueKind::kUint32, true, "CURLOPT_HTTP_TRANSFER_DECODING", CURLOPT_HTTP_TRANSFER_DECODING}, + {curl::fuzzer::proto::CURLOPT_HTTP_VERSION, OptionValueKind::kUint32, true, "CURLOPT_HTTP_VERSION", CURLOPT_HTTP_VERSION}, + {curl::fuzzer::proto::CURLOPT_IGNORE_CONTENT_LENGTH, OptionValueKind::kUint32, true, "CURLOPT_IGNORE_CONTENT_LENGTH", CURLOPT_IGNORE_CONTENT_LENGTH}, + {curl::fuzzer::proto::CURLOPT_INFILESIZE_LARGE, OptionValueKind::kUint64, true, "CURLOPT_INFILESIZE_LARGE", CURLOPT_INFILESIZE_LARGE}, + {curl::fuzzer::proto::CURLOPT_INTERFACE, OptionValueKind::kString, true, "CURLOPT_INTERFACE", CURLOPT_INTERFACE}, + {curl::fuzzer::proto::CURLOPT_IPRESOLVE, OptionValueKind::kUint32, true, "CURLOPT_IPRESOLVE", CURLOPT_IPRESOLVE}, + {curl::fuzzer::proto::CURLOPT_ISSUERCERT, OptionValueKind::kString, true, "CURLOPT_ISSUERCERT", CURLOPT_ISSUERCERT}, + {curl::fuzzer::proto::CURLOPT_KEEP_SENDING_ON_ERROR, OptionValueKind::kUint32, true, "CURLOPT_KEEP_SENDING_ON_ERROR", CURLOPT_KEEP_SENDING_ON_ERROR}, + {curl::fuzzer::proto::CURLOPT_KEYPASSWD, OptionValueKind::kString, true, "CURLOPT_KEYPASSWD", CURLOPT_KEYPASSWD}, + {curl::fuzzer::proto::CURLOPT_KRBLEVEL, OptionValueKind::kString, true, "CURLOPT_KRBLEVEL", CURLOPT_KRBLEVEL}, + {curl::fuzzer::proto::CURLOPT_LOCALPORT, OptionValueKind::kUint32, true, "CURLOPT_LOCALPORT", CURLOPT_LOCALPORT}, + {curl::fuzzer::proto::CURLOPT_LOCALPORTRANGE, OptionValueKind::kUint32, true, "CURLOPT_LOCALPORTRANGE", CURLOPT_LOCALPORTRANGE}, + {curl::fuzzer::proto::CURLOPT_LOGIN_OPTIONS, OptionValueKind::kString, true, "CURLOPT_LOGIN_OPTIONS", CURLOPT_LOGIN_OPTIONS}, + {curl::fuzzer::proto::CURLOPT_LOW_SPEED_LIMIT, OptionValueKind::kUint32, true, "CURLOPT_LOW_SPEED_LIMIT", CURLOPT_LOW_SPEED_LIMIT}, + {curl::fuzzer::proto::CURLOPT_LOW_SPEED_TIME, OptionValueKind::kUint32, true, "CURLOPT_LOW_SPEED_TIME", CURLOPT_LOW_SPEED_TIME}, + {curl::fuzzer::proto::CURLOPT_MAIL_AUTH, OptionValueKind::kString, true, "CURLOPT_MAIL_AUTH", CURLOPT_MAIL_AUTH}, + {curl::fuzzer::proto::CURLOPT_MAIL_FROM, OptionValueKind::kString, true, "CURLOPT_MAIL_FROM", CURLOPT_MAIL_FROM}, + {curl::fuzzer::proto::CURLOPT_MAIL_RCPT_ALLOWFAILS, OptionValueKind::kUint32, true, "CURLOPT_MAIL_RCPT_ALLOWFAILS", CURLOPT_MAIL_RCPT_ALLOWFAILS}, + {curl::fuzzer::proto::CURLOPT_MAXAGE_CONN, OptionValueKind::kUint32, true, "CURLOPT_MAXAGE_CONN", CURLOPT_MAXAGE_CONN}, + {curl::fuzzer::proto::CURLOPT_MAXCONNECTS, OptionValueKind::kUint32, true, "CURLOPT_MAXCONNECTS", CURLOPT_MAXCONNECTS}, + {curl::fuzzer::proto::CURLOPT_MAXFILESIZE, OptionValueKind::kUint32, true, "CURLOPT_MAXFILESIZE", CURLOPT_MAXFILESIZE}, + {curl::fuzzer::proto::CURLOPT_MAXFILESIZE_LARGE, OptionValueKind::kUint64, true, "CURLOPT_MAXFILESIZE_LARGE", CURLOPT_MAXFILESIZE_LARGE}, + {curl::fuzzer::proto::CURLOPT_MAXLIFETIME_CONN, OptionValueKind::kUint32, true, "CURLOPT_MAXLIFETIME_CONN", CURLOPT_MAXLIFETIME_CONN}, + {curl::fuzzer::proto::CURLOPT_MAXREDIRS, OptionValueKind::kUint32, true, "CURLOPT_MAXREDIRS", CURLOPT_MAXREDIRS}, + {curl::fuzzer::proto::CURLOPT_MAX_RECV_SPEED_LARGE, OptionValueKind::kUint64, true, "CURLOPT_MAX_RECV_SPEED_LARGE", CURLOPT_MAX_RECV_SPEED_LARGE}, + {curl::fuzzer::proto::CURLOPT_MAX_SEND_SPEED_LARGE, OptionValueKind::kUint64, true, "CURLOPT_MAX_SEND_SPEED_LARGE", CURLOPT_MAX_SEND_SPEED_LARGE}, + {curl::fuzzer::proto::CURLOPT_MIMEPOST, OptionValueKind::kMime, true, "CURLOPT_MIMEPOST", CURLOPT_MIMEPOST}, + {curl::fuzzer::proto::CURLOPT_MIME_OPTIONS, OptionValueKind::kUint32, true, "CURLOPT_MIME_OPTIONS", CURLOPT_MIME_OPTIONS}, + {curl::fuzzer::proto::CURLOPT_NETRC, OptionValueKind::kUint32, true, "CURLOPT_NETRC", CURLOPT_NETRC}, + {curl::fuzzer::proto::CURLOPT_NEW_DIRECTORY_PERMS, OptionValueKind::kUint32, true, "CURLOPT_NEW_DIRECTORY_PERMS", CURLOPT_NEW_DIRECTORY_PERMS}, + {curl::fuzzer::proto::CURLOPT_NEW_FILE_PERMS, OptionValueKind::kUint32, true, "CURLOPT_NEW_FILE_PERMS", CURLOPT_NEW_FILE_PERMS}, + {curl::fuzzer::proto::CURLOPT_NOBODY, OptionValueKind::kUint32, true, "CURLOPT_NOBODY", CURLOPT_NOBODY}, + {curl::fuzzer::proto::CURLOPT_NOPROGRESS, OptionValueKind::kUint32, true, "CURLOPT_NOPROGRESS", CURLOPT_NOPROGRESS}, + {curl::fuzzer::proto::CURLOPT_NOPROXY, OptionValueKind::kString, true, "CURLOPT_NOPROXY", CURLOPT_NOPROXY}, + {curl::fuzzer::proto::CURLOPT_NOSIGNAL, OptionValueKind::kUint32, true, "CURLOPT_NOSIGNAL", CURLOPT_NOSIGNAL}, + {curl::fuzzer::proto::CURLOPT_PASSWORD, OptionValueKind::kString, true, "CURLOPT_PASSWORD", CURLOPT_PASSWORD}, + {curl::fuzzer::proto::CURLOPT_PATH_AS_IS, OptionValueKind::kUint32, true, "CURLOPT_PATH_AS_IS", CURLOPT_PATH_AS_IS}, + {curl::fuzzer::proto::CURLOPT_PINNEDPUBLICKEY, OptionValueKind::kString, true, "CURLOPT_PINNEDPUBLICKEY", CURLOPT_PINNEDPUBLICKEY}, + {curl::fuzzer::proto::CURLOPT_PIPEWAIT, OptionValueKind::kUint32, true, "CURLOPT_PIPEWAIT", CURLOPT_PIPEWAIT}, + {curl::fuzzer::proto::CURLOPT_PORT, OptionValueKind::kUint32, true, "CURLOPT_PORT", CURLOPT_PORT}, + {curl::fuzzer::proto::CURLOPT_POST, OptionValueKind::kUint32, true, "CURLOPT_POST", CURLOPT_POST}, + {curl::fuzzer::proto::CURLOPT_POSTFIELDS, OptionValueKind::kString, true, "CURLOPT_POSTFIELDS", CURLOPT_POSTFIELDS}, + {curl::fuzzer::proto::CURLOPT_POSTFIELDSIZE, OptionValueKind::kUint32, true, "CURLOPT_POSTFIELDSIZE", CURLOPT_POSTFIELDSIZE}, + {curl::fuzzer::proto::CURLOPT_POSTFIELDSIZE_LARGE, OptionValueKind::kUint64, true, "CURLOPT_POSTFIELDSIZE_LARGE", CURLOPT_POSTFIELDSIZE_LARGE}, + {curl::fuzzer::proto::CURLOPT_POSTREDIR, OptionValueKind::kUint32, true, "CURLOPT_POSTREDIR", CURLOPT_POSTREDIR}, + {curl::fuzzer::proto::CURLOPT_PRE_PROXY, OptionValueKind::kString, true, "CURLOPT_PRE_PROXY", CURLOPT_PRE_PROXY}, + {curl::fuzzer::proto::CURLOPT_PROXY, OptionValueKind::kString, true, "CURLOPT_PROXY", CURLOPT_PROXY}, + {curl::fuzzer::proto::CURLOPT_PROXYAUTH, OptionValueKind::kUint32, true, "CURLOPT_PROXYAUTH", CURLOPT_PROXYAUTH}, + {curl::fuzzer::proto::CURLOPT_PROXYPASSWORD, OptionValueKind::kString, true, "CURLOPT_PROXYPASSWORD", CURLOPT_PROXYPASSWORD}, + {curl::fuzzer::proto::CURLOPT_PROXYPORT, OptionValueKind::kUint32, true, "CURLOPT_PROXYPORT", CURLOPT_PROXYPORT}, + {curl::fuzzer::proto::CURLOPT_PROXYTYPE, OptionValueKind::kUint32, true, "CURLOPT_PROXYTYPE", CURLOPT_PROXYTYPE}, + {curl::fuzzer::proto::CURLOPT_PROXYUSERNAME, OptionValueKind::kString, true, "CURLOPT_PROXYUSERNAME", CURLOPT_PROXYUSERNAME}, + {curl::fuzzer::proto::CURLOPT_PROXYUSERPWD, OptionValueKind::kString, true, "CURLOPT_PROXYUSERPWD", CURLOPT_PROXYUSERPWD}, + {curl::fuzzer::proto::CURLOPT_PROXY_CAINFO, OptionValueKind::kString, true, "CURLOPT_PROXY_CAINFO", CURLOPT_PROXY_CAINFO}, + {curl::fuzzer::proto::CURLOPT_PROXY_CAPATH, OptionValueKind::kString, true, "CURLOPT_PROXY_CAPATH", CURLOPT_PROXY_CAPATH}, + {curl::fuzzer::proto::CURLOPT_PROXY_CRLFILE, OptionValueKind::kString, true, "CURLOPT_PROXY_CRLFILE", CURLOPT_PROXY_CRLFILE}, + {curl::fuzzer::proto::CURLOPT_PROXY_ISSUERCERT, OptionValueKind::kString, true, "CURLOPT_PROXY_ISSUERCERT", CURLOPT_PROXY_ISSUERCERT}, + {curl::fuzzer::proto::CURLOPT_PROXY_KEYPASSWD, OptionValueKind::kString, true, "CURLOPT_PROXY_KEYPASSWD", CURLOPT_PROXY_KEYPASSWD}, + {curl::fuzzer::proto::CURLOPT_PROXY_PINNEDPUBLICKEY, OptionValueKind::kString, true, "CURLOPT_PROXY_PINNEDPUBLICKEY", CURLOPT_PROXY_PINNEDPUBLICKEY}, + {curl::fuzzer::proto::CURLOPT_PROXY_SERVICE_NAME, OptionValueKind::kString, true, "CURLOPT_PROXY_SERVICE_NAME", CURLOPT_PROXY_SERVICE_NAME}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSLCERT, OptionValueKind::kString, true, "CURLOPT_PROXY_SSLCERT", CURLOPT_PROXY_SSLCERT}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSLCERTTYPE, OptionValueKind::kString, true, "CURLOPT_PROXY_SSLCERTTYPE", CURLOPT_PROXY_SSLCERTTYPE}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSLKEY, OptionValueKind::kString, true, "CURLOPT_PROXY_SSLKEY", CURLOPT_PROXY_SSLKEY}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSLKEYTYPE, OptionValueKind::kString, true, "CURLOPT_PROXY_SSLKEYTYPE", CURLOPT_PROXY_SSLKEYTYPE}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSLVERSION, OptionValueKind::kUint32, true, "CURLOPT_PROXY_SSLVERSION", CURLOPT_PROXY_SSLVERSION}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSL_CIPHER_LIST, OptionValueKind::kString, true, "CURLOPT_PROXY_SSL_CIPHER_LIST", CURLOPT_PROXY_SSL_CIPHER_LIST}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSL_OPTIONS, OptionValueKind::kUint32, true, "CURLOPT_PROXY_SSL_OPTIONS", CURLOPT_PROXY_SSL_OPTIONS}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSL_VERIFYHOST, OptionValueKind::kUint32, true, "CURLOPT_PROXY_SSL_VERIFYHOST", CURLOPT_PROXY_SSL_VERIFYHOST}, + {curl::fuzzer::proto::CURLOPT_PROXY_SSL_VERIFYPEER, OptionValueKind::kUint32, true, "CURLOPT_PROXY_SSL_VERIFYPEER", CURLOPT_PROXY_SSL_VERIFYPEER}, + {curl::fuzzer::proto::CURLOPT_PROXY_TLS13_CIPHERS, OptionValueKind::kString, true, "CURLOPT_PROXY_TLS13_CIPHERS", CURLOPT_PROXY_TLS13_CIPHERS}, + {curl::fuzzer::proto::CURLOPT_PROXY_TLSAUTH_PASSWORD, OptionValueKind::kString, true, "CURLOPT_PROXY_TLSAUTH_PASSWORD", CURLOPT_PROXY_TLSAUTH_PASSWORD}, + {curl::fuzzer::proto::CURLOPT_PROXY_TLSAUTH_TYPE, OptionValueKind::kString, true, "CURLOPT_PROXY_TLSAUTH_TYPE", CURLOPT_PROXY_TLSAUTH_TYPE}, + {curl::fuzzer::proto::CURLOPT_PROXY_TLSAUTH_USERNAME, OptionValueKind::kString, true, "CURLOPT_PROXY_TLSAUTH_USERNAME", CURLOPT_PROXY_TLSAUTH_USERNAME}, + {curl::fuzzer::proto::CURLOPT_PROXY_TRANSFER_MODE, OptionValueKind::kUint32, true, "CURLOPT_PROXY_TRANSFER_MODE", CURLOPT_PROXY_TRANSFER_MODE}, + {curl::fuzzer::proto::CURLOPT_QUICK_EXIT, OptionValueKind::kUint32, true, "CURLOPT_QUICK_EXIT", CURLOPT_QUICK_EXIT}, + {curl::fuzzer::proto::CURLOPT_RANGE, OptionValueKind::kString, true, "CURLOPT_RANGE", CURLOPT_RANGE}, + {curl::fuzzer::proto::CURLOPT_REDIR_PROTOCOLS_STR, OptionValueKind::kString, true, "CURLOPT_REDIR_PROTOCOLS_STR", CURLOPT_REDIR_PROTOCOLS_STR}, + {curl::fuzzer::proto::CURLOPT_REFERER, OptionValueKind::kString, true, "CURLOPT_REFERER", CURLOPT_REFERER}, + {curl::fuzzer::proto::CURLOPT_REQUEST_TARGET, OptionValueKind::kString, true, "CURLOPT_REQUEST_TARGET", CURLOPT_REQUEST_TARGET}, + {curl::fuzzer::proto::CURLOPT_RESUME_FROM, OptionValueKind::kUint32, true, "CURLOPT_RESUME_FROM", CURLOPT_RESUME_FROM}, + {curl::fuzzer::proto::CURLOPT_RESUME_FROM_LARGE, OptionValueKind::kUint64, true, "CURLOPT_RESUME_FROM_LARGE", CURLOPT_RESUME_FROM_LARGE}, + {curl::fuzzer::proto::CURLOPT_RTSP_CLIENT_CSEQ, OptionValueKind::kUint32, true, "CURLOPT_RTSP_CLIENT_CSEQ", CURLOPT_RTSP_CLIENT_CSEQ}, + {curl::fuzzer::proto::CURLOPT_RTSP_REQUEST, OptionValueKind::kUint32, true, "CURLOPT_RTSP_REQUEST", CURLOPT_RTSP_REQUEST}, + {curl::fuzzer::proto::CURLOPT_RTSP_SERVER_CSEQ, OptionValueKind::kUint32, true, "CURLOPT_RTSP_SERVER_CSEQ", CURLOPT_RTSP_SERVER_CSEQ}, + {curl::fuzzer::proto::CURLOPT_RTSP_SESSION_ID, OptionValueKind::kString, true, "CURLOPT_RTSP_SESSION_ID", CURLOPT_RTSP_SESSION_ID}, + {curl::fuzzer::proto::CURLOPT_RTSP_STREAM_URI, OptionValueKind::kString, true, "CURLOPT_RTSP_STREAM_URI", CURLOPT_RTSP_STREAM_URI}, + {curl::fuzzer::proto::CURLOPT_RTSP_TRANSPORT, OptionValueKind::kString, true, "CURLOPT_RTSP_TRANSPORT", CURLOPT_RTSP_TRANSPORT}, + {curl::fuzzer::proto::CURLOPT_SASL_AUTHZID, OptionValueKind::kString, true, "CURLOPT_SASL_AUTHZID", CURLOPT_SASL_AUTHZID}, + {curl::fuzzer::proto::CURLOPT_SASL_IR, OptionValueKind::kUint32, true, "CURLOPT_SASL_IR", CURLOPT_SASL_IR}, + {curl::fuzzer::proto::CURLOPT_SERVER_RESPONSE_TIMEOUT_MS, OptionValueKind::kUint32, true, "CURLOPT_SERVER_RESPONSE_TIMEOUT_MS", CURLOPT_SERVER_RESPONSE_TIMEOUT_MS}, + {curl::fuzzer::proto::CURLOPT_SERVICE_NAME, OptionValueKind::kString, true, "CURLOPT_SERVICE_NAME", CURLOPT_SERVICE_NAME}, + {curl::fuzzer::proto::CURLOPT_SOCKS5_AUTH, OptionValueKind::kUint32, true, "CURLOPT_SOCKS5_AUTH", CURLOPT_SOCKS5_AUTH}, + {curl::fuzzer::proto::CURLOPT_SOCKS5_GSSAPI_NEC, OptionValueKind::kUint32, true, "CURLOPT_SOCKS5_GSSAPI_NEC", CURLOPT_SOCKS5_GSSAPI_NEC}, + {curl::fuzzer::proto::CURLOPT_SSH_AUTH_TYPES, OptionValueKind::kUint32, true, "CURLOPT_SSH_AUTH_TYPES", CURLOPT_SSH_AUTH_TYPES}, + {curl::fuzzer::proto::CURLOPT_SSH_COMPRESSION, OptionValueKind::kUint32, true, "CURLOPT_SSH_COMPRESSION", CURLOPT_SSH_COMPRESSION}, + {curl::fuzzer::proto::CURLOPT_SSH_HOST_PUBLIC_KEY_MD5, OptionValueKind::kString, true, "CURLOPT_SSH_HOST_PUBLIC_KEY_MD5", CURLOPT_SSH_HOST_PUBLIC_KEY_MD5}, + {curl::fuzzer::proto::CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256, OptionValueKind::kString, true, "CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256", CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256}, + {curl::fuzzer::proto::CURLOPT_SSH_KNOWNHOSTS, OptionValueKind::kString, true, "CURLOPT_SSH_KNOWNHOSTS", CURLOPT_SSH_KNOWNHOSTS}, + {curl::fuzzer::proto::CURLOPT_SSH_PRIVATE_KEYFILE, OptionValueKind::kString, true, "CURLOPT_SSH_PRIVATE_KEYFILE", CURLOPT_SSH_PRIVATE_KEYFILE}, + {curl::fuzzer::proto::CURLOPT_SSH_PUBLIC_KEYFILE, OptionValueKind::kString, true, "CURLOPT_SSH_PUBLIC_KEYFILE", CURLOPT_SSH_PUBLIC_KEYFILE}, + {curl::fuzzer::proto::CURLOPT_SSLCERT, OptionValueKind::kString, true, "CURLOPT_SSLCERT", CURLOPT_SSLCERT}, + {curl::fuzzer::proto::CURLOPT_SSLCERTTYPE, OptionValueKind::kString, true, "CURLOPT_SSLCERTTYPE", CURLOPT_SSLCERTTYPE}, + {curl::fuzzer::proto::CURLOPT_SSLENGINE, OptionValueKind::kString, true, "CURLOPT_SSLENGINE", CURLOPT_SSLENGINE}, + {curl::fuzzer::proto::CURLOPT_SSLENGINE_DEFAULT, OptionValueKind::kUint32, true, "CURLOPT_SSLENGINE_DEFAULT", CURLOPT_SSLENGINE_DEFAULT}, + {curl::fuzzer::proto::CURLOPT_SSLKEY, OptionValueKind::kString, true, "CURLOPT_SSLKEY", CURLOPT_SSLKEY}, + {curl::fuzzer::proto::CURLOPT_SSLKEYTYPE, OptionValueKind::kString, true, "CURLOPT_SSLKEYTYPE", CURLOPT_SSLKEYTYPE}, + {curl::fuzzer::proto::CURLOPT_SSLVERSION, OptionValueKind::kUint32, true, "CURLOPT_SSLVERSION", CURLOPT_SSLVERSION}, + {curl::fuzzer::proto::CURLOPT_SSL_CIPHER_LIST, OptionValueKind::kString, true, "CURLOPT_SSL_CIPHER_LIST", CURLOPT_SSL_CIPHER_LIST}, + {curl::fuzzer::proto::CURLOPT_SSL_EC_CURVES, OptionValueKind::kString, true, "CURLOPT_SSL_EC_CURVES", CURLOPT_SSL_EC_CURVES}, + {curl::fuzzer::proto::CURLOPT_SSL_ENABLE_ALPN, OptionValueKind::kUint32, true, "CURLOPT_SSL_ENABLE_ALPN", CURLOPT_SSL_ENABLE_ALPN}, + {curl::fuzzer::proto::CURLOPT_SSL_FALSESTART, OptionValueKind::kUint32, true, "CURLOPT_SSL_FALSESTART", CURLOPT_SSL_FALSESTART}, + {curl::fuzzer::proto::CURLOPT_SSL_OPTIONS, OptionValueKind::kUint32, true, "CURLOPT_SSL_OPTIONS", CURLOPT_SSL_OPTIONS}, + {curl::fuzzer::proto::CURLOPT_SSL_SESSIONID_CACHE, OptionValueKind::kUint32, true, "CURLOPT_SSL_SESSIONID_CACHE", CURLOPT_SSL_SESSIONID_CACHE}, + {curl::fuzzer::proto::CURLOPT_SSL_VERIFYHOST, OptionValueKind::kUint32, true, "CURLOPT_SSL_VERIFYHOST", CURLOPT_SSL_VERIFYHOST}, + {curl::fuzzer::proto::CURLOPT_SSL_VERIFYPEER, OptionValueKind::kUint32, true, "CURLOPT_SSL_VERIFYPEER", CURLOPT_SSL_VERIFYPEER}, + {curl::fuzzer::proto::CURLOPT_SSL_VERIFYSTATUS, OptionValueKind::kUint32, true, "CURLOPT_SSL_VERIFYSTATUS", CURLOPT_SSL_VERIFYSTATUS}, + {curl::fuzzer::proto::CURLOPT_STREAM_WEIGHT, OptionValueKind::kUint32, true, "CURLOPT_STREAM_WEIGHT", CURLOPT_STREAM_WEIGHT}, + {curl::fuzzer::proto::CURLOPT_SUPPRESS_CONNECT_HEADERS, OptionValueKind::kUint32, true, "CURLOPT_SUPPRESS_CONNECT_HEADERS", CURLOPT_SUPPRESS_CONNECT_HEADERS}, + {curl::fuzzer::proto::CURLOPT_TCP_FASTOPEN, OptionValueKind::kUint32, true, "CURLOPT_TCP_FASTOPEN", CURLOPT_TCP_FASTOPEN}, + {curl::fuzzer::proto::CURLOPT_TCP_KEEPALIVE, OptionValueKind::kUint32, true, "CURLOPT_TCP_KEEPALIVE", CURLOPT_TCP_KEEPALIVE}, + {curl::fuzzer::proto::CURLOPT_TCP_KEEPCNT, OptionValueKind::kUint32, true, "CURLOPT_TCP_KEEPCNT", CURLOPT_TCP_KEEPCNT}, + {curl::fuzzer::proto::CURLOPT_TCP_KEEPIDLE, OptionValueKind::kUint32, true, "CURLOPT_TCP_KEEPIDLE", CURLOPT_TCP_KEEPIDLE}, + {curl::fuzzer::proto::CURLOPT_TCP_KEEPINTVL, OptionValueKind::kUint32, true, "CURLOPT_TCP_KEEPINTVL", CURLOPT_TCP_KEEPINTVL}, + {curl::fuzzer::proto::CURLOPT_TCP_NODELAY, OptionValueKind::kUint32, true, "CURLOPT_TCP_NODELAY", CURLOPT_TCP_NODELAY}, + {curl::fuzzer::proto::CURLOPT_TFTP_BLKSIZE, OptionValueKind::kUint32, true, "CURLOPT_TFTP_BLKSIZE", CURLOPT_TFTP_BLKSIZE}, + {curl::fuzzer::proto::CURLOPT_TFTP_NO_OPTIONS, OptionValueKind::kUint32, true, "CURLOPT_TFTP_NO_OPTIONS", CURLOPT_TFTP_NO_OPTIONS}, + {curl::fuzzer::proto::CURLOPT_TIMECONDITION, OptionValueKind::kUint32, true, "CURLOPT_TIMECONDITION", CURLOPT_TIMECONDITION}, + {curl::fuzzer::proto::CURLOPT_TIMEVALUE, OptionValueKind::kUint32, true, "CURLOPT_TIMEVALUE", CURLOPT_TIMEVALUE}, + {curl::fuzzer::proto::CURLOPT_TIMEVALUE_LARGE, OptionValueKind::kUint64, true, "CURLOPT_TIMEVALUE_LARGE", CURLOPT_TIMEVALUE_LARGE}, + {curl::fuzzer::proto::CURLOPT_TLS13_CIPHERS, OptionValueKind::kString, true, "CURLOPT_TLS13_CIPHERS", CURLOPT_TLS13_CIPHERS}, + {curl::fuzzer::proto::CURLOPT_TLSAUTH_PASSWORD, OptionValueKind::kString, true, "CURLOPT_TLSAUTH_PASSWORD", CURLOPT_TLSAUTH_PASSWORD}, + {curl::fuzzer::proto::CURLOPT_TLSAUTH_TYPE, OptionValueKind::kString, true, "CURLOPT_TLSAUTH_TYPE", CURLOPT_TLSAUTH_TYPE}, + {curl::fuzzer::proto::CURLOPT_TLSAUTH_USERNAME, OptionValueKind::kString, true, "CURLOPT_TLSAUTH_USERNAME", CURLOPT_TLSAUTH_USERNAME}, + {curl::fuzzer::proto::CURLOPT_TRANSFERTEXT, OptionValueKind::kUint32, true, "CURLOPT_TRANSFERTEXT", CURLOPT_TRANSFERTEXT}, + {curl::fuzzer::proto::CURLOPT_TRANSFER_ENCODING, OptionValueKind::kUint32, true, "CURLOPT_TRANSFER_ENCODING", CURLOPT_TRANSFER_ENCODING}, + {curl::fuzzer::proto::CURLOPT_UNIX_SOCKET_PATH, OptionValueKind::kString, true, "CURLOPT_UNIX_SOCKET_PATH", CURLOPT_UNIX_SOCKET_PATH}, + {curl::fuzzer::proto::CURLOPT_UNRESTRICTED_AUTH, OptionValueKind::kUint32, true, "CURLOPT_UNRESTRICTED_AUTH", CURLOPT_UNRESTRICTED_AUTH}, + {curl::fuzzer::proto::CURLOPT_UPKEEP_INTERVAL_MS, OptionValueKind::kUint32, true, "CURLOPT_UPKEEP_INTERVAL_MS", CURLOPT_UPKEEP_INTERVAL_MS}, + {curl::fuzzer::proto::CURLOPT_UPLOAD, OptionValueKind::kBool, true, "CURLOPT_UPLOAD", CURLOPT_UPLOAD}, + {curl::fuzzer::proto::CURLOPT_UPLOAD_BUFFERSIZE, OptionValueKind::kUint32, true, "CURLOPT_UPLOAD_BUFFERSIZE", CURLOPT_UPLOAD_BUFFERSIZE}, + {curl::fuzzer::proto::CURLOPT_URL, OptionValueKind::kString, true, "CURLOPT_URL", CURLOPT_URL}, + {curl::fuzzer::proto::CURLOPT_USERAGENT, OptionValueKind::kString, true, "CURLOPT_USERAGENT", CURLOPT_USERAGENT}, + {curl::fuzzer::proto::CURLOPT_USERNAME, OptionValueKind::kString, true, "CURLOPT_USERNAME", CURLOPT_USERNAME}, + {curl::fuzzer::proto::CURLOPT_USERPWD, OptionValueKind::kString, true, "CURLOPT_USERPWD", CURLOPT_USERPWD}, + {curl::fuzzer::proto::CURLOPT_USE_SSL, OptionValueKind::kUint32, true, "CURLOPT_USE_SSL", CURLOPT_USE_SSL}, + {curl::fuzzer::proto::CURLOPT_WILDCARDMATCH, OptionValueKind::kUint32, true, "CURLOPT_WILDCARDMATCH", CURLOPT_WILDCARDMATCH}, + {curl::fuzzer::proto::CURLOPT_WS_OPTIONS, OptionValueKind::kUint32, true, "CURLOPT_WS_OPTIONS", CURLOPT_WS_OPTIONS}, + {curl::fuzzer::proto::CURLOPT_XOAUTH2_BEARER, OptionValueKind::kString, true, "CURLOPT_XOAUTH2_BEARER", CURLOPT_XOAUTH2_BEARER}, +}; +static constexpr size_t kOptionManifestSize = sizeof(kOptionManifest) / sizeof(kOptionManifest[0]); diff --git a/schemas/curl_fuzzer.proto b/schemas/curl_fuzzer.proto index 4e91236a..5d25bea4 100644 --- a/schemas/curl_fuzzer.proto +++ b/schemas/curl_fuzzer.proto @@ -190,218 +190,218 @@ enum ShutdownPolicy { // intentionally mirror libcurl's `CURLOPT_*` constants for readability. enum CurlOptionId { CURL_OPTION_UNSPECIFIED = 0; - CURLOPT_ABSTRACT_UNIX_SOCKET = 1; - CURLOPT_ACCEPTTIMEOUT_MS = 2; - CURLOPT_ACCEPT_ENCODING = 3; - CURLOPT_ADDRESS_SCOPE = 4; - CURLOPT_ALTSVC_CTRL = 5; - CURLOPT_APPEND = 6; - CURLOPT_AUTOREFERER = 7; - CURLOPT_AWS_SIGV4 = 8; - CURLOPT_BUFFERSIZE = 9; - CURLOPT_CAINFO = 10; - CURLOPT_CAPATH = 11; - CURLOPT_CA_CACHE_TIMEOUT = 12; - CURLOPT_CERTINFO = 13; - CURLOPT_CONNECTTIMEOUT = 14; - CURLOPT_CONNECTTIMEOUT_MS = 15; - CURLOPT_CONNECT_ONLY = 16; - CURLOPT_COOKIE = 17; - CURLOPT_COOKIEFILE = 18; - CURLOPT_COOKIEJAR = 19; - CURLOPT_COOKIELIST = 20; - CURLOPT_COOKIESESSION = 21; - CURLOPT_CUSTOMREQUEST = 22; - CURLOPT_DEFAULT_PROTOCOL = 23; - CURLOPT_DIRLISTONLY = 24; - CURLOPT_DISALLOW_USERNAME_IN_URL = 25; - CURLOPT_DNS_CACHE_TIMEOUT = 26; - CURLOPT_DNS_INTERFACE = 27; - CURLOPT_DNS_LOCAL_IP4 = 28; - CURLOPT_DNS_LOCAL_IP6 = 29; - CURLOPT_DNS_SERVERS = 30; - CURLOPT_DNS_SHUFFLE_ADDRESSES = 31; - CURLOPT_DOH_SSL_VERIFYHOST = 32; - CURLOPT_DOH_SSL_VERIFYPEER = 33; - CURLOPT_DOH_SSL_VERIFYSTATUS = 34; - CURLOPT_DOH_URL = 35; - CURLOPT_ECH = 36; - CURLOPT_EXPECT_100_TIMEOUT_MS = 37; - CURLOPT_FAILONERROR = 38; - CURLOPT_FILETIME = 39; - CURLOPT_FOLLOWLOCATION = 40; - CURLOPT_FORBID_REUSE = 41; - CURLOPT_FRESH_CONNECT = 42; - CURLOPT_FTPPORT = 43; - CURLOPT_FTPSSLAUTH = 44; - CURLOPT_FTP_ACCOUNT = 45; - CURLOPT_FTP_ALTERNATIVE_TO_USER = 46; - CURLOPT_FTP_CREATE_MISSING_DIRS = 47; - CURLOPT_FTP_FILEMETHOD = 48; - CURLOPT_FTP_SKIP_PASV_IP = 49; - CURLOPT_FTP_SSL_CCC = 50; - CURLOPT_FTP_USE_EPRT = 51; - CURLOPT_FTP_USE_EPSV = 52; - CURLOPT_FTP_USE_PRET = 53; - CURLOPT_GSSAPI_DELEGATION = 54; - CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS = 55; - CURLOPT_HAPROXYPROTOCOL = 56; - CURLOPT_HAPROXY_CLIENT_IP = 57; - CURLOPT_HEADER = 58; - CURLOPT_HEADEROPT = 59; - CURLOPT_HSTS_CTRL = 60; - CURLOPT_HTTP09_ALLOWED = 61; - CURLOPT_HTTPAUTH = 62; - CURLOPT_HTTPGET = 63; - CURLOPT_HTTPPOST = 64; - CURLOPT_HTTPPROXYTUNNEL = 65; - CURLOPT_HTTP_CONTENT_DECODING = 66; - CURLOPT_HTTP_TRANSFER_DECODING = 67; - CURLOPT_HTTP_VERSION = 68; - CURLOPT_IGNORE_CONTENT_LENGTH = 69; - CURLOPT_INFILESIZE_LARGE = 70; - CURLOPT_INTERFACE = 71; - CURLOPT_IPRESOLVE = 72; - CURLOPT_ISSUERCERT = 73; - CURLOPT_KEEP_SENDING_ON_ERROR = 74; - CURLOPT_KEYPASSWD = 75; - CURLOPT_KRBLEVEL = 76; - CURLOPT_LOCALPORT = 77; - CURLOPT_LOCALPORTRANGE = 78; - CURLOPT_LOGIN_OPTIONS = 79; - CURLOPT_LOW_SPEED_LIMIT = 80; - CURLOPT_LOW_SPEED_TIME = 81; - CURLOPT_MAIL_AUTH = 82; - CURLOPT_MAIL_FROM = 83; - CURLOPT_MAIL_RCPT_ALLOWFAILS = 84; - CURLOPT_MAXAGE_CONN = 85; - CURLOPT_MAXCONNECTS = 86; - CURLOPT_MAXFILESIZE = 87; - CURLOPT_MAXFILESIZE_LARGE = 88; - CURLOPT_MAXLIFETIME_CONN = 89; - CURLOPT_MAXREDIRS = 90; - CURLOPT_MAX_RECV_SPEED_LARGE = 91; - CURLOPT_MAX_SEND_SPEED_LARGE = 92; - CURLOPT_MIMEPOST = 93; - CURLOPT_MIME_OPTIONS = 94; - CURLOPT_NETRC = 95; - CURLOPT_NEW_DIRECTORY_PERMS = 96; - CURLOPT_NEW_FILE_PERMS = 97; - CURLOPT_NOBODY = 98; - CURLOPT_NOPROGRESS = 99; - CURLOPT_NOPROXY = 100; - CURLOPT_NOSIGNAL = 101; - CURLOPT_PASSWORD = 102; - CURLOPT_PATH_AS_IS = 103; - CURLOPT_PINNEDPUBLICKEY = 104; - CURLOPT_PIPEWAIT = 105; - CURLOPT_PORT = 106; - CURLOPT_POST = 107; - CURLOPT_POSTFIELDS = 108; - CURLOPT_POSTFIELDSIZE = 109; - CURLOPT_POSTFIELDSIZE_LARGE = 110; - CURLOPT_POSTREDIR = 111; - CURLOPT_PRE_PROXY = 112; - CURLOPT_PROXY = 113; - CURLOPT_PROXYAUTH = 114; - CURLOPT_PROXYPASSWORD = 115; - CURLOPT_PROXYPORT = 116; - CURLOPT_PROXYTYPE = 117; - CURLOPT_PROXYUSERNAME = 118; - CURLOPT_PROXYUSERPWD = 119; - CURLOPT_PROXY_CAINFO = 120; - CURLOPT_PROXY_CAPATH = 121; - CURLOPT_PROXY_CRLFILE = 122; - CURLOPT_PROXY_ISSUERCERT = 123; - CURLOPT_PROXY_KEYPASSWD = 124; - CURLOPT_PROXY_PINNEDPUBLICKEY = 125; - CURLOPT_PROXY_SERVICE_NAME = 126; - CURLOPT_PROXY_SSLCERT = 127; - CURLOPT_PROXY_SSLCERTTYPE = 128; - CURLOPT_PROXY_SSLKEY = 129; - CURLOPT_PROXY_SSLKEYTYPE = 130; - CURLOPT_PROXY_SSLVERSION = 131; - CURLOPT_PROXY_SSL_CIPHER_LIST = 132; - CURLOPT_PROXY_SSL_OPTIONS = 133; - CURLOPT_PROXY_SSL_VERIFYHOST = 134; - CURLOPT_PROXY_SSL_VERIFYPEER = 135; - CURLOPT_PROXY_TLS13_CIPHERS = 136; - CURLOPT_PROXY_TLSAUTH_PASSWORD = 137; - CURLOPT_PROXY_TLSAUTH_TYPE = 138; - CURLOPT_PROXY_TLSAUTH_USERNAME = 139; - CURLOPT_PROXY_TRANSFER_MODE = 140; - CURLOPT_QUICK_EXIT = 141; - CURLOPT_RANGE = 142; - CURLOPT_REDIR_PROTOCOLS_STR = 143; - CURLOPT_REFERER = 144; - CURLOPT_REQUEST_TARGET = 145; - CURLOPT_RESUME_FROM = 146; - CURLOPT_RESUME_FROM_LARGE = 147; - CURLOPT_RTSP_CLIENT_CSEQ = 148; - CURLOPT_RTSP_REQUEST = 149; - CURLOPT_RTSP_SERVER_CSEQ = 150; - CURLOPT_RTSP_SESSION_ID = 151; - CURLOPT_RTSP_STREAM_URI = 152; - CURLOPT_RTSP_TRANSPORT = 153; - CURLOPT_SASL_AUTHZID = 154; - CURLOPT_SASL_IR = 155; - CURLOPT_SERVER_RESPONSE_TIMEOUT_MS = 156; - CURLOPT_SERVICE_NAME = 157; - CURLOPT_SOCKS5_AUTH = 158; - CURLOPT_SOCKS5_GSSAPI_NEC = 159; - CURLOPT_SSH_AUTH_TYPES = 160; - CURLOPT_SSH_COMPRESSION = 161; - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 = 162; - CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 = 163; - CURLOPT_SSH_KNOWNHOSTS = 164; - CURLOPT_SSH_PRIVATE_KEYFILE = 165; - CURLOPT_SSH_PUBLIC_KEYFILE = 166; - CURLOPT_SSLCERT = 167; - CURLOPT_SSLCERTTYPE = 168; - CURLOPT_SSLENGINE = 169; - CURLOPT_SSLENGINE_DEFAULT = 170; - CURLOPT_SSLKEY = 171; - CURLOPT_SSLKEYTYPE = 172; - CURLOPT_SSLVERSION = 173; - CURLOPT_SSL_CIPHER_LIST = 174; - CURLOPT_SSL_EC_CURVES = 175; - CURLOPT_SSL_ENABLE_ALPN = 176; - CURLOPT_SSL_FALSESTART = 177; - CURLOPT_SSL_OPTIONS = 178; - CURLOPT_SSL_SESSIONID_CACHE = 179; - CURLOPT_SSL_VERIFYHOST = 180; - CURLOPT_SSL_VERIFYPEER = 181; - CURLOPT_SSL_VERIFYSTATUS = 182; - CURLOPT_STREAM_WEIGHT = 183; - CURLOPT_SUPPRESS_CONNECT_HEADERS = 184; - CURLOPT_TCP_FASTOPEN = 185; - CURLOPT_TCP_KEEPALIVE = 186; - CURLOPT_TCP_KEEPCNT = 187; - CURLOPT_TCP_KEEPIDLE = 188; - CURLOPT_TCP_KEEPINTVL = 189; - CURLOPT_TCP_NODELAY = 190; - CURLOPT_TFTP_BLKSIZE = 191; - CURLOPT_TFTP_NO_OPTIONS = 192; - CURLOPT_TIMECONDITION = 193; - CURLOPT_TIMEVALUE = 194; - CURLOPT_TIMEVALUE_LARGE = 195; - CURLOPT_TLS13_CIPHERS = 196; - CURLOPT_TLSAUTH_PASSWORD = 197; - CURLOPT_TLSAUTH_TYPE = 198; - CURLOPT_TLSAUTH_USERNAME = 199; - CURLOPT_TRANSFERTEXT = 200; - CURLOPT_TRANSFER_ENCODING = 201; - CURLOPT_UNIX_SOCKET_PATH = 202; - CURLOPT_UNRESTRICTED_AUTH = 203; - CURLOPT_UPKEEP_INTERVAL_MS = 204; - CURLOPT_UPLOAD = 205; - CURLOPT_UPLOAD_BUFFERSIZE = 206; - CURLOPT_URL = 207; - CURLOPT_USERAGENT = 208; - CURLOPT_USERNAME = 209; - CURLOPT_USERPWD = 210; - CURLOPT_USE_SSL = 211; - CURLOPT_WILDCARDMATCH = 212; - CURLOPT_WS_OPTIONS = 213; - CURLOPT_XOAUTH2_BEARER = 214; + CURLOPT_ABSTRACT_UNIX_SOCKET = 10264; + CURLOPT_ACCEPTTIMEOUT_MS = 212; + CURLOPT_ACCEPT_ENCODING = 10102; + CURLOPT_ADDRESS_SCOPE = 171; + CURLOPT_ALTSVC_CTRL = 286; + CURLOPT_APPEND = 50; + CURLOPT_AUTOREFERER = 58; + CURLOPT_AWS_SIGV4 = 10305; + CURLOPT_BUFFERSIZE = 98; + CURLOPT_CAINFO = 10065; + CURLOPT_CAPATH = 10097; + CURLOPT_CA_CACHE_TIMEOUT = 321; + CURLOPT_CERTINFO = 172; + CURLOPT_CONNECTTIMEOUT = 78; + CURLOPT_CONNECTTIMEOUT_MS = 156; + CURLOPT_CONNECT_ONLY = 141; + CURLOPT_COOKIE = 10022; + CURLOPT_COOKIEFILE = 10031; + CURLOPT_COOKIEJAR = 10082; + CURLOPT_COOKIELIST = 10135; + CURLOPT_COOKIESESSION = 96; + CURLOPT_CUSTOMREQUEST = 10036; + CURLOPT_DEFAULT_PROTOCOL = 10238; + CURLOPT_DIRLISTONLY = 48; + CURLOPT_DISALLOW_USERNAME_IN_URL = 278; + CURLOPT_DNS_CACHE_TIMEOUT = 92; + CURLOPT_DNS_INTERFACE = 10221; + CURLOPT_DNS_LOCAL_IP4 = 10222; + CURLOPT_DNS_LOCAL_IP6 = 10223; + CURLOPT_DNS_SERVERS = 10211; + CURLOPT_DNS_SHUFFLE_ADDRESSES = 275; + CURLOPT_DOH_SSL_VERIFYHOST = 307; + CURLOPT_DOH_SSL_VERIFYPEER = 306; + CURLOPT_DOH_SSL_VERIFYSTATUS = 308; + CURLOPT_DOH_URL = 10279; + CURLOPT_ECH = 10325; + CURLOPT_EXPECT_100_TIMEOUT_MS = 227; + CURLOPT_FAILONERROR = 45; + CURLOPT_FILETIME = 69; + CURLOPT_FOLLOWLOCATION = 52; + CURLOPT_FORBID_REUSE = 75; + CURLOPT_FRESH_CONNECT = 74; + CURLOPT_FTPPORT = 10017; + CURLOPT_FTPSSLAUTH = 129; + CURLOPT_FTP_ACCOUNT = 10134; + CURLOPT_FTP_ALTERNATIVE_TO_USER = 10147; + CURLOPT_FTP_CREATE_MISSING_DIRS = 110; + CURLOPT_FTP_FILEMETHOD = 138; + CURLOPT_FTP_SKIP_PASV_IP = 137; + CURLOPT_FTP_SSL_CCC = 154; + CURLOPT_FTP_USE_EPRT = 106; + CURLOPT_FTP_USE_EPSV = 85; + CURLOPT_FTP_USE_PRET = 188; + CURLOPT_GSSAPI_DELEGATION = 210; + CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS = 271; + CURLOPT_HAPROXYPROTOCOL = 274; + CURLOPT_HAPROXY_CLIENT_IP = 10323; + CURLOPT_HEADER = 42; + CURLOPT_HEADEROPT = 229; + CURLOPT_HSTS_CTRL = 299; + CURLOPT_HTTP09_ALLOWED = 285; + CURLOPT_HTTPAUTH = 107; + CURLOPT_HTTPGET = 80; + CURLOPT_HTTPPOST = 10024; + CURLOPT_HTTPPROXYTUNNEL = 61; + CURLOPT_HTTP_CONTENT_DECODING = 158; + CURLOPT_HTTP_TRANSFER_DECODING = 157; + CURLOPT_HTTP_VERSION = 84; + CURLOPT_IGNORE_CONTENT_LENGTH = 136; + CURLOPT_INFILESIZE_LARGE = 30115; + CURLOPT_INTERFACE = 10062; + CURLOPT_IPRESOLVE = 113; + CURLOPT_ISSUERCERT = 10170; + CURLOPT_KEEP_SENDING_ON_ERROR = 245; + CURLOPT_KEYPASSWD = 10026; + CURLOPT_KRBLEVEL = 10063; + CURLOPT_LOCALPORT = 139; + CURLOPT_LOCALPORTRANGE = 140; + CURLOPT_LOGIN_OPTIONS = 10224; + CURLOPT_LOW_SPEED_LIMIT = 19; + CURLOPT_LOW_SPEED_TIME = 20; + CURLOPT_MAIL_AUTH = 10217; + CURLOPT_MAIL_FROM = 10186; + CURLOPT_MAIL_RCPT_ALLOWFAILS = 290; + CURLOPT_MAXAGE_CONN = 288; + CURLOPT_MAXCONNECTS = 71; + CURLOPT_MAXFILESIZE = 114; + CURLOPT_MAXFILESIZE_LARGE = 30117; + CURLOPT_MAXLIFETIME_CONN = 314; + CURLOPT_MAXREDIRS = 68; + CURLOPT_MAX_RECV_SPEED_LARGE = 30146; + CURLOPT_MAX_SEND_SPEED_LARGE = 30145; + CURLOPT_MIMEPOST = 10269; + CURLOPT_MIME_OPTIONS = 315; + CURLOPT_NETRC = 51; + CURLOPT_NEW_DIRECTORY_PERMS = 160; + CURLOPT_NEW_FILE_PERMS = 159; + CURLOPT_NOBODY = 44; + CURLOPT_NOPROGRESS = 43; + CURLOPT_NOPROXY = 10177; + CURLOPT_NOSIGNAL = 99; + CURLOPT_PASSWORD = 10174; + CURLOPT_PATH_AS_IS = 234; + CURLOPT_PINNEDPUBLICKEY = 10230; + CURLOPT_PIPEWAIT = 237; + CURLOPT_PORT = 3; + CURLOPT_POST = 47; + CURLOPT_POSTFIELDS = 10015; + CURLOPT_POSTFIELDSIZE = 60; + CURLOPT_POSTFIELDSIZE_LARGE = 30120; + CURLOPT_POSTREDIR = 161; + CURLOPT_PRE_PROXY = 10262; + CURLOPT_PROXY = 10004; + CURLOPT_PROXYAUTH = 111; + CURLOPT_PROXYPASSWORD = 10176; + CURLOPT_PROXYPORT = 59; + CURLOPT_PROXYTYPE = 101; + CURLOPT_PROXYUSERNAME = 10175; + CURLOPT_PROXYUSERPWD = 10006; + CURLOPT_PROXY_CAINFO = 10246; + CURLOPT_PROXY_CAPATH = 10247; + CURLOPT_PROXY_CRLFILE = 10260; + CURLOPT_PROXY_ISSUERCERT = 10296; + CURLOPT_PROXY_KEYPASSWD = 10258; + CURLOPT_PROXY_PINNEDPUBLICKEY = 10263; + CURLOPT_PROXY_SERVICE_NAME = 10235; + CURLOPT_PROXY_SSLCERT = 10254; + CURLOPT_PROXY_SSLCERTTYPE = 10255; + CURLOPT_PROXY_SSLKEY = 10256; + CURLOPT_PROXY_SSLKEYTYPE = 10257; + CURLOPT_PROXY_SSLVERSION = 250; + CURLOPT_PROXY_SSL_CIPHER_LIST = 10259; + CURLOPT_PROXY_SSL_OPTIONS = 261; + CURLOPT_PROXY_SSL_VERIFYHOST = 249; + CURLOPT_PROXY_SSL_VERIFYPEER = 248; + CURLOPT_PROXY_TLS13_CIPHERS = 10277; + CURLOPT_PROXY_TLSAUTH_PASSWORD = 10252; + CURLOPT_PROXY_TLSAUTH_TYPE = 10253; + CURLOPT_PROXY_TLSAUTH_USERNAME = 10251; + CURLOPT_PROXY_TRANSFER_MODE = 166; + CURLOPT_QUICK_EXIT = 322; + CURLOPT_RANGE = 10007; + CURLOPT_REDIR_PROTOCOLS_STR = 10319; + CURLOPT_REFERER = 10016; + CURLOPT_REQUEST_TARGET = 10266; + CURLOPT_RESUME_FROM = 21; + CURLOPT_RESUME_FROM_LARGE = 30116; + CURLOPT_RTSP_CLIENT_CSEQ = 193; + CURLOPT_RTSP_REQUEST = 189; + CURLOPT_RTSP_SERVER_CSEQ = 194; + CURLOPT_RTSP_SESSION_ID = 10190; + CURLOPT_RTSP_STREAM_URI = 10191; + CURLOPT_RTSP_TRANSPORT = 10192; + CURLOPT_SASL_AUTHZID = 10289; + CURLOPT_SASL_IR = 218; + CURLOPT_SERVER_RESPONSE_TIMEOUT_MS = 324; + CURLOPT_SERVICE_NAME = 10236; + CURLOPT_SOCKS5_AUTH = 267; + CURLOPT_SOCKS5_GSSAPI_NEC = 180; + CURLOPT_SSH_AUTH_TYPES = 151; + CURLOPT_SSH_COMPRESSION = 268; + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 = 10162; + CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 = 10311; + CURLOPT_SSH_KNOWNHOSTS = 10183; + CURLOPT_SSH_PRIVATE_KEYFILE = 10153; + CURLOPT_SSH_PUBLIC_KEYFILE = 10152; + CURLOPT_SSLCERT = 10025; + CURLOPT_SSLCERTTYPE = 10086; + CURLOPT_SSLENGINE = 10089; + CURLOPT_SSLENGINE_DEFAULT = 90; + CURLOPT_SSLKEY = 10087; + CURLOPT_SSLKEYTYPE = 10088; + CURLOPT_SSLVERSION = 32; + CURLOPT_SSL_CIPHER_LIST = 10083; + CURLOPT_SSL_EC_CURVES = 10298; + CURLOPT_SSL_ENABLE_ALPN = 226; + CURLOPT_SSL_FALSESTART = 233; + CURLOPT_SSL_OPTIONS = 216; + CURLOPT_SSL_SESSIONID_CACHE = 150; + CURLOPT_SSL_VERIFYHOST = 81; + CURLOPT_SSL_VERIFYPEER = 64; + CURLOPT_SSL_VERIFYSTATUS = 232; + CURLOPT_STREAM_WEIGHT = 239; + CURLOPT_SUPPRESS_CONNECT_HEADERS = 265; + CURLOPT_TCP_FASTOPEN = 244; + CURLOPT_TCP_KEEPALIVE = 213; + CURLOPT_TCP_KEEPCNT = 326; + CURLOPT_TCP_KEEPIDLE = 214; + CURLOPT_TCP_KEEPINTVL = 215; + CURLOPT_TCP_NODELAY = 121; + CURLOPT_TFTP_BLKSIZE = 178; + CURLOPT_TFTP_NO_OPTIONS = 242; + CURLOPT_TIMECONDITION = 33; + CURLOPT_TIMEVALUE = 34; + CURLOPT_TIMEVALUE_LARGE = 30270; + CURLOPT_TLS13_CIPHERS = 10276; + CURLOPT_TLSAUTH_PASSWORD = 10205; + CURLOPT_TLSAUTH_TYPE = 10206; + CURLOPT_TLSAUTH_USERNAME = 10204; + CURLOPT_TRANSFERTEXT = 53; + CURLOPT_TRANSFER_ENCODING = 207; + CURLOPT_UNIX_SOCKET_PATH = 10231; + CURLOPT_UNRESTRICTED_AUTH = 105; + CURLOPT_UPKEEP_INTERVAL_MS = 281; + CURLOPT_UPLOAD = 46; + CURLOPT_UPLOAD_BUFFERSIZE = 280; + CURLOPT_URL = 10002; + CURLOPT_USERAGENT = 10018; + CURLOPT_USERNAME = 10173; + CURLOPT_USERPWD = 10005; + CURLOPT_USE_SSL = 119; + CURLOPT_WILDCARDMATCH = 197; + CURLOPT_WS_OPTIONS = 320; + CURLOPT_XOAUTH2_BEARER = 10220; } diff --git a/schemas/curl_fuzzer_supported_curlopts.txt b/schemas/curl_fuzzer_supported_curlopts.txt new file mode 100644 index 00000000..a6a67a96 --- /dev/null +++ b/schemas/curl_fuzzer_supported_curlopts.txt @@ -0,0 +1,214 @@ +CURLOPT_ABSTRACT_UNIX_SOCKET +CURLOPT_ACCEPTTIMEOUT_MS +CURLOPT_ACCEPT_ENCODING +CURLOPT_ADDRESS_SCOPE +CURLOPT_ALTSVC_CTRL +CURLOPT_APPEND +CURLOPT_AUTOREFERER +CURLOPT_AWS_SIGV4 +CURLOPT_BUFFERSIZE +CURLOPT_CAINFO +CURLOPT_CAPATH +CURLOPT_CA_CACHE_TIMEOUT +CURLOPT_CERTINFO +CURLOPT_CONNECTTIMEOUT +CURLOPT_CONNECTTIMEOUT_MS +CURLOPT_CONNECT_ONLY +CURLOPT_COOKIE +CURLOPT_COOKIEFILE +CURLOPT_COOKIEJAR +CURLOPT_COOKIELIST +CURLOPT_COOKIESESSION +CURLOPT_CUSTOMREQUEST +CURLOPT_DEFAULT_PROTOCOL +CURLOPT_DIRLISTONLY +CURLOPT_DISALLOW_USERNAME_IN_URL +CURLOPT_DNS_CACHE_TIMEOUT +CURLOPT_DNS_INTERFACE +CURLOPT_DNS_LOCAL_IP4 +CURLOPT_DNS_LOCAL_IP6 +CURLOPT_DNS_SERVERS +CURLOPT_DNS_SHUFFLE_ADDRESSES +CURLOPT_DOH_SSL_VERIFYHOST +CURLOPT_DOH_SSL_VERIFYPEER +CURLOPT_DOH_SSL_VERIFYSTATUS +CURLOPT_DOH_URL +CURLOPT_ECH +CURLOPT_EXPECT_100_TIMEOUT_MS +CURLOPT_FAILONERROR +CURLOPT_FILETIME +CURLOPT_FOLLOWLOCATION +CURLOPT_FORBID_REUSE +CURLOPT_FRESH_CONNECT +CURLOPT_FTPPORT +CURLOPT_FTPSSLAUTH +CURLOPT_FTP_ACCOUNT +CURLOPT_FTP_ALTERNATIVE_TO_USER +CURLOPT_FTP_CREATE_MISSING_DIRS +CURLOPT_FTP_FILEMETHOD +CURLOPT_FTP_SKIP_PASV_IP +CURLOPT_FTP_SSL_CCC +CURLOPT_FTP_USE_EPRT +CURLOPT_FTP_USE_EPSV +CURLOPT_FTP_USE_PRET +CURLOPT_GSSAPI_DELEGATION +CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS +CURLOPT_HAPROXYPROTOCOL +CURLOPT_HAPROXY_CLIENT_IP +CURLOPT_HEADER +CURLOPT_HEADEROPT +CURLOPT_HSTS_CTRL +CURLOPT_HTTP09_ALLOWED +CURLOPT_HTTPAUTH +CURLOPT_HTTPGET +CURLOPT_HTTPPOST +CURLOPT_HTTPPROXYTUNNEL +CURLOPT_HTTP_CONTENT_DECODING +CURLOPT_HTTP_TRANSFER_DECODING +CURLOPT_HTTP_VERSION +CURLOPT_IGNORE_CONTENT_LENGTH +CURLOPT_INFILESIZE_LARGE +CURLOPT_INTERFACE +CURLOPT_IPRESOLVE +CURLOPT_ISSUERCERT +CURLOPT_KEEP_SENDING_ON_ERROR +CURLOPT_KEYPASSWD +CURLOPT_KRBLEVEL +CURLOPT_LOCALPORT +CURLOPT_LOCALPORTRANGE +CURLOPT_LOGIN_OPTIONS +CURLOPT_LOW_SPEED_LIMIT +CURLOPT_LOW_SPEED_TIME +CURLOPT_MAIL_AUTH +CURLOPT_MAIL_FROM +CURLOPT_MAIL_RCPT_ALLOWFAILS +CURLOPT_MAXAGE_CONN +CURLOPT_MAXCONNECTS +CURLOPT_MAXFILESIZE +CURLOPT_MAXFILESIZE_LARGE +CURLOPT_MAXLIFETIME_CONN +CURLOPT_MAXREDIRS +CURLOPT_MAX_RECV_SPEED_LARGE +CURLOPT_MAX_SEND_SPEED_LARGE +CURLOPT_MIMEPOST +CURLOPT_MIME_OPTIONS +CURLOPT_NETRC +CURLOPT_NEW_DIRECTORY_PERMS +CURLOPT_NEW_FILE_PERMS +CURLOPT_NOBODY +CURLOPT_NOPROGRESS +CURLOPT_NOPROXY +CURLOPT_NOSIGNAL +CURLOPT_PASSWORD +CURLOPT_PATH_AS_IS +CURLOPT_PINNEDPUBLICKEY +CURLOPT_PIPEWAIT +CURLOPT_PORT +CURLOPT_POST +CURLOPT_POSTFIELDS +CURLOPT_POSTFIELDSIZE +CURLOPT_POSTFIELDSIZE_LARGE +CURLOPT_POSTREDIR +CURLOPT_PRE_PROXY +CURLOPT_PROXY +CURLOPT_PROXYAUTH +CURLOPT_PROXYPASSWORD +CURLOPT_PROXYPORT +CURLOPT_PROXYTYPE +CURLOPT_PROXYUSERNAME +CURLOPT_PROXYUSERPWD +CURLOPT_PROXY_CAINFO +CURLOPT_PROXY_CAPATH +CURLOPT_PROXY_CRLFILE +CURLOPT_PROXY_ISSUERCERT +CURLOPT_PROXY_KEYPASSWD +CURLOPT_PROXY_PINNEDPUBLICKEY +CURLOPT_PROXY_SERVICE_NAME +CURLOPT_PROXY_SSLCERT +CURLOPT_PROXY_SSLCERTTYPE +CURLOPT_PROXY_SSLKEY +CURLOPT_PROXY_SSLKEYTYPE +CURLOPT_PROXY_SSLVERSION +CURLOPT_PROXY_SSL_CIPHER_LIST +CURLOPT_PROXY_SSL_OPTIONS +CURLOPT_PROXY_SSL_VERIFYHOST +CURLOPT_PROXY_SSL_VERIFYPEER +CURLOPT_PROXY_TLS13_CIPHERS +CURLOPT_PROXY_TLSAUTH_PASSWORD +CURLOPT_PROXY_TLSAUTH_TYPE +CURLOPT_PROXY_TLSAUTH_USERNAME +CURLOPT_PROXY_TRANSFER_MODE +CURLOPT_QUICK_EXIT +CURLOPT_RANGE +CURLOPT_REDIR_PROTOCOLS_STR +CURLOPT_REFERER +CURLOPT_REQUEST_TARGET +CURLOPT_RESUME_FROM +CURLOPT_RESUME_FROM_LARGE +CURLOPT_RTSP_CLIENT_CSEQ +CURLOPT_RTSP_REQUEST +CURLOPT_RTSP_SERVER_CSEQ +CURLOPT_RTSP_SESSION_ID +CURLOPT_RTSP_STREAM_URI +CURLOPT_RTSP_TRANSPORT +CURLOPT_SASL_AUTHZID +CURLOPT_SASL_IR +CURLOPT_SERVER_RESPONSE_TIMEOUT_MS +CURLOPT_SERVICE_NAME +CURLOPT_SOCKS5_AUTH +CURLOPT_SOCKS5_GSSAPI_NEC +CURLOPT_SSH_AUTH_TYPES +CURLOPT_SSH_COMPRESSION +CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 +CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 +CURLOPT_SSH_KNOWNHOSTS +CURLOPT_SSH_PRIVATE_KEYFILE +CURLOPT_SSH_PUBLIC_KEYFILE +CURLOPT_SSLCERT +CURLOPT_SSLCERTTYPE +CURLOPT_SSLENGINE +CURLOPT_SSLENGINE_DEFAULT +CURLOPT_SSLKEY +CURLOPT_SSLKEYTYPE +CURLOPT_SSLVERSION +CURLOPT_SSL_CIPHER_LIST +CURLOPT_SSL_EC_CURVES +CURLOPT_SSL_ENABLE_ALPN +CURLOPT_SSL_FALSESTART +CURLOPT_SSL_OPTIONS +CURLOPT_SSL_SESSIONID_CACHE +CURLOPT_SSL_VERIFYHOST +CURLOPT_SSL_VERIFYPEER +CURLOPT_SSL_VERIFYSTATUS +CURLOPT_STREAM_WEIGHT +CURLOPT_SUPPRESS_CONNECT_HEADERS +CURLOPT_TCP_FASTOPEN +CURLOPT_TCP_KEEPALIVE +CURLOPT_TCP_KEEPCNT +CURLOPT_TCP_KEEPIDLE +CURLOPT_TCP_KEEPINTVL +CURLOPT_TCP_NODELAY +CURLOPT_TFTP_BLKSIZE +CURLOPT_TFTP_NO_OPTIONS +CURLOPT_TIMECONDITION +CURLOPT_TIMEVALUE +CURLOPT_TIMEVALUE_LARGE +CURLOPT_TLS13_CIPHERS +CURLOPT_TLSAUTH_PASSWORD +CURLOPT_TLSAUTH_TYPE +CURLOPT_TLSAUTH_USERNAME +CURLOPT_TRANSFERTEXT +CURLOPT_TRANSFER_ENCODING +CURLOPT_UNIX_SOCKET_PATH +CURLOPT_UNRESTRICTED_AUTH +CURLOPT_UPKEEP_INTERVAL_MS +CURLOPT_UPLOAD +CURLOPT_UPLOAD_BUFFERSIZE +CURLOPT_URL +CURLOPT_USERAGENT +CURLOPT_USERNAME +CURLOPT_USERPWD +CURLOPT_USE_SSL +CURLOPT_WILDCARDMATCH +CURLOPT_WS_OPTIONS +CURLOPT_XOAUTH2_BEARER diff --git a/src/curl_fuzzer_tools/generate_option_manifest.py b/src/curl_fuzzer_tools/generate_option_manifest.py new file mode 100644 index 00000000..b6282d70 --- /dev/null +++ b/src/curl_fuzzer_tools/generate_option_manifest.py @@ -0,0 +1,193 @@ +#!/usr/bin/env python3 +"""Regenerate option manifest artefacts from the supported CURLOPT list. + +This script reads a plain-text list of supported CURLOPT identifiers, looks up +metadata in curl.h to determine each option's numeric value and value kind, and +then emits two artefacts: + +* generated/curl_fuzzer_option_manifest.inc – consumed by the runtime harness. +* schemas/curl_fuzzer.proto – the CurlOptionId enum gains the native values. + +It replaces the previous YAML-driven flow with an approach that derives type and +numeric identifiers directly from curl.h so that we remain in sync with the +upstream library. +""" +from __future__ import annotations + +import dataclasses +import pathlib +import re +from typing import Dict, Iterable, List + +REPO_ROOT = pathlib.Path(__file__).resolve().parents[2] +SUPPORTED_LIST = REPO_ROOT / "schemas" / "curl_fuzzer_supported_curlopts.txt" +CURL_HEADER = REPO_ROOT / "build" / "curl-install" / "include" / "curl" / "curl.h" +PROTO_FILE = REPO_ROOT / "schemas" / "curl_fuzzer.proto" +MANIFEST_FILE = REPO_ROOT / "generated" / "curl_fuzzer_option_manifest.inc" + +TYPE_BASE_VALUES: Dict[str, int] = { + "CURLOPTTYPE_LONG": 0, + "CURLOPTTYPE_VALUES": 0, + "CURLOPTTYPE_OBJECTPOINT": 10000, + "CURLOPTTYPE_STRINGPOINT": 10000, + "CURLOPTTYPE_SLISTPOINT": 10000, + "CURLOPTTYPE_CBPOINT": 10000, + "CURLOPTTYPE_FUNCTIONPOINT": 20000, + "CURLOPTTYPE_OFF_T": 30000, + "CURLOPTTYPE_BLOB": 40000, +} + +BASE_KIND: Dict[str, str] = { + "CURLOPTTYPE_LONG": "uint32", + "CURLOPTTYPE_VALUES": "uint32", + "CURLOPTTYPE_STRINGPOINT": "string", + # The remaining pointer-based families require explicit overrides. + "CURLOPTTYPE_OBJECTPOINT": "unknown", + "CURLOPTTYPE_SLISTPOINT": "unknown", + "CURLOPTTYPE_CBPOINT": "unknown", + "CURLOPTTYPE_FUNCTIONPOINT": "unknown", + "CURLOPTTYPE_BLOB": "unknown", + "CURLOPTTYPE_OFF_T": "uint64", +} + +OPTION_KIND_OVERRIDES: Dict[str, str] = { + # Pointers that are treated as specialised structs. + "CURLOPT_HTTPPOST": "http_post", + "CURLOPT_MIMEPOST": "mime", + # Object pointers that hold string-like data. + "CURLOPT_POSTFIELDS": "string", + # Historically modelled as booleans although libcurl exposes them as long. + "CURLOPT_UPLOAD": "bool", +} + +VALUE_KIND_SYMBOLS: Dict[str, str] = { + "string": "OptionValueKind::kString", + "uint32": "OptionValueKind::kUint32", + "uint64": "OptionValueKind::kUint64", + "bool": "OptionValueKind::kBool", + "http_post": "OptionValueKind::kHttpPost", + "mime": "OptionValueKind::kMime", + "unknown": "OptionValueKind::kUnknown", +} + + +@dataclasses.dataclass(frozen=True) +class CurlOption: + name: str + type_token: str + curl_value: int + + @property + def manifest_kind(self) -> str: + base_kind = BASE_KIND.get(self.type_token) + kind = OPTION_KIND_OVERRIDES.get(self.name, base_kind) + if kind is None or kind == "unknown": + raise ValueError( + f"Unsupported type mapping for {self.name}: {self.type_token}. " + "Please extend OPTION_KIND_OVERRIDES or BASE_KIND." + ) + return kind + + +def load_supported_options(path: pathlib.Path) -> List[str]: + if not path.exists(): + raise FileNotFoundError(f"Supported options list missing: {path}") + options: List[str] = [] + for raw_line in path.read_text().splitlines(): + line = raw_line.strip() + if not line or line.startswith("#"): + continue + options.append(line) + if not options: + raise ValueError(f"No options found in {path}") + return options + + +def parse_curl_header(path: pathlib.Path) -> Dict[str, CurlOption]: + if not path.exists(): + raise FileNotFoundError(f"curl.h not found at {path}") + text = path.read_text() + pattern = re.compile( + r"CURLOPT(?:DEPRECATED)?\(\s*(CURLOPT_[A-Z0-9_]+)\s*,\s*(CURLOPTTYPE_[A-Z0-9_]+)\s*,\s*([0-9]+)", + re.MULTILINE, + ) + options: Dict[str, CurlOption] = {} + for match in pattern.finditer(text): + name, type_token, offset_text = match.groups() + if type_token not in TYPE_BASE_VALUES: + raise ValueError(f"Unknown CURLOPT type token: {type_token} for {name}") + base_value = TYPE_BASE_VALUES[type_token] + offset = int(offset_text) + options[name] = CurlOption(name=name, type_token=type_token, curl_value=base_value + offset) + if not options: + raise ValueError("Failed to extract any CURLOPT definitions from curl.h") + return options + + +def emit_manifest(entries: Iterable[CurlOption]) -> str: + lines = [ + "// Generated by src/curl_fuzzer_tools/generate_option_manifest.py", + "static constexpr OptionDescriptor kOptionManifest[] = {", + ] + for option in entries: + kind_symbol = VALUE_KIND_SYMBOLS[option.manifest_kind] + lines.append( + f" {{curl::fuzzer::proto::{option.name}, {kind_symbol}, true, \"{option.name}\", {option.name}}}," + ) + lines.append("};") + lines.append( + "static constexpr size_t kOptionManifestSize = sizeof(kOptionManifest) / sizeof(kOptionManifest[0]);" + ) + return "\n".join(lines) + "\n" + + +def rewrite_proto(entries: Iterable[CurlOption], proto_path: pathlib.Path) -> None: + text = proto_path.read_text() + enum_marker = "enum CurlOptionId" + start_idx = text.find(enum_marker) + if start_idx == -1: + raise ValueError("Unable to locate CurlOptionId enum in curl_fuzzer.proto") + brace_idx = text.find("{", start_idx) + if brace_idx == -1: + raise ValueError("Malformed CurlOptionId enum definition") + depth = 1 + idx = brace_idx + 1 + while idx < len(text) and depth > 0: + char = text[idx] + if char == "{": + depth += 1 + elif char == "}": + depth -= 1 + idx += 1 + if depth != 0: + raise ValueError("Unbalanced braces when parsing CurlOptionId enum") + closing_idx = idx - 1 # Position of the closing brace + + indent = " " + enum_lines = [f"{indent}CURL_OPTION_UNSPECIFIED = 0;"] + for option in entries: + enum_lines.append(f"{indent}{option.name} = {option.curl_value};") + enum_body = "\n".join(enum_lines) + "\n" + + new_text = text[: brace_idx + 1] + "\n" + enum_body + text[closing_idx:] + proto_path.write_text(new_text) + + +def main() -> int: + supported = load_supported_options(SUPPORTED_LIST) + header_options = parse_curl_header(CURL_HEADER) + + ordered_entries: List[CurlOption] = [] + for name in supported: + if name not in header_options: + raise KeyError(f"CURLOPT {name} not found in curl.h") + ordered_entries.append(header_options[name]) + + MANIFEST_FILE.write_text(emit_manifest(ordered_entries)) + rewrite_proto(ordered_entries, PROTO_FILE) + + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) From eba07ea9dc7c31c41b9edef21cf5b0d772eedc87 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 16:25:03 +0000 Subject: [PATCH 03/10] Delete legacy TLV corpora files --- corpora/.gitignore | 1 + corpora/curl_fuzzer/oss-fuzz-3327 | Bin 27 -> 0 bytes corpora/curl_fuzzer/test1 | Bin 289 -> 0 bytes corpora/curl_fuzzer/test10 | Bin 226 -> 0 bytes corpora/curl_fuzzer/test100 | Bin 675 -> 0 bytes corpora/curl_fuzzer/test100_2 | Bin 128 -> 0 bytes corpora/curl_fuzzer/test100_3 | Bin 261 -> 0 bytes corpora/curl_fuzzer/test1011 | Bin 326 -> 0 bytes corpora/curl_fuzzer/test12 | Bin 464 -> 0 bytes corpora/curl_fuzzer/test1201 | Bin 146 -> 0 bytes corpora/curl_fuzzer/test13 | Bin 179 -> 0 bytes corpora/curl_fuzzer/test1326 | Bin 62 -> 0 bytes corpora/curl_fuzzer/test1450 | Bin 98 -> 0 bytes corpora/curl_fuzzer/test2 | Bin 182 -> 0 bytes corpora/curl_fuzzer/test271 | Bin 74 -> 0 bytes corpora/curl_fuzzer/test3 | Bin 242 -> 0 bytes corpora/curl_fuzzer/test39 | Bin 184 -> 0 bytes corpora/curl_fuzzer/test4 | Bin 336 -> 0 bytes corpora/curl_fuzzer/test46 | Bin 4483 -> 0 bytes corpora/curl_fuzzer/test5 | Bin 185 -> 0 bytes corpora/curl_fuzzer/test567 | Bin 172 -> 0 bytes corpora/curl_fuzzer/test6 | Bin 223 -> 0 bytes corpora/curl_fuzzer/test64 | Bin 312 -> 0 bytes corpora/curl_fuzzer/test800 | Bin 137 -> 0 bytes corpora/curl_fuzzer/test800_2 | Bin 280 -> 0 bytes corpora/curl_fuzzer/test850 | Bin 130 -> 0 bytes corpora/curl_fuzzer/test900 | Bin 129 -> 0 bytes corpora/curl_fuzzer/test900_2 | Bin 241 -> 0 bytes corpora/curl_fuzzer/test_accept_encoding | Bin 278 -> 0 bytes corpora/curl_fuzzer/test_file_nobody | Bin 50 -> 0 bytes corpora/curl_fuzzer/test_ftp_list | Bin 879 -> 0 bytes corpora/curl_fuzzer/test_ftp_wildcard | Bin 885 -> 0 bytes corpora/curl_fuzzer/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer/timeout-4625841444093952 | Bin 8332 -> 0 bytes corpora/curl_fuzzer_dict/test1450 | Bin 98 -> 0 bytes corpora/curl_fuzzer_dict/test_url_dict | Bin 22 -> 0 bytes corpora/curl_fuzzer_dict/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_file/test_file_nobody | Bin 50 -> 0 bytes corpora/curl_fuzzer_file/test_url_file | Bin 22 -> 0 bytes corpora/curl_fuzzer_file/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_ftp/test_ftp_list | Bin 879 -> 0 bytes corpora/curl_fuzzer_ftp/test_ftp_wildcard | Bin 885 -> 0 bytes corpora/curl_fuzzer_ftp/test_url_ftp | Bin 21 -> 0 bytes corpora/curl_fuzzer_ftp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_gopher/test1201 | Bin 146 -> 0 bytes corpora/curl_fuzzer_gopher/test_url_gopher | Bin 24 -> 0 bytes corpora/curl_fuzzer_gopher/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_http/test1 | Bin 289 -> 0 bytes corpora/curl_fuzzer_http/test10 | Bin 226 -> 0 bytes corpora/curl_fuzzer_http/test100 | Bin 675 -> 0 bytes corpora/curl_fuzzer_http/test100_2 | Bin 128 -> 0 bytes corpora/curl_fuzzer_http/test100_3 | Bin 261 -> 0 bytes corpora/curl_fuzzer_http/test1011 | Bin 326 -> 0 bytes corpora/curl_fuzzer_http/test12 | Bin 464 -> 0 bytes corpora/curl_fuzzer_http/test1201 | Bin 146 -> 0 bytes corpora/curl_fuzzer_http/test13 | Bin 179 -> 0 bytes corpora/curl_fuzzer_http/test1326 | Bin 62 -> 0 bytes corpora/curl_fuzzer_http/test1450 | Bin 98 -> 0 bytes corpora/curl_fuzzer_http/test2 | Bin 182 -> 0 bytes corpora/curl_fuzzer_http/test271 | Bin 74 -> 0 bytes corpora/curl_fuzzer_http/test3 | Bin 242 -> 0 bytes corpora/curl_fuzzer_http/test39 | Bin 184 -> 0 bytes corpora/curl_fuzzer_http/test4 | Bin 336 -> 0 bytes corpora/curl_fuzzer_http/test46 | Bin 4483 -> 0 bytes corpora/curl_fuzzer_http/test5 | Bin 185 -> 0 bytes corpora/curl_fuzzer_http/test567 | Bin 172 -> 0 bytes corpora/curl_fuzzer_http/test6 | Bin 223 -> 0 bytes corpora/curl_fuzzer_http/test64 | Bin 312 -> 0 bytes corpora/curl_fuzzer_http/test800 | Bin 137 -> 0 bytes corpora/curl_fuzzer_http/test800_2 | Bin 280 -> 0 bytes corpora/curl_fuzzer_http/test850 | Bin 130 -> 0 bytes corpora/curl_fuzzer_http/test900 | Bin 129 -> 0 bytes corpora/curl_fuzzer_http/test900_2 | Bin 241 -> 0 bytes corpora/curl_fuzzer_http/test_accept_encoding | Bin 278 -> 0 bytes corpora/curl_fuzzer_http/test_alt_svc | Bin 193 -> 0 bytes corpora/curl_fuzzer_http/test_alt_svc_with_ma | Bin 223 -> 0 bytes corpora/curl_fuzzer_http/test_basic_http2 | Bin 532 -> 0 bytes .../test_cookie_control_code_hackerone_1613943 | Bin 146 -> 0 bytes .../curl_fuzzer_http/test_http_upgrade_to_ws | Bin 452 -> 0 bytes .../test_http_upgrade_to_ws_and_detach | Bin 542 -> 0 bytes corpora/curl_fuzzer_http/test_http_with_hsts | Bin 269 -> 0 bytes .../curl_fuzzer_http/test_http_with_hsts_tlv | Bin 207 -> 0 bytes .../curl_fuzzer_http/test_invalid_prior_http2 | Bin 55 -> 0 bytes corpora/curl_fuzzer_http/test_ipv6 | Bin 135 -> 0 bytes corpora/curl_fuzzer_http/test_ntlm | Bin 679 -> 0 bytes corpora/curl_fuzzer_http/test_ntlm_wb | Bin 689 -> 0 bytes corpora/curl_fuzzer_http/test_url_http | Bin 22 -> 0 bytes corpora/curl_fuzzer_http/test_wrongproto | Bin 33 -> 0 bytes .../test_alt_svc_with_double_header | Bin 297 -> 0 bytes corpora/curl_fuzzer_https/test_alt_svc_with_ma | Bin 247 -> 0 bytes .../curl_fuzzer_https/test_altsvc_with_cache | Bin 164 -> 0 bytes corpora/curl_fuzzer_https/test_hsts_response | Bin 207 -> 0 bytes .../test_hsts_response_to_ipv6 | Bin 164 -> 0 bytes corpora/curl_fuzzer_https/test_http_version_2 | Bin 329 -> 0 bytes corpora/curl_fuzzer_https/test_https_ntlm | Bin 131 -> 0 bytes corpora/curl_fuzzer_https/test_ipv6 | Bin 91 -> 0 bytes corpora/curl_fuzzer_https/test_post_0byte | Bin 369 -> 0 bytes corpora/curl_fuzzer_https/test_simple_httppost | Bin 157 -> 0 bytes corpora/curl_fuzzer_https/test_url | Bin 23 -> 0 bytes corpora/curl_fuzzer_https/test_wrongproto | Bin 33 -> 0 bytes ...terfuzz-testcase-minimized-5817192030404608 | Bin 31154 -> 0 bytes corpora/curl_fuzzer_imap/test800 | Bin 137 -> 0 bytes corpora/curl_fuzzer_imap/test800_2 | Bin 280 -> 0 bytes corpora/curl_fuzzer_imap/test_oauthed_imap | Bin 405 -> 0 bytes corpora/curl_fuzzer_imap/test_url_imap | Bin 22 -> 0 bytes corpora/curl_fuzzer_imap/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_ldap/test_url_fullldap | Bin 119 -> 0 bytes corpora/curl_fuzzer_ldap/test_url_ldap | Bin 22 -> 0 bytes corpora/curl_fuzzer_ldap/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_mqtt/test_dummy | Bin 38 -> 0 bytes corpora/curl_fuzzer_pop3/test850 | Bin 130 -> 0 bytes corpora/curl_fuzzer_pop3/test_oauthed_pop3 | Bin 228 -> 0 bytes corpora/curl_fuzzer_pop3/test_url_pop3 | Bin 22 -> 0 bytes corpora/curl_fuzzer_pop3/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_rtmp/test_url_rtmp | Bin 22 -> 0 bytes corpora/curl_fuzzer_rtmp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_rtsp/oss-fuzz-issue-6937 | Bin 338215 -> 0 bytes corpora/curl_fuzzer_rtsp/test567 | Bin 172 -> 0 bytes corpora/curl_fuzzer_rtsp/test_rtsp_client_cseq | Bin 191 -> 0 bytes corpora/curl_fuzzer_rtsp/test_rtsp_request | Bin 182 -> 0 bytes corpora/curl_fuzzer_rtsp/test_rtsp_request2 | Bin 182 -> 0 bytes corpora/curl_fuzzer_rtsp/test_rtsp_session_id | Bin 193 -> 0 bytes corpora/curl_fuzzer_rtsp/test_rtsp_stream_uri | Bin 208 -> 0 bytes corpora/curl_fuzzer_rtsp/test_rtsp_transport | Bin 225 -> 0 bytes corpora/curl_fuzzer_rtsp/test_url_rtsp | Bin 22 -> 0 bytes corpora/curl_fuzzer_rtsp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_scp/test_url_scp | Bin 21 -> 0 bytes corpora/curl_fuzzer_scp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_sftp/test_url_sftp | Bin 22 -> 0 bytes corpora/curl_fuzzer_sftp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_smb/test_url_smb | Bin 21 -> 0 bytes corpora/curl_fuzzer_smb/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_smtp/test900 | Bin 129 -> 0 bytes corpora/curl_fuzzer_smtp/test900_2 | Bin 241 -> 0 bytes corpora/curl_fuzzer_smtp/test_mail_auth | Bin 260 -> 0 bytes corpora/curl_fuzzer_smtp/test_smtps_with_oauth | Bin 283 -> 0 bytes corpora/curl_fuzzer_smtp/test_url_smtp | Bin 22 -> 0 bytes corpora/curl_fuzzer_smtp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_tftp/test_url_tftp | Bin 22 -> 0 bytes corpora/curl_fuzzer_tftp/test_wrongproto | Bin 33 -> 0 bytes corpora/curl_fuzzer_ws/basictest | Bin 30 -> 0 bytes corpora/curl_fuzzer_ws/test_http_upgrade_to_ws | Bin 454 -> 0 bytes .../ws_with_raw_mode_connect_test | Bin 65 -> 0 bytes corpora/curl_fuzzer_ws/ws_with_raw_mode_test | Bin 55 -> 0 bytes corpora/curl_fuzzer_ws/wss_test | Bin 49 -> 0 bytes .../curl_fuzzer_ws/wss_with_basic_auth_test | Bin 67 -> 0 bytes 146 files changed, 1 insertion(+) create mode 100644 corpora/.gitignore delete mode 100644 corpora/curl_fuzzer/oss-fuzz-3327 delete mode 100644 corpora/curl_fuzzer/test1 delete mode 100644 corpora/curl_fuzzer/test10 delete mode 100644 corpora/curl_fuzzer/test100 delete mode 100644 corpora/curl_fuzzer/test100_2 delete mode 100644 corpora/curl_fuzzer/test100_3 delete mode 100644 corpora/curl_fuzzer/test1011 delete mode 100644 corpora/curl_fuzzer/test12 delete mode 100644 corpora/curl_fuzzer/test1201 delete mode 100644 corpora/curl_fuzzer/test13 delete mode 100644 corpora/curl_fuzzer/test1326 delete mode 100644 corpora/curl_fuzzer/test1450 delete mode 100644 corpora/curl_fuzzer/test2 delete mode 100644 corpora/curl_fuzzer/test271 delete mode 100644 corpora/curl_fuzzer/test3 delete mode 100644 corpora/curl_fuzzer/test39 delete mode 100644 corpora/curl_fuzzer/test4 delete mode 100644 corpora/curl_fuzzer/test46 delete mode 100644 corpora/curl_fuzzer/test5 delete mode 100644 corpora/curl_fuzzer/test567 delete mode 100644 corpora/curl_fuzzer/test6 delete mode 100644 corpora/curl_fuzzer/test64 delete mode 100644 corpora/curl_fuzzer/test800 delete mode 100644 corpora/curl_fuzzer/test800_2 delete mode 100644 corpora/curl_fuzzer/test850 delete mode 100644 corpora/curl_fuzzer/test900 delete mode 100644 corpora/curl_fuzzer/test900_2 delete mode 100644 corpora/curl_fuzzer/test_accept_encoding delete mode 100644 corpora/curl_fuzzer/test_file_nobody delete mode 100644 corpora/curl_fuzzer/test_ftp_list delete mode 100644 corpora/curl_fuzzer/test_ftp_wildcard delete mode 100644 corpora/curl_fuzzer/test_wrongproto delete mode 100644 corpora/curl_fuzzer/timeout-4625841444093952 delete mode 100644 corpora/curl_fuzzer_dict/test1450 delete mode 100644 corpora/curl_fuzzer_dict/test_url_dict delete mode 100644 corpora/curl_fuzzer_dict/test_wrongproto delete mode 100644 corpora/curl_fuzzer_file/test_file_nobody delete mode 100644 corpora/curl_fuzzer_file/test_url_file delete mode 100644 corpora/curl_fuzzer_file/test_wrongproto delete mode 100644 corpora/curl_fuzzer_ftp/test_ftp_list delete mode 100644 corpora/curl_fuzzer_ftp/test_ftp_wildcard delete mode 100644 corpora/curl_fuzzer_ftp/test_url_ftp delete mode 100644 corpora/curl_fuzzer_ftp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_gopher/test1201 delete mode 100644 corpora/curl_fuzzer_gopher/test_url_gopher delete mode 100644 corpora/curl_fuzzer_gopher/test_wrongproto delete mode 100644 corpora/curl_fuzzer_http/test1 delete mode 100644 corpora/curl_fuzzer_http/test10 delete mode 100644 corpora/curl_fuzzer_http/test100 delete mode 100644 corpora/curl_fuzzer_http/test100_2 delete mode 100644 corpora/curl_fuzzer_http/test100_3 delete mode 100644 corpora/curl_fuzzer_http/test1011 delete mode 100644 corpora/curl_fuzzer_http/test12 delete mode 100644 corpora/curl_fuzzer_http/test1201 delete mode 100644 corpora/curl_fuzzer_http/test13 delete mode 100644 corpora/curl_fuzzer_http/test1326 delete mode 100644 corpora/curl_fuzzer_http/test1450 delete mode 100644 corpora/curl_fuzzer_http/test2 delete mode 100644 corpora/curl_fuzzer_http/test271 delete mode 100644 corpora/curl_fuzzer_http/test3 delete mode 100644 corpora/curl_fuzzer_http/test39 delete mode 100644 corpora/curl_fuzzer_http/test4 delete mode 100644 corpora/curl_fuzzer_http/test46 delete mode 100644 corpora/curl_fuzzer_http/test5 delete mode 100644 corpora/curl_fuzzer_http/test567 delete mode 100644 corpora/curl_fuzzer_http/test6 delete mode 100644 corpora/curl_fuzzer_http/test64 delete mode 100644 corpora/curl_fuzzer_http/test800 delete mode 100644 corpora/curl_fuzzer_http/test800_2 delete mode 100644 corpora/curl_fuzzer_http/test850 delete mode 100644 corpora/curl_fuzzer_http/test900 delete mode 100644 corpora/curl_fuzzer_http/test900_2 delete mode 100644 corpora/curl_fuzzer_http/test_accept_encoding delete mode 100644 corpora/curl_fuzzer_http/test_alt_svc delete mode 100644 corpora/curl_fuzzer_http/test_alt_svc_with_ma delete mode 100644 corpora/curl_fuzzer_http/test_basic_http2 delete mode 100644 corpora/curl_fuzzer_http/test_cookie_control_code_hackerone_1613943 delete mode 100644 corpora/curl_fuzzer_http/test_http_upgrade_to_ws delete mode 100644 corpora/curl_fuzzer_http/test_http_upgrade_to_ws_and_detach delete mode 100644 corpora/curl_fuzzer_http/test_http_with_hsts delete mode 100644 corpora/curl_fuzzer_http/test_http_with_hsts_tlv delete mode 100644 corpora/curl_fuzzer_http/test_invalid_prior_http2 delete mode 100644 corpora/curl_fuzzer_http/test_ipv6 delete mode 100644 corpora/curl_fuzzer_http/test_ntlm delete mode 100644 corpora/curl_fuzzer_http/test_ntlm_wb delete mode 100644 corpora/curl_fuzzer_http/test_url_http delete mode 100644 corpora/curl_fuzzer_http/test_wrongproto delete mode 100644 corpora/curl_fuzzer_https/test_alt_svc_with_double_header delete mode 100644 corpora/curl_fuzzer_https/test_alt_svc_with_ma delete mode 100644 corpora/curl_fuzzer_https/test_altsvc_with_cache delete mode 100644 corpora/curl_fuzzer_https/test_hsts_response delete mode 100644 corpora/curl_fuzzer_https/test_hsts_response_to_ipv6 delete mode 100644 corpora/curl_fuzzer_https/test_http_version_2 delete mode 100644 corpora/curl_fuzzer_https/test_https_ntlm delete mode 100644 corpora/curl_fuzzer_https/test_ipv6 delete mode 100644 corpora/curl_fuzzer_https/test_post_0byte delete mode 100644 corpora/curl_fuzzer_https/test_simple_httppost delete mode 100644 corpora/curl_fuzzer_https/test_url delete mode 100644 corpora/curl_fuzzer_https/test_wrongproto delete mode 100644 corpora/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608 delete mode 100644 corpora/curl_fuzzer_imap/test800 delete mode 100644 corpora/curl_fuzzer_imap/test800_2 delete mode 100644 corpora/curl_fuzzer_imap/test_oauthed_imap delete mode 100644 corpora/curl_fuzzer_imap/test_url_imap delete mode 100644 corpora/curl_fuzzer_imap/test_wrongproto delete mode 100644 corpora/curl_fuzzer_ldap/test_url_fullldap delete mode 100644 corpora/curl_fuzzer_ldap/test_url_ldap delete mode 100644 corpora/curl_fuzzer_ldap/test_wrongproto delete mode 100644 corpora/curl_fuzzer_mqtt/test_dummy delete mode 100644 corpora/curl_fuzzer_pop3/test850 delete mode 100644 corpora/curl_fuzzer_pop3/test_oauthed_pop3 delete mode 100644 corpora/curl_fuzzer_pop3/test_url_pop3 delete mode 100644 corpora/curl_fuzzer_pop3/test_wrongproto delete mode 100644 corpora/curl_fuzzer_rtmp/test_url_rtmp delete mode 100644 corpora/curl_fuzzer_rtmp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_rtsp/oss-fuzz-issue-6937 delete mode 100644 corpora/curl_fuzzer_rtsp/test567 delete mode 100644 corpora/curl_fuzzer_rtsp/test_rtsp_client_cseq delete mode 100644 corpora/curl_fuzzer_rtsp/test_rtsp_request delete mode 100644 corpora/curl_fuzzer_rtsp/test_rtsp_request2 delete mode 100644 corpora/curl_fuzzer_rtsp/test_rtsp_session_id delete mode 100644 corpora/curl_fuzzer_rtsp/test_rtsp_stream_uri delete mode 100644 corpora/curl_fuzzer_rtsp/test_rtsp_transport delete mode 100644 corpora/curl_fuzzer_rtsp/test_url_rtsp delete mode 100644 corpora/curl_fuzzer_rtsp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_scp/test_url_scp delete mode 100644 corpora/curl_fuzzer_scp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_sftp/test_url_sftp delete mode 100644 corpora/curl_fuzzer_sftp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_smb/test_url_smb delete mode 100644 corpora/curl_fuzzer_smb/test_wrongproto delete mode 100644 corpora/curl_fuzzer_smtp/test900 delete mode 100644 corpora/curl_fuzzer_smtp/test900_2 delete mode 100644 corpora/curl_fuzzer_smtp/test_mail_auth delete mode 100644 corpora/curl_fuzzer_smtp/test_smtps_with_oauth delete mode 100644 corpora/curl_fuzzer_smtp/test_url_smtp delete mode 100644 corpora/curl_fuzzer_smtp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_tftp/test_url_tftp delete mode 100644 corpora/curl_fuzzer_tftp/test_wrongproto delete mode 100644 corpora/curl_fuzzer_ws/basictest delete mode 100644 corpora/curl_fuzzer_ws/test_http_upgrade_to_ws delete mode 100644 corpora/curl_fuzzer_ws/ws_with_raw_mode_connect_test delete mode 100644 corpora/curl_fuzzer_ws/ws_with_raw_mode_test delete mode 100644 corpora/curl_fuzzer_ws/wss_test delete mode 100644 corpora/curl_fuzzer_ws/wss_with_basic_auth_test diff --git a/corpora/.gitignore b/corpora/.gitignore new file mode 100644 index 00000000..8d63b1b5 --- /dev/null +++ b/corpora/.gitignore @@ -0,0 +1 @@ +# Ignore all the scenario corpora diff --git a/corpora/curl_fuzzer/oss-fuzz-3327 b/corpora/curl_fuzzer/oss-fuzz-3327 deleted file mode 100644 index 064cc623a91b56994e98517507d12c478c027c41..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 27 gcmZQzWME+62r3CKu+leFU|<6B*i{r57)lxP0WJFjegFUf diff --git a/corpora/curl_fuzzer/test1 b/corpora/curl_fuzzer/test1 deleted file mode 100644 index f7b734a9c4a4adb40332fd63adaabdf32fa95e7d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 289 zcmX|+NlybY424sUxpTLAZknajWpYETf)*;s9|$v^MU-UJ@l?#eC#?jsFMfXdp3NqV zvFnDYvr=lao~u;aZj{vQim?fMa&9m6T!T>x-d^~fC$!+2VFoIP*LX?`tw3is%Wbke z?i~NX;|Y%z2zwI!WssHsLcaA$*u}D~S}YS~z!~TTJP+ZFPZVRd`lH-CUt5?Ot;|xC z#ab-#Y-O^1Gvzl$fgOo=A8PC^e2yuJ-^M@~NNh3G)L2-Zm4F4cF<2-LvB!Up8@u!c b;Sb4%z7PCi2w@Zr`gGNZeQM4{6{Fz4?DkRK diff --git a/corpora/curl_fuzzer/test10 b/corpora/curl_fuzzer/test10 deleted file mode 100644 index af1ed53cad20034597202618f4d071bd5aac3ef5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 226 zcmXYq-3r1m3`VP0lBdW6sBJ~i^;%F6f53{@on~%0thAYXeOooj#dqM4PYi?*STnzj zlzO(9s6bFG&$)ZG-rb<` WAyfX>Jnz8uS3I8W->=AV7YIHsZ90qq diff --git a/corpora/curl_fuzzer/test100 b/corpora/curl_fuzzer/test100 deleted file mode 100644 index b58d9335ae7ebfca3f08048555eca9977c1e37bb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 675 zcmbV|-A;or9L4J{Nq7ZwUZBvH@lh^JOtu@7Y2q6&sL`a3rIgLRy)6TcGsKVfAKG3V z&N)AFMF_cmvimZQxyU2tHZKb)MQl}PDQ7Gu3qlqr+uBM)urO%M@y$>_01C*$9e#aW z{3GQ854D95;7Q3cME@3ED#fSMH_J_R0tCRN%ux46Q=_!1I@N^%HFO-8kAwM`e)01$ zev=e;y#~+5pFFN_SDSShXy1C6K{BI8j+Lq%i$N{1ec6HDpzloVt{%Yv?#xciWSH3b zWUfe#Mjb|aQ-Gfs2Y>B2l?sQu<(X)NkfAGI=4@g`|=bu8^dfxvFzA3ts@@1JM R*!SBD*Yvlo9kehAgLiL=k_-R< diff --git a/corpora/curl_fuzzer/test100_2 b/corpora/curl_fuzzer/test100_2 deleted file mode 100644 index 71411963df65c43f5380f319995740fc64a16c1f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 128 zcmZQzWME*BODid`($_aMGS@QzLPIMHOG_jDlGNf7T|)x{eFi3=8g3&a0|k%NoSb|` jE(SrM0H=|GfkJR;Q7RXM5Gq#~l`8_`n!pu{qR0XO)14OH diff --git a/corpora/curl_fuzzer/test100_3 b/corpora/curl_fuzzer/test100_3 deleted file mode 100644 index 9ba49bda628bb37cf73d4f357b53426efb601733..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 261 zcmY+-O-lno3&Hcmw+f@1WVgHB-aH6i3WffHLZdD$Gi7$H^xqpVLdogL z`;x#J0Nj7%{jw-nnisO+<)Uq+$U5X_CW3RTT!;|9Yv0F52NPS2g$Os_NgZ6C^6HP( ze>ydaNP}-7YwE%$uD8R`9TZn_r#KTXy-4es#dAqsxc1ePgX`0)H^z~5k;%cWVZt)U x*FNcXcf`2Y;NZ^IQ;`}s8ZzoZ(=mV9M+Xm3I;e<8 z2|0v6eEFhAN~u#XvbA|m#Z`u>$Wk#WFV#`XKJM!JF{g}Rf&|OC(F<-H={Z=~FlSyi z!@0O9Z4+IU6A~d}Vf0NS&O+_?7l2cE;8!S+5U8}})FQ&|eQorUlktrCrBAER{Vq|y zhU(A+xrS{czRHcBaS#_|yl`PH-U1qJv^q(4@4t3MLN4bJ53wCMy1$y@`v}qVe&}H3 gpkD{xx$d8a>2`4K_rE`6qgUL$C4;kMaGZMd2?x4Y0{{R3 diff --git a/corpora/curl_fuzzer/test12 b/corpora/curl_fuzzer/test12 deleted file mode 100644 index 9ad91dc07d7b4987a06cdf27c453a933deb1b5aa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 464 zcmYL`O-{ow5QS4V2ur!cs4I|2VkiBJcNHKi)S?Q)0ZcM&ETv9}C#5|J*Tsz@Ro+-L zZ$7_y_C}uPK}poeC=&5JEP&wGi%oOEp@BWl?=eDqJEZKAUI3ouWbH5 W0B@5*#Xm)STs~8Z4`|6*@9Y;s>M1h- diff --git a/corpora/curl_fuzzer/test13 b/corpora/curl_fuzzer/test13 deleted file mode 100644 index 448077ddea5391e2eff285dc40e4bc61dd0021cf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 179 zcmWNLu?oU46h)(hLm>a~939#ubt#UWQIx;mDnk_*bkIFfqL)@k*-wCzpmTtlH0+|hLK^-=J%cZ80zE4rSB3W`$j z8Z8ob6@)lVJ|HXzy(cg*BoAk>;|qa?F>K+K?F1M6VNEJLV<7*A89xyNC5C8;GoB7? J>gL+C%^$IWGHCz+ diff --git a/corpora/curl_fuzzer/test1326 b/corpora/curl_fuzzer/test1326 deleted file mode 100644 index 8801fac96b89a05e0c2507d079de57ffe5115d64..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 62 zcmZQzWME(rFGRD#Ny0k1}2~qOCuu#1(34h)S|M~ tA_bd@y!`xvlFaz`dkegVNoRM101pv1N8^Qnp diff --git a/corpora/curl_fuzzer/test2 b/corpora/curl_fuzzer/test2 deleted file mode 100644 index 8b44d671944e743fb107f3b40823c5d634d7f54f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 182 zcmW-b%?iRW5QL-ll)LwR0NW&`pv_fLLHq&p0!3E}*0eO+YLC9TTiHF#@a+sMCPIjL zNz_=SOu9@okFhJQQZZ%p-8*+tCNYp|4d;X06oeLB*)2flaH@L-MuW+0mRmmA9i6;l z+hc2iFi;%+Mm>rrLU@N;RR@&o+7o(;-Oz9w;fGX7uS#w^?}xa=;%;HUz$?X!--yPz Jh(^_M;SW#~F_ZuR diff --git a/corpora/curl_fuzzer/test271 b/corpora/curl_fuzzer/test271 deleted file mode 100644 index 3a26767f7e90f6525ddfdee3e4e68314268d585a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 74 zcmZQzWME*BDoHCTu+rBzG&0vS076463rkCLeSITyLk1?Gyh@@%az<%hwnBayS4v_@ aB3DsrNoi4DY6_P^NxnjIPG)Le2^RoRtrENd diff --git a/corpora/curl_fuzzer/test3 b/corpora/curl_fuzzer/test3 deleted file mode 100644 index 81c6670aaad4f8f1d81662b36f2adaf92481bf19..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 242 zcmYLDK?=e^3|zHd7JBxYi@k{MwjR`iCoh76g8e|TX;;*4X;V>O;giiOVlspYGbAHA zLWqGOs$!+WXg1N@VLV?fw3>=8i?4N(>{U3?5NQp&jV}*a->{B>u%U7DSyY~$(U&V* z5|%Vh9u+$MPRh{r@)x#P7Gz@3zVs!TQv-}Fr4;anC6KXgVc>V>>vom~3CO||Yb!;M kQ+e*8@EmJ7g6K0F=GNNfl}AuHcD%G0WK4#U{$j-S2D24Jc>n+a diff --git a/corpora/curl_fuzzer/test39 b/corpora/curl_fuzzer/test39 deleted file mode 100644 index 7fdb86743954b3cfe1594113315bfdde2681854b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 184 zcmX9%+X})k6ssaW6sm7NpAT@hoda!O6%@RJ{eg-{C(dqc$L;qmNxcoB(W#Cx0vC#^2W;0{s zW^-_YU$Abmwm{fW()@zF`xgqnDg$AlWRKxNxdp8R7yMfIKRFZeb;3qb2f@FQjiVdh Ie0XB<1@-_f6951J diff --git a/corpora/curl_fuzzer/test4 b/corpora/curl_fuzzer/test4 deleted file mode 100644 index 3fa395a2983858e8cfb41df7eb3c5e38407a3917..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 336 zcmYk0O-sZu6h*5Gg`g;I+`b=RCP}Sm)0K?qfcODsG27CXP)Q%Y>kmLibygZ#`YofYBGtV-*s=I^wRs`dFPM6s%jmPA%P^0 zVYLi=hUyI!g?rv8p~bTa%aTRuFb@2pHb|k`;{cKoFqFqb1jvM5jA@#};=T&}8_^r= zO;{bIEjIXWqSkb~V`CHE2=U78>*n>aMy0tvmSz%FSNC={1$>uWq0Z)t4=c{?KF7k4gFN^YeIs3lF%U+whuRF{>_NQO}M)OYY4()!6*&jEYfD>>6PQVE` z0Vm)DoPZN>0#3jQID!8xU=xeFX)$bUZlT1Ef>iv?1|6SC#vS%s(^5!D;0J!yat-c#|OK97Rp8)+VFl0%_-y1{$F#F1<3#a diff --git a/corpora/curl_fuzzer/test5 b/corpora/curl_fuzzer/test5 deleted file mode 100644 index bdaac4e663e73afc1c02db8b9ad26e0f7509f72a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 185 zcmW-Z%?iRW5QL-0JjH@XZ8s5%HdjRj@dwNc1YHeS)6%TgUVULsuycWty<=?Lov;`cVweWst+glAxrV7yaNNn2V=`d5W9G(>PT`~2d2Q8?VI$*^kMY;tmOI?LZ5kZ KR|7r8WGR1`RyDl< diff --git a/corpora/curl_fuzzer/test567 b/corpora/curl_fuzzer/test567 deleted file mode 100644 index 75223543544abc78a7687add555999029bf571ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 172 zcmWlRy$XXc7y#2X;Lx$#_W-Fe_D9HOHG{O6U?Qbsl?+0lZKC!O`r1_vZaFx#K?v>q z7~Y&xmS%CXz&J|}M|wJEXuITJW3-|yP9RMZkk<%n>u2jZtf8cC==#aK{b<7&;X>OF z2Nq#9b#CZ6ltLFxbrA%lGL@_~0WD0c2pEw!rM%Y!)GdE3&RZ>(!#Y!bn4hEN5Wb;z IuV5qm2NpRkm;e9( diff --git a/corpora/curl_fuzzer/test6 b/corpora/curl_fuzzer/test6 deleted file mode 100644 index 98d9be2161c9822fa1ff4b482132b77272afc14c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 223 zcmXwzL5cz~5JjUKA!l%rtzcV8BWg!nDJqDgU@j1~G@vGpDQ)`(bL@!@@@w;`$LF&K zW31zdN)4d$VNa$gJt_(b6+&e_0Xa)h+B3p{HIx3kG-eB`r$jEL*sS=>5^7=Gqbp<~ ze!??7loYD3`-M)*Vr}>i?@zpIK^Q5EAApm+AfE1deW3K7V*$XAbRA kiyC7(9;4B54miHLF_PK*Z%dJ57DDzV~^u^qqpq#Ouj~c D$AVY= diff --git a/corpora/curl_fuzzer/test800 b/corpora/curl_fuzzer/test800 deleted file mode 100644 index a5899be43dd4086ec49cdba0615b18b9b203bd9b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 137 zcmZQzWME)W$jnVFu+rBzG&0vS07646O9KOAeG3Bved|z97h6LHCZH;Jx1#)9D}~%t zhvNL))bfnfqEue4kbEnJw8ZRGhrE2K2rpMseo7@T7cZBtE-#mYLS=qwQL#dCW?nK- cLk>`aff;BROKEXx5d#a5#a5h}T$EY@0Lnok5C8xG diff --git a/corpora/curl_fuzzer/test800_2 b/corpora/curl_fuzzer/test800_2 deleted file mode 100644 index db1f130ed8b33195f107bc70bb0d6a9e8308ec61..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 280 zcmX|*K}*9x5QSHdBYUu(g*j>bvF3sFs@A%U`4~mRJ3`cnmA|^;A{3y!=?FCIJ}sm h<-oypIUu&?vu>~{m$?lrtZ~e{MSizv`{{oJhhKf6Mil@6 diff --git a/corpora/curl_fuzzer/test850 b/corpora/curl_fuzzer/test850 deleted file mode 100644 index 22c08dcfc6b7d666057a33005041dca1c2bd61bf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 130 zcmZQzWME*BEXXe~w$j%(G&0vS07646O9KN#eG5|q1}31iyIWCyu9ZS=szY&pZfbc( zYEddLS4h5my4H6SC^MdL7_6gw5V92I5RI9s38X^!N3eO VjHR?VwTOWQ$YLu_O)g3;0RY>HAT0m@ diff --git a/corpora/curl_fuzzer/test900 b/corpora/curl_fuzzer/test900 deleted file mode 100644 index eecf0cbafe89bcab9d4dcd0e5dc2358b71f0a175..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 129 zcmZQzWME*BEY2+{u+rBzG&0vS07646O9KN_eIUWW1e9h}VBi5#LdB_hDXB#csTGO2 z1v#mD$@#eq96)g;x1#)9D}|KIw6xTs)Vva|kbEnJ#Jv2HjMO47uB7~wN-hR&pgPf_ N)a1;9OrQ#6BLGd`A%*|| diff --git a/corpora/curl_fuzzer/test900_2 b/corpora/curl_fuzzer/test900_2 deleted file mode 100644 index c27a76bc4b5f07e622cc2a8718d810833fd0c1fc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 241 zcmYj~F%N<;5JpcIO?44vaBHG-DHTweTrhDklECDKP-3G{QW*5#dpMCxE_vVgat9*- zShrQzgpT8iJ>xiTc;wu7aKRYsjS!sn3X`9#YTlCNx}s5XO=BACwky?#zyd`}_?#w} zdqiC?IB*_#1T4%aeSUipSPo&;!_N2qjXiAU2v#fWLYmXyB}_5jo{g?TTBx#=M%Eok cbx5;XcTZ^udFbLx7=am@wvoAN6gtBrKl*kzxBvhE diff --git a/corpora/curl_fuzzer/test_accept_encoding b/corpora/curl_fuzzer/test_accept_encoding deleted file mode 100644 index 1ebdb7f710bb92371352f85d42eb8a6679de2cc9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 278 zcmZQzWME(r%qS@-u+rBzG&0vS076531}32JXOEDO0DVI}Lj@xP0|kF?UM`o!l2j{& zkkV8g1w(TM|Kt*&43J@DWMyD%WooA2?i<3(<(!{alA2ed8&X*SRGe5)kdv95Sdy8a zr=L}vpNEk5NzF?y$*@u|G&Dd6y5=S4r)1`(TPdVhWft&q@p8#`b1-n!KZ|5wUi~a6 zAi!(=DIEbuxTxmyaG~3N)yJg$<`{r$KiKvTyVRSVr{@`j@*Q1HXpv*K5NrfI!>?uW_3Z+M? zcu?RQ)^uq*Acr-*q#u}r76uY2T9k-s;B45 zw*{bwxW|(n?+e>Rig1}45J82B?4b2y;AbR#FnysM3|{~OR2(zqg}%FW9l!Et#kv%v zm1l=~n`YlI!udFd>de5`{gcx{-*s~9c3M-&0yMff)hTB%MaQ@w74VNSuB(8T*7`KC zx6EjPhIwXI85`&#)00_ha{>SIPBA-3WE)xeROIC_Ydx61`8W74$_YX?$@~$tNf+}s g;+sonsA?x+h{y5$C)VhHU2|xB2lx37uJ9{f0ikudZ2$lO diff --git a/corpora/curl_fuzzer/test_ftp_wildcard b/corpora/curl_fuzzer/test_ftp_wildcard deleted file mode 100644 index e790dbc49b1b061b2731325c396b95db64cc57c9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 885 zcmbVKT~FIE6g6ls1m$7l^KFMolVD03`=)7|JWQHIC4^L%fCpYnVn(HqREb;0zu$Fe znZi`TaGcmT^6~l56>CC>ueWBJ1c9P{NAjbRK^#+HbZz{6Qk&pg=g!>cVx5m}5=ors zJTDI%@sWRQkd(NbRoW4s+T~We+_q)+`S1>xMAXNyFuIx)zwmQh*OR%%sLV7DNrfI! z>?uW_3Z+M?=XH-9vD?0NkIOGAvJ%o%*R|^q^)Q_4>e1ZUTWehy*Ae?|*k>WuOH-P0 z4w9~uRS&-_-%bDn!~XRHGeCZW4x=&Td|?MsIb^p>Yo$a1VaqckK_bW4nO> diff --git a/corpora/curl_fuzzer/test_wrongproto b/corpora/curl_fuzzer/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer/timeout-4625841444093952 b/corpora/curl_fuzzer/timeout-4625841444093952 deleted file mode 100644 index 9a95f306adfc9558add823c0941527b96a6f529f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8332 zcmeHNL2uJA6n4=B$WqRLgqWoXCN?#8(sgT!n2N>*VwyIw9=NuvQLCj%m81&2B96Nw z!4KdUaOTE80d8>bHq1-XZS9&iUD&#AN?Iv#?8JS~{=WAhf(pfD z_DjjxGf2$8DeH1d=xg(aE6C#az=r*6q`sG@p}QXgLyi(6EY6{505vQ@I2T1h7> zrr~hIkucYJ$>z3%(^k6kB}a#Hbm5;fS@No>6J?PQMJrY0s#Dh`%oro(nnBXbq-k3e zE+t&Cpvm#GR0$eu(yWd(jg+CT)>n%>YwtD8M&>bCq%O*A32e%1A7&WMWqo_m+WdWJ zCy*KOJt?u%|Z`0*c70dEGPOpA_-74F}tTjLFalIws`OWn;3`SNB*>oittX!Ql zOxv}0bkpYeN!_gQr{EZcu!X#`pyk1u7aK*q4Sh_#E$wnN4-I6fKNS0^ zX>pJewqFkJdv`morEu1AodW54!_e0Um4UmlB!ai@h4(g~huH`VLc18jpun0L;!V7F zSv1^DF*}hY3Ay0)w!I<=7fEfg4_BRgDr2~gJ)HTI_4dQg3dPL`X~|`T;h~9N z4=45#e1AF_)9N0APr~RpyqsjC5E?=RO;k4e##d9PsB{Eej~zyl16jOWSROB**KEOpnt>kO^?6~WrQSus9mxA!COK&HR&gP5JOfw zLMLN1czeQAB(4$}AG*>M)At>c9^*Pql7A%mM}$}&w3-?^$Iq81uS5QkAZ$VrcJ}>) z&>0^cQ6~srumYGM)Ze7&+K@;PnjkdL$9-!<0~V;FbaPyym^|G)Vt#-3LUt4{i#UgE k)0JBehy7;8(!d}zlU0`_41WkP_>NQCDBAe>sVXY}1MP!basU7T diff --git a/corpora/curl_fuzzer_dict/test1450 b/corpora/curl_fuzzer_dict/test1450 deleted file mode 100644 index 6012361689c7b4515158909b2c5acc08e9bf7263..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 98 zcmZQzWME*BP036yvC`K!G&0vS07646O9MkQ{S>RD#Ny0k1}2~qOCuu#1(34h)S|M~ tA_bd@y!`xvlFaz`dkegVNoRM101pv1N8^Qnp diff --git a/corpora/curl_fuzzer_dict/test_url_dict b/corpora/curl_fuzzer_dict/test_url_dict deleted file mode 100644 index 4e45bad5758a4098fd9661f9486ba9c805ec8a92..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rNXbktvC`K!G&0vS0763mC?*60 diff --git a/corpora/curl_fuzzer_dict/test_wrongproto b/corpora/curl_fuzzer_dict/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_file/test_file_nobody b/corpora/curl_fuzzer_file/test_file_nobody deleted file mode 100644 index ba1cf18647f46e00acdfcde69669d28a62a7d3d7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 50 wcmZQzWME*BNXyJgwbIwuFDS}S)-O)YNz*SbNh~QXW{?KTvH&q7gA9xX03YWGA^-pY diff --git a/corpora/curl_fuzzer_file/test_url_file b/corpora/curl_fuzzer_file/test_url_file deleted file mode 100644 index 156a8e0df11d667a646213e01a222d2826f43347..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rNXyJgwbIu&G&0vS0763mC;c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_ftp/test_ftp_list b/corpora/curl_fuzzer_ftp/test_ftp_list deleted file mode 100644 index be90ebfe58299d0e8c2ca5463bd3ea0cbb770874..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 879 zcmbVKO;6)65H*MkK{@cXaO1%Vq@=MYP21#vghVBTR6xLiYe~FIrEG!{x4^$=Tv|{- z)h;-b*c18reaK=-2(kCuJSIV)sN0hKsH7Li6c}9_KOfa55X-!2jY#55=XtsBh;{z4 zN>buxTxmyaG~3N)yJg$<`{r$KiKvTyVRSVr{@`j@*Q1HXpv*K5NrfI!>?uW_3Z+M? zcu?RQ)^uq*Acr-*q#u}r76uY2T9k-s;B45 zw*{bwxW|(n?+e>Rig1}45J82B?4b2y;AbR#FnysM3|{~OR2(zqg}%FW9l!Et#kv%v zm1l=~n`YlI!udFd>de5`{gcx{-*s~9c3M-&0yMff)hTB%MaQ@w74VNSuB(8T*7`KC zx6EjPhIwXI85`&#)00_ha{>SIPBA-3WE)xeROIC_Ydx61`8W74$_YX?$@~$tNf+}s g;+sonsA?x+h{y5$C)VhHU2|xB2lx37uJ9{f0ikudZ2$lO diff --git a/corpora/curl_fuzzer_ftp/test_ftp_wildcard b/corpora/curl_fuzzer_ftp/test_ftp_wildcard deleted file mode 100644 index e790dbc49b1b061b2731325c396b95db64cc57c9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 885 zcmbVKT~FIE6g6ls1m$7l^KFMolVD03`=)7|JWQHIC4^L%fCpYnVn(HqREb;0zu$Fe znZi`TaGcmT^6~l56>CC>ueWBJ1c9P{NAjbRK^#+HbZz{6Qk&pg=g!>cVx5m}5=ors zJTDI%@sWRQkd(NbRoW4s+T~We+_q)+`S1>xMAXNyFuIx)zwmQh*OR%%sLV7DNrfI! z>?uW_3Z+M?=XH-9vD?0NkIOGAvJ%o%*R|^q^)Q_4>e1ZUTWehy*Ae?|*k>WuOH-P0 z4w9~uRS&-_-%bDn!~XRHGeCZW4x=&Td|?MsIb^p>Yo$a1VaqckK_bW4nO> diff --git a/corpora/curl_fuzzer_ftp/test_url_ftp b/corpora/curl_fuzzer_ftp/test_url_ftp deleted file mode 100644 index 23670bf369dad85b0aef368c0775a1c228257766..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 21 acmZQzWME+6Pb(>~($_aMGS@QzLPG!|Q3I#| diff --git a/corpora/curl_fuzzer_ftp/test_wrongproto b/corpora/curl_fuzzer_ftp/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_gopher/test1201 b/corpora/curl_fuzzer_gopher/test1201 deleted file mode 100644 index 49a8746628d42e3dd96bae364818e4b2cbe31c24..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 146 zcmZXMF%H5o3`GN*BjpY~LF}+p?TWgAkSJm=U}&VMMo!B4$-sub-uB)%8)FQ;BWl?=eDqJEZKAUI3ouWbH5 W0B@5*#Xm)STs~8Z4`|6*@9Y;s>M1h- diff --git a/corpora/curl_fuzzer_gopher/test_url_gopher b/corpora/curl_fuzzer_gopher/test_url_gopher deleted file mode 100644 index d35959ff24aa0d3d2024cd0c362630fc90d8aef6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 24 dcmZQzWME(rO3yFING-C`*EcjW*E0Y@LjX6x1m*w$ diff --git a/corpora/curl_fuzzer_gopher/test_wrongproto b/corpora/curl_fuzzer_gopher/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_http/test1 b/corpora/curl_fuzzer_http/test1 deleted file mode 100644 index f7b734a9c4a4adb40332fd63adaabdf32fa95e7d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 289 zcmX|+NlybY424sUxpTLAZknajWpYETf)*;s9|$v^MU-UJ@l?#eC#?jsFMfXdp3NqV zvFnDYvr=lao~u;aZj{vQim?fMa&9m6T!T>x-d^~fC$!+2VFoIP*LX?`tw3is%Wbke z?i~NX;|Y%z2zwI!WssHsLcaA$*u}D~S}YS~z!~TTJP+ZFPZVRd`lH-CUt5?Ot;|xC z#ab-#Y-O^1Gvzl$fgOo=A8PC^e2yuJ-^M@~NNh3G)L2-Zm4F4cF<2-LvB!Up8@u!c b;Sb4%z7PCi2w@Zr`gGNZeQM4{6{Fz4?DkRK diff --git a/corpora/curl_fuzzer_http/test10 b/corpora/curl_fuzzer_http/test10 deleted file mode 100644 index af1ed53cad20034597202618f4d071bd5aac3ef5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 226 zcmXYq-3r1m3`VP0lBdW6sBJ~i^;%F6f53{@on~%0thAYXeOooj#dqM4PYi?*STnzj zlzO(9s6bFG&$)ZG-rb<` WAyfX>Jnz8uS3I8W->=AV7YIHsZ90qq diff --git a/corpora/curl_fuzzer_http/test100 b/corpora/curl_fuzzer_http/test100 deleted file mode 100644 index b58d9335ae7ebfca3f08048555eca9977c1e37bb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 675 zcmbV|-A;or9L4J{Nq7ZwUZBvH@lh^JOtu@7Y2q6&sL`a3rIgLRy)6TcGsKVfAKG3V z&N)AFMF_cmvimZQxyU2tHZKb)MQl}PDQ7Gu3qlqr+uBM)urO%M@y$>_01C*$9e#aW z{3GQ854D95;7Q3cME@3ED#fSMH_J_R0tCRN%ux46Q=_!1I@N^%HFO-8kAwM`e)01$ zev=e;y#~+5pFFN_SDSShXy1C6K{BI8j+Lq%i$N{1ec6HDpzloVt{%Yv?#xciWSH3b zWUfe#Mjb|aQ-Gfs2Y>B2l?sQu<(X)NkfAGI=4@g`|=bu8^dfxvFzA3ts@@1JM R*!SBD*Yvlo9kehAgLiL=k_-R< diff --git a/corpora/curl_fuzzer_http/test100_2 b/corpora/curl_fuzzer_http/test100_2 deleted file mode 100644 index 71411963df65c43f5380f319995740fc64a16c1f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 128 zcmZQzWME*BODid`($_aMGS@QzLPIMHOG_jDlGNf7T|)x{eFi3=8g3&a0|k%NoSb|` jE(SrM0H=|GfkJR;Q7RXM5Gq#~l`8_`n!pu{qR0XO)14OH diff --git a/corpora/curl_fuzzer_http/test100_3 b/corpora/curl_fuzzer_http/test100_3 deleted file mode 100644 index 9ba49bda628bb37cf73d4f357b53426efb601733..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 261 zcmY+-O-lno3&Hcmw+f@1WVgHB-aH6i3WffHLZdD$Gi7$H^xqpVLdogL z`;x#J0Nj7%{jw-nnisO+<)Uq+$U5X_CW3RTT!;|9Yv0F52NPS2g$Os_NgZ6C^6HP( ze>ydaNP}-7YwE%$uD8R`9TZn_r#KTXy-4es#dAqsxc1ePgX`0)H^z~5k;%cWVZt)U x*FNcXcf`2Y;NZ^IQ;`}s8ZzoZ(=mV9M+Xm3I;e<8 z2|0v6eEFhAN~u#XvbA|m#Z`u>$Wk#WFV#`XKJM!JF{g}Rf&|OC(F<-H={Z=~FlSyi z!@0O9Z4+IU6A~d}Vf0NS&O+_?7l2cE;8!S+5U8}})FQ&|eQorUlktrCrBAER{Vq|y zhU(A+xrS{czRHcBaS#_|yl`PH-U1qJv^q(4@4t3MLN4bJ53wCMy1$y@`v}qVe&}H3 gpkD{xx$d8a>2`4K_rE`6qgUL$C4;kMaGZMd2?x4Y0{{R3 diff --git a/corpora/curl_fuzzer_http/test12 b/corpora/curl_fuzzer_http/test12 deleted file mode 100644 index 9ad91dc07d7b4987a06cdf27c453a933deb1b5aa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 464 zcmYL`O-{ow5QS4V2ur!cs4I|2VkiBJcNHKi)S?Q)0ZcM&ETv9}C#5|J*Tsz@Ro+-L zZ$7_y_C}uPK}poeC=&5JEP&wGi%oOEp@BWl?=eDqJEZKAUI3ouWbH5 W0B@5*#Xm)STs~8Z4`|6*@9Y;s>M1h- diff --git a/corpora/curl_fuzzer_http/test13 b/corpora/curl_fuzzer_http/test13 deleted file mode 100644 index 448077ddea5391e2eff285dc40e4bc61dd0021cf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 179 zcmWNLu?oU46h)(hLm>a~939#ubt#UWQIx;mDnk_*bkIFfqL)@k*-wCzpmTtlH0+|hLK^-=J%cZ80zE4rSB3W`$j z8Z8ob6@)lVJ|HXzy(cg*BoAk>;|qa?F>K+K?F1M6VNEJLV<7*A89xyNC5C8;GoB7? J>gL+C%^$IWGHCz+ diff --git a/corpora/curl_fuzzer_http/test1326 b/corpora/curl_fuzzer_http/test1326 deleted file mode 100644 index 8801fac96b89a05e0c2507d079de57ffe5115d64..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 62 zcmZQzWME(rFGRD#Ny0k1}2~qOCuu#1(34h)S|M~ tA_bd@y!`xvlFaz`dkegVNoRM101pv1N8^Qnp diff --git a/corpora/curl_fuzzer_http/test2 b/corpora/curl_fuzzer_http/test2 deleted file mode 100644 index 8b44d671944e743fb107f3b40823c5d634d7f54f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 182 zcmW-b%?iRW5QL-ll)LwR0NW&`pv_fLLHq&p0!3E}*0eO+YLC9TTiHF#@a+sMCPIjL zNz_=SOu9@okFhJQQZZ%p-8*+tCNYp|4d;X06oeLB*)2flaH@L-MuW+0mRmmA9i6;l z+hc2iFi;%+Mm>rrLU@N;RR@&o+7o(;-Oz9w;fGX7uS#w^?}xa=;%;HUz$?X!--yPz Jh(^_M;SW#~F_ZuR diff --git a/corpora/curl_fuzzer_http/test271 b/corpora/curl_fuzzer_http/test271 deleted file mode 100644 index 3a26767f7e90f6525ddfdee3e4e68314268d585a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 74 zcmZQzWME*BDoHCTu+rBzG&0vS076463rkCLeSITyLk1?Gyh@@%az<%hwnBayS4v_@ aB3DsrNoi4DY6_P^NxnjIPG)Le2^RoRtrENd diff --git a/corpora/curl_fuzzer_http/test3 b/corpora/curl_fuzzer_http/test3 deleted file mode 100644 index 81c6670aaad4f8f1d81662b36f2adaf92481bf19..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 242 zcmYLDK?=e^3|zHd7JBxYi@k{MwjR`iCoh76g8e|TX;;*4X;V>O;giiOVlspYGbAHA zLWqGOs$!+WXg1N@VLV?fw3>=8i?4N(>{U3?5NQp&jV}*a->{B>u%U7DSyY~$(U&V* z5|%Vh9u+$MPRh{r@)x#P7Gz@3zVs!TQv-}Fr4;anC6KXgVc>V>>vom~3CO||Yb!;M kQ+e*8@EmJ7g6K0F=GNNfl}AuHcD%G0WK4#U{$j-S2D24Jc>n+a diff --git a/corpora/curl_fuzzer_http/test39 b/corpora/curl_fuzzer_http/test39 deleted file mode 100644 index 7fdb86743954b3cfe1594113315bfdde2681854b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 184 zcmX9%+X})k6ssaW6sm7NpAT@hoda!O6%@RJ{eg-{C(dqc$L;qmNxcoB(W#Cx0vC#^2W;0{s zW^-_YU$Abmwm{fW()@zF`xgqnDg$AlWRKxNxdp8R7yMfIKRFZeb;3qb2f@FQjiVdh Ie0XB<1@-_f6951J diff --git a/corpora/curl_fuzzer_http/test4 b/corpora/curl_fuzzer_http/test4 deleted file mode 100644 index 3fa395a2983858e8cfb41df7eb3c5e38407a3917..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 336 zcmYk0O-sZu6h*5Gg`g;I+`b=RCP}Sm)0K?qfcODsG27CXP)Q%Y>kmLibygZ#`YofYBGtV-*s=I^wRs`dFPM6s%jmPA%P^0 zVYLi=hUyI!g?rv8p~bTa%aTRuFb@2pHb|k`;{cKoFqFqb1jvM5jA@#};=T&}8_^r= zO;{bIEjIXWqSkb~V`CHE2=U78>*n>aMy0tvmSz%FSNC={1$>uWq0Z)t4=c{?KF7k4gFN^YeIs3lF%U+whuRF{>_NQO}M)OYY4()!6*&jEYfD>>6PQVE` z0Vm)DoPZN>0#3jQID!8xU=xeFX)$bUZlT1Ef>iv?1|6SC#vS%s(^5!D;0J!yat-c#|OK97Rp8)+VFl0%_-y1{$F#F1<3#a diff --git a/corpora/curl_fuzzer_http/test5 b/corpora/curl_fuzzer_http/test5 deleted file mode 100644 index bdaac4e663e73afc1c02db8b9ad26e0f7509f72a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 185 zcmW-Z%?iRW5QL-0JjH@XZ8s5%HdjRj@dwNc1YHeS)6%TgUVULsuycWty<=?Lov;`cVweWst+glAxrV7yaNNn2V=`d5W9G(>PT`~2d2Q8?VI$*^kMY;tmOI?LZ5kZ KR|7r8WGR1`RyDl< diff --git a/corpora/curl_fuzzer_http/test567 b/corpora/curl_fuzzer_http/test567 deleted file mode 100644 index 75223543544abc78a7687add555999029bf571ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 172 zcmWlRy$XXc7y#2X;Lx$#_W-Fe_D9HOHG{O6U?Qbsl?+0lZKC!O`r1_vZaFx#K?v>q z7~Y&xmS%CXz&J|}M|wJEXuITJW3-|yP9RMZkk<%n>u2jZtf8cC==#aK{b<7&;X>OF z2Nq#9b#CZ6ltLFxbrA%lGL@_~0WD0c2pEw!rM%Y!)GdE3&RZ>(!#Y!bn4hEN5Wb;z IuV5qm2NpRkm;e9( diff --git a/corpora/curl_fuzzer_http/test6 b/corpora/curl_fuzzer_http/test6 deleted file mode 100644 index 98d9be2161c9822fa1ff4b482132b77272afc14c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 223 zcmXwzL5cz~5JjUKA!l%rtzcV8BWg!nDJqDgU@j1~G@vGpDQ)`(bL@!@@@w;`$LF&K zW31zdN)4d$VNa$gJt_(b6+&e_0Xa)h+B3p{HIx3kG-eB`r$jEL*sS=>5^7=Gqbp<~ ze!??7loYD3`-M)*Vr}>i?@zpIK^Q5EAApm+AfE1deW3K7V*$XAbRA kiyC7(9;4B54miHLF_PK*Z%dJ57DDzV~^u^qqpq#Ouj~c D$AVY= diff --git a/corpora/curl_fuzzer_http/test800 b/corpora/curl_fuzzer_http/test800 deleted file mode 100644 index a5899be43dd4086ec49cdba0615b18b9b203bd9b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 137 zcmZQzWME)W$jnVFu+rBzG&0vS07646O9KOAeG3Bved|z97h6LHCZH;Jx1#)9D}~%t zhvNL))bfnfqEue4kbEnJw8ZRGhrE2K2rpMseo7@T7cZBtE-#mYLS=qwQL#dCW?nK- cLk>`aff;BROKEXx5d#a5#a5h}T$EY@0Lnok5C8xG diff --git a/corpora/curl_fuzzer_http/test800_2 b/corpora/curl_fuzzer_http/test800_2 deleted file mode 100644 index db1f130ed8b33195f107bc70bb0d6a9e8308ec61..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 280 zcmX|*K}*9x5QSHdBYUu(g*j>bvF3sFs@A%U`4~mRJ3`cnmA|^;A{3y!=?FCIJ}sm h<-oypIUu&?vu>~{m$?lrtZ~e{MSizv`{{oJhhKf6Mil@6 diff --git a/corpora/curl_fuzzer_http/test850 b/corpora/curl_fuzzer_http/test850 deleted file mode 100644 index 22c08dcfc6b7d666057a33005041dca1c2bd61bf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 130 zcmZQzWME*BEXXe~w$j%(G&0vS07646O9KN#eG5|q1}31iyIWCyu9ZS=szY&pZfbc( zYEddLS4h5my4H6SC^MdL7_6gw5V92I5RI9s38X^!N3eO VjHR?VwTOWQ$YLu_O)g3;0RY>HAT0m@ diff --git a/corpora/curl_fuzzer_http/test900 b/corpora/curl_fuzzer_http/test900 deleted file mode 100644 index eecf0cbafe89bcab9d4dcd0e5dc2358b71f0a175..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 129 zcmZQzWME*BEY2+{u+rBzG&0vS07646O9KN_eIUWW1e9h}VBi5#LdB_hDXB#csTGO2 z1v#mD$@#eq96)g;x1#)9D}|KIw6xTs)Vva|kbEnJ#Jv2HjMO47uB7~wN-hR&pgPf_ N)a1;9OrQ#6BLGd`A%*|| diff --git a/corpora/curl_fuzzer_http/test900_2 b/corpora/curl_fuzzer_http/test900_2 deleted file mode 100644 index c27a76bc4b5f07e622cc2a8718d810833fd0c1fc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 241 zcmYj~F%N<;5JpcIO?44vaBHG-DHTweTrhDklECDKP-3G{QW*5#dpMCxE_vVgat9*- zShrQzgpT8iJ>xiTc;wu7aKRYsjS!sn3X`9#YTlCNx}s5XO=BACwky?#zyd`}_?#w} zdqiC?IB*_#1T4%aeSUipSPo&;!_N2qjXiAU2v#fWLYmXyB}_5jo{g?TTBx#=M%Eok cbx5;XcTZ^udFbLx7=am@wvoAN6gtBrKl*kzxBvhE diff --git a/corpora/curl_fuzzer_http/test_accept_encoding b/corpora/curl_fuzzer_http/test_accept_encoding deleted file mode 100644 index 1ebdb7f710bb92371352f85d42eb8a6679de2cc9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 278 zcmZQzWME(r%qS@-u+rBzG&0vS076531}32JXOEDO0DVI}Lj@xP0|kF?UM`o!l2j{& zkkV8g1w(TM|Kt*&43J@DWMyD%WooA2?i<3(<(!{alA2ed8&X*SRGe5)kdv95Sdy8a zr=L}vpNEk5NzF?y$*@u|G&Dd6y5=S4r)1`(TPdVhWft&q@p8#`b1-n!KZ|5wUi~a6 zAi!(=DIEUYjYflU*m%J+ z>N+&RQm3In>}Bfgh=L2w7L$5YdV8}I`#$)cesgh=2O_!CaBY_UQ(0w14~rV=y4_3l E0nE(I) diff --git a/corpora/curl_fuzzer_http/test_alt_svc_with_ma b/corpora/curl_fuzzer_http/test_alt_svc_with_ma deleted file mode 100644 index dca084d3605766998a178f222392e814ec22458e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 223 zcmZXOy$gas7{;%Lpo43#>2U7+o(>#D2*JT1hc+>J$)nR(^pO7iOd5o?2Y$~N*$_gG zjWNA+oDqfz1{>a0+iS3EY{_=UV_Fnf$Fn`|yDrZ&MpGP(ZxY-`?o&!^p6`L;t5O$?8E@l`c;y5<9xatGrs`7imHy7Vd_7Xzo*bR*@6hvU z`xM2jH&$LQGrrb$@!y&<&*`8nyL!CCgijm!gS>;n{8ydY_}a5S$i8*OixrnnGca5S z`G$e9noB`JDX}QMSjkGEx>g6o%ScU3Ni6~k0J%T`$K>SHf)bztB`tj|C6F4Rphtc& zSST+Y6pluE`9NJVxQ4+Lg=Hp!Of*t}7*L@E zG!|lieo$e zF0oQ5PAw`+Ez(0$50({l&dUn z;vur^*Y;zFoDf2;8|OxmruYs0*kPh{FEW;~R5jq9ATMuJUXfF;{9UY8%akXaa>i+~ zZk=k{pI3fy9( zo(s-{;I1#|yMMs;s|B+gL@2)Q7k_}UVf^%Qf7Y8(OXZ*A@bI;kqOQEVG_XY&kpBXI DQInyI diff --git a/corpora/curl_fuzzer_http/test_http_with_hsts b/corpora/curl_fuzzer_http/test_http_with_hsts deleted file mode 100644 index 4771f6b6ef4a0cba0aaafd11b08a248d26caf6ad..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 269 zcmZ9`F;2uV5QSkwX~`#`nF|CvB!b0=3W_bZK*SgDI-`w&j3av@ZG^Zk=O7CW+H&4} z#V;;|5LW~9WVODj8*^uF+orJ_voSghp2g(~zPHZ3==!>b6@bHWO4;WHUa^lE11s5a zj)5zeJ(cyzRfl2DkrxZ2KUV&LkN3vZ4-hGQ%sqDV{yB|4Qc-f3g6EjX!l|R2g|uz+ z8=~Yk75+14WNlUQDG?)awL?1aVBz27mI*B|9$CMYL`o|839;}H%jvf89;x^6^#dAO BQ3?P6 diff --git a/corpora/curl_fuzzer_http/test_http_with_hsts_tlv b/corpora/curl_fuzzer_http/test_http_with_hsts_tlv deleted file mode 100644 index 8f06e2cdb01c69e679d656cc0c735c09576c859d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 207 zcmYL@%L;-(6o#kEN)YM|W?ksmg@TDzwFn9d^aVycsi1R)@fi6UJ#lB(;@|w2k6(<0 z5c7)2X{AcUvVpk3R*c#HUb5_=R`E)%lSJOHVUU7nf zZMjCiE;#VUb`Cv7DHOf0Y0$DYpU9MO+-;IQQ^>tZIY4ft$TQ<8Xrj~&NTFwHG9Q*$RJ8Pp8cEZ@vYn05#kAvy# znNRfwb5mk(TjbjD4!`WTr8${lAza{(oe^bV>MpvfmdOs5wDtU&P*)sBz8CJuChM0!C@Ee{lSKsoff4NaO?W^XIy?EUg#Es= zJ!YT$WWHQ`ll%w=i>gH4Bis^rSAX~ored9z^8hHg{d&umW6h_kDm{^BAv{!6fX3~&WI{Bb_ERp>=I$H%gnKOm6Qn*(rB_m zQk!`aMc*JggKI3RLTL=glGH|#LKpTO-J>)%OQkQWlO`;mqz{?~gJj>)HHr)^Jd0eI ztWILD!c!8K`im~=Wx5MX+IoINXev%(-wStS)AgT!C@EP?(?tv~f-&s*Ej*wNy`6kl z!hYY|p0M|RGG8veNq(5aMO`5e2)6{@)gOV(g>^{hYx+AJwbajZt5*J*1l@d&PtL-~ huVen*e=X%_b8BO)+0zc&);n>#DrtG;AKI%P9s!BW+~oiO diff --git a/corpora/curl_fuzzer_http/test_url_http b/corpora/curl_fuzzer_http/test_url_http deleted file mode 100644 index f6d5c39a0d4d41d6829b6f1e857d3cf11b15863c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(r$S5f(u+rBzG&0vS0763mDa8aI diff --git a/corpora/curl_fuzzer_http/test_wrongproto b/corpora/curl_fuzzer_http/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_https/test_alt_svc_with_double_header b/corpora/curl_fuzzer_https/test_alt_svc_with_double_header deleted file mode 100644 index 772df08897f1b556284978a25855cecfc0113299..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 297 zcmZXPK}*9x5QSF{f(z?kaLL)tG)XTm@FsmkPL}G$DisN5F*a$ zG4GqnDx3yp0tmS{gFy;sco_1K&{n# z#LjH$Frt!5io2LHJM`fiqW4>AQ3D)YpmXej3FbKPPBfpXlX)RBh1C~#-_NUuEzw6n KtIy}AG}$*PbXITx diff --git a/corpora/curl_fuzzer_https/test_alt_svc_with_ma b/corpora/curl_fuzzer_https/test_alt_svc_with_ma deleted file mode 100644 index 3cbce5fa7b64bd6ad1eb5b9d91c0b81bcebfb1dc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 247 zcmZXO!3u&v5Qeu7K?~ahbXq*Oj#j6I4k1L)!JrP^Vv{MC)Daz|$4`Vn=r+vv|1+PM z2qBg^bKP2i7Ml*65I?T03k)+V#kA+`@p?T&9L9PbMLInxd8C%D{*NoUFW6kV%<6o- z3tYkDV|KgU1gn7zqml_#6=v+IvigKrn|mSEy<6pjKKf#e1ICwzqI0q)+ h+*dDn5)CzVGY2BGvHIcW&9GV|L~oB)-|ywl#9wzLMr{B9 diff --git a/corpora/curl_fuzzer_https/test_altsvc_with_cache b/corpora/curl_fuzzer_https/test_altsvc_with_cache deleted file mode 100644 index 2b80529e441b939095c8451aa1ee9f77649a989e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 164 zcmZQzWME*B%P1)+D7MnqH>faoGXMcY`?UQ0q{Jeo|S@k jYHES5V@_sSDp*d#v9u&3zbLaR5hCrBSe%)xkcbHYuv{zI diff --git a/corpora/curl_fuzzer_https/test_hsts_response b/corpora/curl_fuzzer_https/test_hsts_response deleted file mode 100644 index 2fc628c521003fb5ace2102cf0b6efd571ba86e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 207 zcmYj~TMEK35JjV(g>FHzfwr*)#flUWil84tyMdUF8XuXEOhgytKCOu0`8-_CWdp|8 z=tN|FnPuWJt;L6NbwJ!pm!3TuHtaXAb=&TmEa!#Dd5ytzakN5XK#@jM@(qAZmREg; zING9;U;7L9wNzmmF6FEz>&q2AEiC?C;;12~6(y~c##?lhG@ydh^ep*JJ`#BZUQC3T Wb8XZ$bkKx-hc~H>pK}Y&Yfo=0mqPRa diff --git a/corpora/curl_fuzzer_https/test_hsts_response_to_ipv6 b/corpora/curl_fuzzer_https/test_hsts_response_to_ipv6 deleted file mode 100644 index fd3bc439b5855a26b5d93c0619d028756424325b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 164 zcmWm6!3x447yw}FDEJPZx-FfJXg`b&y95OV+buen*=B4y^dHpQSKkACWI+fy^@vjf zA+Acw93J-_YtRJ`ydFZbj5ZjZ!K{tirzu3t8f)h0@B@6*?@V`=ZzZFQegT>? BFS!5! diff --git a/corpora/curl_fuzzer_https/test_http_version_2 b/corpora/curl_fuzzer_https/test_http_version_2 deleted file mode 100644 index 0e5d4ecb6aa8d8fade083f6f5fb41c3d8474a564..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 329 zcmZXPK}*9x5QWzw9s<33o@0V`H%*#K>p^O%7HVi96}`zOnUb;VPDrAM{t5rGvAGBi z%WjNQSW-wqnrXSL@v_Q2|W+5FWVB zs3_15oh4g~c}r~PkQ;7r=nNe(>I~m8AITW4BI$!mNy!#(VVOKbuVI_Q*nbPb&;cRV z`S0S@gGE&te8Fr(t(y9Q9LuQlZ`Ql`>AGhhF+Z>e%bK>Sil)++!7P}_n+Rgg$eIIq%Y}ru7#M%o)sihbk$5N~oZcku%e|i7G4gjv%Ok41N z%h4=j#`K~l#>L?~7G-p)7JrvTD~Y+SEexj~?mI^~^gT~i1d~yfFgy@-yfLl#cbD!A T#m4!g7>20Il;ZE|pRLLl8OP#mMI{;X*3h)$U*0iMe#ziS%$MT#S0BqK`-Md zj?mc2KY#Ldc7xxc>y6Q^l>)D&Pz)De#=*`8l3S&L;zgso{mM$Pi3cd2l4+pA>PbRn zYl`Q$cX9NQEL*mf$;NnlNAcVJI^Vpm9#+q;!iB4F>>fh%!!$xCZW{ZdK7Pnb!+KJ* z47yUbNe)~K1r^2Bw=!3}?%`940G$oq|4h&>2W?-Q8Ph1vd^6&60&|-0jQcG02TSMmW diff --git a/corpora/curl_fuzzer_https/test_url b/corpora/curl_fuzzer_https/test_url deleted file mode 100644 index 9071f6b057ba19c401593ed3539f638bc5bb1fb1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 23 ccmZQzWME(r%qS@-D7MnqH#9QWGXO$E05O0BlK=n! diff --git a/corpora/curl_fuzzer_https/test_wrongproto b/corpora/curl_fuzzer_https/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608 b/corpora/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608 deleted file mode 100644 index 7bb66d7407b459c90e5c53894208d9bb0748982f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 31154 zcmeI1ze^)Q6vyYp;z)JHft9d@h(y@kD0o~%z33HUNWvAzHa0OF#}xq!CB()w{w4Q^ zU19Ct5Ry|Zg8&5HmcYSc`PSlYvEFvO_UonHPco~m;q_K^I}U4S7nc|P zZ&CRDs(TatzUe>wyiJniq&L`){>@6?pR2)-X1kdTl0k3ysj)uq>@?ed*IV~#Ieh1- zvi)e|>zc9|^`>KXGU}soreoRLnZWeFgGoDHHW<5+z`4_lV2dLz)O(kHH&3A0?elevy?E4nNe+YO% zfby_5Oq{}6G#DTN0XYJk!YNDAPq{tiy^<-#G}(M#IO(VF5yXE8K){9o7auJp(oZcK z3=n{T905*YIhK}6AWuP&@mp?~G7K|i^(LF|Y{>Y1k0Aa-00K4yxcF!(k@0KMV1NJw z`aff;BROKEXx5d#a5#a5h}T$EY@0Lnok5C8xG diff --git a/corpora/curl_fuzzer_imap/test800_2 b/corpora/curl_fuzzer_imap/test800_2 deleted file mode 100644 index db1f130ed8b33195f107bc70bb0d6a9e8308ec61..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 280 zcmX|*K}*9x5QSHdBYUu(g*j>bvF3sFs@A%U`4~mRJ3`cnmA|^;A{3y!=?FCIJ}sm h<-oypIUu&?vu>~{m$?lrtZ~e{MSizv`{{oJhhKf6Mil@6 diff --git a/corpora/curl_fuzzer_imap/test_oauthed_imap b/corpora/curl_fuzzer_imap/test_oauthed_imap deleted file mode 100644 index efbb4b01db662e8f1412bc221dcee100e578a46c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 405 zcmah@O-sW-6kN3kE(H9zdUzK>B6SlhVp9T5+bs=RE6IwL(!-jpG&Jd!P1+L0|L#Ub zJP6L=F%0u&25ljPT1m#24k4+Gcsi4LasJ6-nek-dG&RUZZU`q!Ud)J1T0_sj_3wIg z?AmBs2OOI)x&eRa-CruPwjmU1okRix!Q&Dg{OdT>j)n=>mIZX|hb+XNWnEO6lYn}? z`eWcTI)#wl(k_EYX3JC*BF5-QKfan^L!Ywl08Trj-qVE9F`L5MRrB4zeI+voGSSXu zCN?vngn^lK;Dygcdm+CS13$~SG_Zl|bqr9-mC7Mc7LoR+Wi_Tzjrl71sW&j%(fzem oE)=S1wwsH&N(y9ZzVAJ-fjg>hhk5}G(3w_G_;2iaf5CM>0Lgu9+yDRo diff --git a/corpora/curl_fuzzer_imap/test_url_imap b/corpora/curl_fuzzer_imap/test_url_imap deleted file mode 100644 index 3999320d292bab0446c8688f96e5111ae5f84be7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(r$jnVFu+rBzG&0vS0763mC}IQ# diff --git a/corpora/curl_fuzzer_imap/test_wrongproto b/corpora/curl_fuzzer_imap/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_ldap/test_url_fullldap b/corpora/curl_fuzzer_ldap/test_url_fullldap deleted file mode 100644 index 6a85db38e7ff12791a4f0127c418b715ea1b24e4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 119 zcmZQzWME*h%SlNru+rDh$xlwq$;dA*u`)Eau+&dUwoR=_%q_@C)d4b-^Kc($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_mqtt/test_dummy b/corpora/curl_fuzzer_mqtt/test_dummy deleted file mode 100644 index 22e7a78537c2799093c9d4bcdce06fed512fa7f9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 38 qcmZQzWME(r%`Ge`vC`K!G&0vS0766klGNf71}2~sYes5LPCfvQ^9VEm diff --git a/corpora/curl_fuzzer_pop3/test850 b/corpora/curl_fuzzer_pop3/test850 deleted file mode 100644 index 22c08dcfc6b7d666057a33005041dca1c2bd61bf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 130 zcmZQzWME*BEXXe~w$j%(G&0vS07646O9KN#eG5|q1}31iyIWCyu9ZS=szY&pZfbc( zYEddLS4h5my4H6SC^MdL7_6gw5V92I5RI9s38X^!N3eO VjHR?VwTOWQ$YLu_O)g3;0RY>HAT0m@ diff --git a/corpora/curl_fuzzer_pop3/test_oauthed_pop3 b/corpora/curl_fuzzer_pop3/test_oauthed_pop3 deleted file mode 100644 index 63fb3214784785da3f1258a3bbc3e08fdf5bc282..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 228 zcma)!T?>LR7=_ozje|iy!Rx}-=*rbVBc-4Z5QA=)E|k<)oFe}FR`dfp7l*^c;XxyW z(6)wptvRIyB(lgrx6AKJp_F;WUDsu_hn`AW%QmBoZqEMkbiC|?yI^Q+3}M(n$?Z~k z8cNk?s!;^T!0o4eDX)SbA@~95Krq3ML$EbK*JxYkRbu{y;b>x9(@v`f&CQzmxA-8g UpWX$26hvrY=t^4t|6xMB0oiap2LJ#7 diff --git a/corpora/curl_fuzzer_pop3/test_url_pop3 b/corpora/curl_fuzzer_pop3/test_url_pop3 deleted file mode 100644 index 9154cdb93040161e404a9d0823c47bcee825d9e4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rD9A4`w$j%(G&0vS0763mCaDAA diff --git a/corpora/curl_fuzzer_pop3/test_wrongproto b/corpora/curl_fuzzer_pop3/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_rtmp/test_url_rtmp b/corpora/curl_fuzzer_rtmp/test_url_rtmp deleted file mode 100644 index 68eb9b187bb5669003dfa7faa9c89a12b4808cac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rC@RSc($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_rtsp/oss-fuzz-issue-6937 b/corpora/curl_fuzzer_rtsp/oss-fuzz-issue-6937 deleted file mode 100644 index d7e040d3dddd476b06c365f3c11b6af63e82ba03..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 338215 zcmeI*v92UZRtDf2q1_qbpmA8%n_USBt-oFF$X8;to+xP|BPNACH*tLxlN?f zuP?rcMWmX)79kbV6X1G-K$dnZk+M{l<}5ko!@zLM+W!XArZhrN-H}-h>Axh|wCWpE zOS^w#LMo(lnZ62{Rp6hPYt^rprLt6(9%YUm|E&71Y1Qu2J)*a@MG`|kTB94W}27$-}}gY^n{)+4Id`5s-}l5 zZH<&!{#*bxu-~%RNkJSy`*_w#6)YJ4`2Asgj9>0?%>_^$NUcQ|J+($ERn}_kg;Ypq zZESNmF#aiS*+k`QuKrb8j))?nrjj#P4P#G$o|@}%>l=l%HBv;>8JUd^w;sPc`w6L# zS~at3mNgmt(n~`Q4XK87j6msnT{B$JkZMTJvUgE*bx*pdQqD&r7<7uAyt_nyeCQkFT^Iqx%Dy-u!hYos_C^9*ZXza>ml5Q!)viikRyK8_+eisUF#dH$R$d@2xw z2er5^ed$RwP_phx_q3E{x~I9eZS4tkPpy$k!vBq7i*qxxo}d~jA)SM^f&G@1F9lIU zI!nGO971~9n9I}_T}qc;sLn*xydJko10t$5Qi-fCBwu=oh??V)i=sgS$Yx! z*5{*5&UWF*iQ+^p`!OPlh&q+otmkU4E6bcp96$YzRvyFnt&vIr{(p(6nb&ZuUGMfZ zLQl^`PgC-Z=>hn61^(PyrXPm9TyUW*ZH-hHdYb)ZvUC;>SvnIh7sFB2MzZuA zHz#Eyf5q&{?CC-&VVlg0$Mn;MNTo7M>d!P~HBu>V)i=_mt;r{(bI=k|mz+5ud)F1K5#8&GkUnWh zU;g$_E{lQ1p!QiVYn&DCtxZU03m`4u7~nrX@Gq@Rw0yVpclYmBNQHD+GMSjO=8xkx z4+qEX)Cy**(m=>SsB|EQ^iWIZ#befvoL|a-WCg?u2wh5-(xtUW9H^xyA!aq%YVtV( zr4H*ou|ZGh2|b~w-gRY}Q^|W8o1*knS>JR|=h{D?E>t5Wq~|7_hzipP<750~b!P6( zi-(3(Lt0(GF(@%8xgg8bQnmC{Jr@m4%YM+3pOd)PJx9SnCN z-+DL=t(xJkP6Pduz7`CJ;ldfV4!=JI0UW>qTo!>+cl5rt2;cxNOSeJjXFVr|!*FE* z8q(vz8=owJxs-D}>+ri*dm+sk1KZeD}VzyfCISK6}6+cMXtl|-p>dr(E;xlje zqtHK5qOTqr32FC`0$dc*YL$J0atv@$cC4;p02hT6;QEjG>=Lll!d(J@1Gs8|u)I7z z_N)$;hDcSToi1~%y-{1-8mT8x=_DmdY0`4XNejRM9KZpb<2go~Nnh@3c?ZK`I1Gp3 zFdT-%a1VZov?*;w)~lzqLfSo~BxMxR`e>om>^2r?jZ`AFYV3t{uOao#?)95paSRu>fQv#}ZQPUOslIW$ z`Ul{m>;O1Ni)&|CS4?RE4&dmYJ6dW02XFufa4vD>VW);}UmiAw!*Cc5!(liKhv8a0 znX0eTdaPi(#;>tJBpRx2f5KSxjoZx*k}}E;V*z7qflya?5eKc z{u>UGlB6UlNlKEEq$DYc29h$jSTjVBl#x&>8xE2(ij++gn4;-4B8Ujl{UWXB$}gJ|e38uV~cNcC`fxEts&fCD&#?*|=x zXOqaI)@bOmsuki5SL(w_qYZ!Ab~QUy7FD#>Rt}PgLQ0iUW!0M7P`8VLE5HF9Rra8& z%y!fyBF}@76vJUS42R*GT#Z5<>+qx6vAV+-((WO}a8XFBN-_DK z)i;uqB<0Dq1~`BtDM?C_(izUAAO=CaBU;$eN6~OZWUYrg`^xT8b%ygaTA1yp91Hw= zXNMZry@p}9D5O;{BuSp?8<{3d6Q;=+fj7YN#!F{`V(>lQGI6BBhBc?^s#Gg7w_C$7 z9ERgkaw(hYrNOs*c$S>`;0uTt4#QzM42R*&;gTt34ma8fJna2<_{IW}{#iZRBq^hi zaw#1^U3Q2W?KV2Ih0_3V0H=r3!|CDla2c8Gh!%GAQ8XM8S+8z5gtU7|0WJ!u9!?LZ zhszIYc!+3!L=+u9hKtJaYSDn?H*E+G7704P7hb@IUCLZ7CscfZ4Pk%oN2Az6jWqK?_Xa{V5UiaG@PWI@?nx_ z`_B%5i^}n8m5$+}kdl-nWtEXh%IZ}m?WL(2Z47tPKSwHTNIoIWH#f#q-0t-(^iM?A z?L|fpck5d#NXjTnNlKEk%E%3@Ueqvv12~%|Hcgs3f}(bilu_*47j0|u9cR_|c_{c6Qo|Z{a_FD#)m}(R%6RG^I{+@sjV$m#mOf-FkF}&7_R@;1;7Cuz-6u~{nNk56b%PS8F| z_NE{V*S*LTA0y*_V?Zjm7Yag52uGKvV)`~DXq5OakU-b01n^)?$hgb57Cp9Q4Ql#_U~ty zCQK8iNmg^2CjE;{(H3XXW|}ZfitNzCMf%4sW&hGd|Cqyt`Ul_uu38`(u9d)W-HS{S zQj#(f4NMa?>;^Rq-~i5~<&KjUfCD&y131rzdp#aTc<+aqaVev6%rwz(+@RqAIDn&n z?x=qN4&VR|;OtUrIMVU&LEH18B3dwMksWd4BRjOkadt3GWXBD%Lk|~`HNXKJzMA!*Cex!6zI%?1-#aPicj;dq_#jD5S;$#sbCy`DU<76#FB>E`dvg z!kfwf4&W}xkOyykNJ^5DOUb3=QgSJ|ln+kUEVYQNxs>PC`S-q;iKL9O^g?@()!b{) zz1?RkUGphD#d$gjGk`loRp~TjFO5||b~K+LYJH=Swni#dv}&>2Zb$(R!!b>mCQK8i zNus;CMBBO!!*Cc5!(liKhv6`svB24fy2iiTZij!(r{q$evm?`uT*`4Ds^Q^;)y>sb z?+xHuBb7*vOSy#$$du!#9UYB^77DVwYGHf`^?X$x=w2XFxQ>2Xe9;zTI1ERn-%+Il9KZn_z&Y{l#CO`{8OBvRqJ(gD$YRv~9UorI;{Q zmGj#TDM?9El9VJRNl8*Bx*PPwj%Z;=ABBeg^ zQFg4ZVE`9}w2C8un|nwNoAc&yds4^Baa222mt!IA9#RY!g%rctG^sLj1FIL?asUT# z#sbCy#sbCysYf;z7{%6y*_BO0|Lh{z;ex(>WrrRv(m$))Vv;fnsUA)br-#d3Rp;UQ zBckZ=F?8r^Yd1aJTcZ~*t|RS#zlcN$A-iz8al7Vqk4AN><0`sxl}NV|trIgUcA9P^=W z;6ni%z-f!`*cJmEzyTbnM85aUJ3H&)UdI*Uy2Gd(Us|^2L*3km+8N+lB?xTi035)@ zvR`)GJUgiL?kYViZ==rLZaXSFx@U)wb`L4QMIo*Cfvx&g4Qq{5ngmp1zuk}m9KacT z8++jgb{^)s(YSYA~$q<1zigW3u zW4Ne>y%9u!yKpAdXtQaw32*?%G+~-BO`H};J@TL@c0>z1`Y1a5h^$w4_(Iw}qyQI% zR1e38s`_RPJMhKu3g7@v52uII!|CDla87)mjo)j!o9!ADj&ta}XuxG1F6KH>=)4uFfYW3@^LxG1CmXYgJ1%^JM7qVWMZ zfHU|u_%`@9_)e1jlBc#^rvbxZI1Gp3FdT-%a1TD=V5vo9z1mU}((WN8DWi~bDY=wf z%6uiITnkl>quPPtrU+Q=I+hTtUFq7V59Nx-doTW}VclyONg0Kdq$DXxN|JJr1etx; zn}Uk9h~B@xn!v4ltmbeJppIq742uix;sD06QoXlIUwkdwtsMXda6>vj`0xtgqAbEWsp*z&Sxd^3LY9C$e67sFvVyOekIp#Tox01n_RFI!&DrXM?^g&lnqE@ed4R=ccr z-N63=IDi}Y!&snP5NvvCs449uOlj4y?lp|0j6!M-XAXA*9R_d!$ED;_aw)l#T*?P; zM>QM~S#v45ls8bv00(ef$~&rKfCD&y1GrDGPCT`qD@|=%)gj()NV${|EmXhsC&&(> zAw zA?+SgfQv%PG+~-BO>%MJ*#i9$;Ud`2y;;2oDTc#vOcSOF(}ZclG;vyBT2VUho;RId z-|ik#Z+TViiCTBSwi{BClB6UlNlKEEq$DYyKvMo$R_*DZ?v9<1<~IA-nQT`bYd9ix zZ18>Vx;?JSBZr5lE{{|8hkNpb8rHprF-@Y7+BE4uS0^bSL#2EZW_uqbT v6OJ#n3#IXU{>AY>$3Jx}G7B=f_?N{UU0(aY`sw+7#XstG__Z(J|MKvEh!GaE diff --git a/corpora/curl_fuzzer_rtsp/test567 b/corpora/curl_fuzzer_rtsp/test567 deleted file mode 100644 index 75223543544abc78a7687add555999029bf571ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 172 zcmWlRy$XXc7y#2X;Lx$#_W-Fe_D9HOHG{O6U?Qbsl?+0lZKC!O`r1_vZaFx#K?v>q z7~Y&xmS%CXz&J|}M|wJEXuITJW3-|yP9RMZkk<%n>u2jZtf8cC==#aK{b<7&;X>OF z2Nq#9b#CZ6ltLFxbrA%lGL@_~0WD0c2pEw!rM%Y!)GdE3&RZ>(!#Y!bn4hEN5Wb;z IuV5qm2NpRkm;e9( diff --git a/corpora/curl_fuzzer_rtsp/test_rtsp_client_cseq b/corpora/curl_fuzzer_rtsp/test_rtsp_client_cseq deleted file mode 100644 index 6d9845d24faac978fafff5db7bda24426ebd1843..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 191 zcmWlTy$*sf7)5L1M8e?c_DxPmq4E>DA#@-bXeh)u3h6*XqPBpq;TvnYH@VA6PA=LY zg!XFEFN(2GV%IbEsZUM;4xG%T(2>Q*|yuj$=v+6rb= ZtCg!^c}$Xm{^)*uYH3^OU|wy1CVy;)Gp_&u diff --git a/corpora/curl_fuzzer_rtsp/test_rtsp_request b/corpora/curl_fuzzer_rtsp/test_rtsp_request deleted file mode 100644 index 9641005ead05c3cdc8c53e6e2a83431bb4e9a7d0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 182 zcmWlTy$XXc7)2v=5*#{q`{>d;ZIfspp|9P@<=*AM;i3Q` zv@y=U86h;y;>3qCn(hzec*@Y)<6qq&X9D|TeC2k6X;!P_tG(4|Malc`Z*Zko(Zx#23MJCNKKb>Y^ RzqTJ=R!1S)`ZFuv;1Az_Ex!N& diff --git a/corpora/curl_fuzzer_rtsp/test_rtsp_request2 b/corpora/curl_fuzzer_rtsp/test_rtsp_request2 deleted file mode 100644 index dfbe7beefbf8218ee6d2e8cf690c13bac8027085..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 182 zcmWlTy$ZrG7)7Hv6*4%weK^OasXv8mwarkJCNwSLXiJ7dK~38F2)?$F%e~8i!$k{( z(8iAL#VKWR5=K6Zvv_}?$5VpV9)GJ^E6TzM;wS=n!GSh*HkQL5Zz6<*g*3uIb%x+Gybof0?rV{1^=f R_i^3ubOr}#>(8uwmp|WtEx-T( diff --git a/corpora/curl_fuzzer_rtsp/test_rtsp_session_id b/corpora/curl_fuzzer_rtsp/test_rtsp_session_id deleted file mode 100644 index 2f26ffc2ba5ef52478b01217fbeb2a9b9144f1b2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 193 zcmWlTK?{N~9K{#aMexwE+n>6c+bk1yGu=T79ZrdkDLV*4wW)oCzIKzxdpvmXAL01ajQzN86ij?UZ$4 zkV*BSK*B)uk50D~awfB?II#%0s0&`o2qdc;5kbw;D(BZS0&z)i{?kS>Z1;=EZLy_lD|D=h~?x`Jx4pi8hi)x)6 z1?@wcY=nMLAZfzei#3Wu#l)uBu2}{(m)m+LG7wDec?Ob|O;sOu8Svlo7_;0978klP z?#%NXGzI_i%HF(A6EuuxhK=O7{Ntm9j=(!|8r=;d?S&EJiVw=rdOPo&Ny^ CV>(3u diff --git a/corpora/curl_fuzzer_rtsp/test_url_rtsp b/corpora/curl_fuzzer_rtsp/test_url_rtsp deleted file mode 100644 index ff11ff50a846f46d41d377887d658e4c8eaddb3b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rC@Lu~u+rBzG&0vS0763mDpv$3 diff --git a/corpora/curl_fuzzer_rtsp/test_wrongproto b/corpora/curl_fuzzer_rtsp/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_scp/test_url_scp b/corpora/curl_fuzzer_scp/test_url_scp deleted file mode 100644 index 051bdd4753b31aa6d1adf67fe929633bdff22b51..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 21 acmZQzWME+6FHSD7($_aMGS@QzLPG!|CIh4Z diff --git a/corpora/curl_fuzzer_scp/test_wrongproto b/corpora/curl_fuzzer_scp/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_sftp/test_url_sftp b/corpora/curl_fuzzer_sftp/test_url_sftp deleted file mode 100644 index 2c6762edec8c016db939f791879902bd7663dd7a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rC{8OWu+rBzG&0vS0763mDWe1& diff --git a/corpora/curl_fuzzer_sftp/test_wrongproto b/corpora/curl_fuzzer_sftp/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_smb/test_url_smb b/corpora/curl_fuzzer_smb/test_url_smb deleted file mode 100644 index 4c69eb28b0034e22ab189fe5494a0d259b631566..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 21 acmZQzWME+6FV0P}($_aMGS@QzLPG!{`~#o> diff --git a/corpora/curl_fuzzer_smb/test_wrongproto b/corpora/curl_fuzzer_smb/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_smtp/test900 b/corpora/curl_fuzzer_smtp/test900 deleted file mode 100644 index eecf0cbafe89bcab9d4dcd0e5dc2358b71f0a175..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 129 zcmZQzWME*BEY2+{u+rBzG&0vS07646O9KN_eIUWW1e9h}VBi5#LdB_hDXB#csTGO2 z1v#mD$@#eq96)g;x1#)9D}|KIw6xTs)Vva|kbEnJ#Jv2HjMO47uB7~wN-hR&pgPf_ N)a1;9OrQ#6BLGd`A%*|| diff --git a/corpora/curl_fuzzer_smtp/test900_2 b/corpora/curl_fuzzer_smtp/test900_2 deleted file mode 100644 index c27a76bc4b5f07e622cc2a8718d810833fd0c1fc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 241 zcmYj~F%N<;5JpcIO?44vaBHG-DHTweTrhDklECDKP-3G{QW*5#dpMCxE_vVgat9*- zShrQzgpT8iJ>xiTc;wu7aKRYsjS!sn3X`9#YTlCNx}s5XO=BACwky?#zyd`}_?#w} zdqiC?IB*_#1T4%aeSUipSPo&;!_N2qjXiAU2v#fWLYmXyB}_5jo{g?TTBx#=M%Eok cbx5;XcTZ^udFbLx7=am@wvoAN6gtBrKl*kzxBvhE diff --git a/corpora/curl_fuzzer_smtp/test_mail_auth b/corpora/curl_fuzzer_smtp/test_mail_auth deleted file mode 100644 index 5602ac4f290b88b59ef3aaee5ff6f5d38d867dd1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 260 zcmYj~O$&lR5Qe7?6|pUkAL4-7a3UQecp#z zXaK;Z%ybdhw&N}=LE{7~A$*%2Xi{yuuHcno;XBNV2U?NL_~x`fANf(1I!WIQ1|%A; zFZgM9*>K03FNK(U3=HD!iXZL_hV?M2!p!%6&6q;#uR)J?qr^N$wXXdLQ{w&CE!6m= vro>30h7LhH0S|MjZ>Si%%J{<=bV(d5jM5?{rGEGea&JB0 diff --git a/corpora/curl_fuzzer_smtp/test_smtps_with_oauth b/corpora/curl_fuzzer_smtp/test_smtps_with_oauth deleted file mode 100644 index b7864e9b5e1e20045961434b606d6d88be229334..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 283 zcmYj~K}*9x5JpEYmBoXNdSC59sF1EPDHTpRu{D){jQs=9Q$?l# diff --git a/corpora/curl_fuzzer_smtp/test_url_smtp b/corpora/curl_fuzzer_smtp/test_url_smtp deleted file mode 100644 index c98e4bd6edb8857f8d0c4f24c7b93256e3e0b396..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rD9$Y@u+rBzG&0vS0763mDhvc8 diff --git a/corpora/curl_fuzzer_smtp/test_wrongproto b/corpora/curl_fuzzer_smtp/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_tftp/test_url_tftp b/corpora/curl_fuzzer_tftp/test_url_tftp deleted file mode 100644 index 86788d89a329b18e3d0feb4a12773440b4717119..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 bcmZQzWME(rC`l_Ru+rBzG&0vS0763mDYFC} diff --git a/corpora/curl_fuzzer_tftp/test_wrongproto b/corpora/curl_fuzzer_tftp/test_wrongproto deleted file mode 100644 index 711323a26b5c8029a42b95e57cdebbe88d68304b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 mcmZQzWME*BF3HF&&MeN$FG(yY$}h>c($_aMGS@QzLPG$Py$Iw0 diff --git a/corpora/curl_fuzzer_ws/basictest b/corpora/curl_fuzzer_ws/basictest deleted file mode 100644 index 89341fb5492baca90585c12c86e017aa2d7df3ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 30 kcmZQzWME+6D=)Uv*U!mMPRz;3FD_wV0*bMeq!yO|0AQ2{ApigX diff --git a/corpora/curl_fuzzer_ws/test_http_upgrade_to_ws b/corpora/curl_fuzzer_ws/test_http_upgrade_to_ws deleted file mode 100644 index a0e4494680e9a744038766c6e0c15cc2e20113f8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 454 zcmZ9Ju};J=42BB>L!=Ba!IlBR0M{mBDUm7^-EtDcozw&7G_~4_wyBap;bC}JayhQL z;vur^-}YxGI*Fp_dbB)A;7fKx3$fB2Piab%(W+XyCz%yDDl4N?ul!kUx0{5;j4;Yb zJ~mF(O9Em;bd#z1VHU4O|bA$h& TRx8=oe!Dn$rS7E9rWB)Jh{%ZW diff --git a/corpora/curl_fuzzer_ws/ws_with_raw_mode_connect_test b/corpora/curl_fuzzer_ws/ws_with_raw_mode_connect_test deleted file mode 100644 index 6a3c3bfb74759202ff2a736462d2051f9ba37c64..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 65 zcmZQzWME)WFE6&z*H6pO*Goz)(#y$DPRvQk&rQtC(=W-$EY=62ME!!qk_-kzpkfvv KW@0davKRqGRSwMn diff --git a/corpora/curl_fuzzer_ws/ws_with_raw_mode_test b/corpora/curl_fuzzer_ws/ws_with_raw_mode_test deleted file mode 100644 index eb285386e0cdeb35d769dd4b92a6415cd86586bb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 55 zcmZQzWME)WFE6&z*H6pO*Goz)(#y$DPRvQk&rQtC(=W-$EY=62ME!!qk_-kzpkfvv GW&{ARkPeps diff --git a/corpora/curl_fuzzer_ws/wss_test b/corpora/curl_fuzzer_ws/wss_test deleted file mode 100644 index a44a158012148882cd9b93908da9488e12c3c175..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 49 zcmZQzWME*>E-x;&($`PUNG#Dytw_u*$Vt`9EY?rU&$mxXEV4~XtWrzL&o8h|$}cJa E0AI%t4FCWD diff --git a/corpora/curl_fuzzer_ws/wss_with_basic_auth_test b/corpora/curl_fuzzer_ws/wss_with_basic_auth_test deleted file mode 100644 index 72003a7788e4f6b3def6615bc8631a7247b214af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 67 zcmV~$K?;CC2mnC)Ovm-UAoUe3qo7UEVx!kL0|Nk1&#Z_~YFym3I%jr^bzXM9i@x0a T)N&+lW|MG`@HdK?lUVo<-*y*l From 563201ad293e0b36931694527c2836752eeb241f Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 19:36:41 +0000 Subject: [PATCH 04/10] Add scenarios/ files that compile to valid structured fuzzing corpora. --- README.md | 32 + corpora/.gitignore | 19 + curl_fuzzer.cc | 13 +- curl_fuzzer.h | 1 + curl_fuzzer_scenario.cc | 589 +++++++++++++----- ossfuzz.sh | 3 + scenarios/curl_fuzzer/oss-fuzz-3327.textproto | 15 + scenarios/curl_fuzzer/test1.textproto | 15 + scenarios/curl_fuzzer/test10.textproto | 22 + scenarios/curl_fuzzer/test100.textproto | 15 + scenarios/curl_fuzzer/test100_2.textproto | 30 + scenarios/curl_fuzzer/test100_3.textproto | 48 ++ scenarios/curl_fuzzer/test1011.textproto | 25 + scenarios/curl_fuzzer/test12.textproto | 22 + scenarios/curl_fuzzer/test1201.textproto | 15 + scenarios/curl_fuzzer/test13.textproto | 22 + scenarios/curl_fuzzer/test1326.textproto | 15 + scenarios/curl_fuzzer/test1450.textproto | 15 + scenarios/curl_fuzzer/test2.textproto | 29 + scenarios/curl_fuzzer/test271.textproto | 15 + scenarios/curl_fuzzer/test3.textproto | 36 ++ scenarios/curl_fuzzer/test39.textproto | 23 + scenarios/curl_fuzzer/test4.textproto | 78 +++ scenarios/curl_fuzzer/test46.textproto | 15 + scenarios/curl_fuzzer/test5.textproto | 15 + scenarios/curl_fuzzer/test567.textproto | 15 + scenarios/curl_fuzzer/test6.textproto | 22 + scenarios/curl_fuzzer/test64.textproto | 36 ++ scenarios/curl_fuzzer/test800.textproto | 29 + scenarios/curl_fuzzer/test800_2.textproto | 24 + scenarios/curl_fuzzer/test850.textproto | 29 + scenarios/curl_fuzzer/test900.textproto | 36 ++ scenarios/curl_fuzzer/test900_2.textproto | 51 ++ .../test_accept_encoding.textproto | 22 + .../curl_fuzzer/test_file_nobody.textproto | 23 + scenarios/curl_fuzzer/test_ftp_list.textproto | 52 ++ .../curl_fuzzer/test_ftp_wildcard.textproto | 52 ++ .../curl_fuzzer/test_wrongproto.textproto | 9 + .../timeout-4625841444093952.textproto | 15 + scenarios/curl_fuzzer_dict/test1450.textproto | 15 + .../curl_fuzzer_dict/test_url_dict.textproto | 9 + .../test_wrongproto.textproto | 9 + .../test_file_nobody.textproto | 23 + .../curl_fuzzer_file/test_url_file.textproto | 9 + .../test_wrongproto.textproto | 9 + .../curl_fuzzer_ftp/test_ftp_list.textproto | 52 ++ .../test_ftp_wildcard.textproto | 52 ++ .../curl_fuzzer_ftp/test_url_ftp.textproto | 9 + .../curl_fuzzer_ftp/test_wrongproto.textproto | 9 + .../curl_fuzzer_gopher/test1201.textproto | 15 + .../test_url_gopher.textproto | 9 + .../test_wrongproto.textproto | 9 + scenarios/curl_fuzzer_http/test1.textproto | 15 + scenarios/curl_fuzzer_http/test10.textproto | 22 + scenarios/curl_fuzzer_http/test100.textproto | 15 + .../curl_fuzzer_http/test100_2.textproto | 30 + .../curl_fuzzer_http/test100_3.textproto | 48 ++ scenarios/curl_fuzzer_http/test1011.textproto | 25 + scenarios/curl_fuzzer_http/test12.textproto | 22 + scenarios/curl_fuzzer_http/test1201.textproto | 15 + scenarios/curl_fuzzer_http/test13.textproto | 22 + scenarios/curl_fuzzer_http/test1326.textproto | 15 + scenarios/curl_fuzzer_http/test1450.textproto | 15 + scenarios/curl_fuzzer_http/test2.textproto | 29 + scenarios/curl_fuzzer_http/test271.textproto | 15 + scenarios/curl_fuzzer_http/test3.textproto | 36 ++ scenarios/curl_fuzzer_http/test39.textproto | 23 + scenarios/curl_fuzzer_http/test4.textproto | 78 +++ scenarios/curl_fuzzer_http/test46.textproto | 15 + scenarios/curl_fuzzer_http/test5.textproto | 15 + scenarios/curl_fuzzer_http/test567.textproto | 15 + scenarios/curl_fuzzer_http/test6.textproto | 22 + scenarios/curl_fuzzer_http/test64.textproto | 36 ++ scenarios/curl_fuzzer_http/test800.textproto | 29 + .../curl_fuzzer_http/test800_2.textproto | 24 + scenarios/curl_fuzzer_http/test850.textproto | 29 + scenarios/curl_fuzzer_http/test900.textproto | 36 ++ .../curl_fuzzer_http/test900_2.textproto | 51 ++ .../test_accept_encoding.textproto | 22 + .../curl_fuzzer_http/test_alt_svc.textproto | 36 ++ .../test_alt_svc_with_ma.textproto | 36 ++ .../test_basic_http2.textproto | 25 + ...e_control_code_hackerone_1613943.textproto | 37 ++ .../test_http_upgrade_to_ws.textproto | 64 ++ ...st_http_upgrade_to_ws_and_detach.textproto | 78 +++ .../test_http_with_hsts.textproto | 15 + .../test_http_with_hsts_tlv.textproto | 29 + .../test_invalid_prior_http2.textproto | 22 + .../curl_fuzzer_http/test_ipv6.textproto | 36 ++ .../curl_fuzzer_http/test_ntlm.textproto | 58 ++ .../curl_fuzzer_http/test_ntlm_wb.textproto | 65 ++ .../curl_fuzzer_http/test_url_http.textproto | 9 + .../test_wrongproto.textproto | 9 + .../test_alt_svc_with_double_header.textproto | 36 ++ .../test_alt_svc_with_ma.textproto | 36 ++ .../test_altsvc_with_cache.textproto | 36 ++ .../test_hsts_response.textproto | 15 + .../test_hsts_response_to_ipv6.textproto | 15 + .../test_http_version_2.textproto | 43 ++ .../test_https_ntlm.textproto | 30 + .../curl_fuzzer_https/test_ipv6.textproto | 30 + .../test_post_0byte.textproto | 67 ++ .../test_simple_httppost.textproto | 44 ++ .../curl_fuzzer_https/test_url.textproto | 9 + .../test_wrongproto.textproto | 9 + ...tcase-minimized-5817192030404608.textproto | 22 + scenarios/curl_fuzzer_imap/test800.textproto | 29 + .../curl_fuzzer_imap/test800_2.textproto | 24 + .../test_oauthed_imap.textproto | 52 ++ .../curl_fuzzer_imap/test_url_imap.textproto | 9 + .../test_wrongproto.textproto | 9 + .../test_url_fullldap.textproto | 32 + .../curl_fuzzer_ldap/test_url_ldap.textproto | 9 + .../test_wrongproto.textproto | 9 + .../curl_fuzzer_mqtt/test_dummy.textproto | 15 + scenarios/curl_fuzzer_pop3/test850.textproto | 29 + .../test_oauthed_pop3.textproto | 36 ++ .../curl_fuzzer_pop3/test_url_pop3.textproto | 9 + .../test_wrongproto.textproto | 9 + .../curl_fuzzer_rtmp/test_url_rtmp.textproto | 9 + .../test_wrongproto.textproto | 9 + scenarios/curl_fuzzer_rtsp/test567.textproto | 15 + .../test_rtsp_client_cseq.textproto | 22 + .../test_rtsp_request.textproto | 22 + .../test_rtsp_request2.textproto | 22 + .../test_rtsp_session_id.textproto | 29 + .../test_rtsp_stream_uri.textproto | 22 + .../test_rtsp_transport.textproto | 29 + .../curl_fuzzer_rtsp/test_url_rtsp.textproto | 9 + .../test_wrongproto.textproto | 9 + .../curl_fuzzer_scp/test_url_scp.textproto | 9 + .../curl_fuzzer_scp/test_wrongproto.textproto | 9 + .../curl_fuzzer_sftp/test_url_sftp.textproto | 9 + .../test_wrongproto.textproto | 9 + .../curl_fuzzer_smb/test_url_smb.textproto | 9 + .../curl_fuzzer_smb/test_wrongproto.textproto | 9 + scenarios/curl_fuzzer_smtp/test900.textproto | 36 ++ .../curl_fuzzer_smtp/test900_2.textproto | 51 ++ .../curl_fuzzer_smtp/test_mail_auth.textproto | 58 ++ .../test_smtps_with_oauth.textproto | 65 ++ .../curl_fuzzer_smtp/test_url_smtp.textproto | 9 + .../test_wrongproto.textproto | 9 + .../curl_fuzzer_tftp/test_url_tftp.textproto | 9 + .../test_wrongproto.textproto | 9 + scenarios/curl_fuzzer_ws/basictest.textproto | 15 + .../test_http_upgrade_to_ws.textproto | 64 ++ .../ws_with_raw_mode_connect_test.textproto | 23 + .../ws_with_raw_mode_test.textproto | 16 + scenarios/curl_fuzzer_ws/wss_test.textproto | 9 + .../wss_with_basic_auth_test.textproto | 9 + schemas/curl_fuzzer.proto | 41 +- scripts/compile_structured_corpora.sh | 52 ++ .../generate_option_manifest.py | 8 +- 153 files changed, 4222 insertions(+), 184 deletions(-) create mode 100644 scenarios/curl_fuzzer/oss-fuzz-3327.textproto create mode 100644 scenarios/curl_fuzzer/test1.textproto create mode 100644 scenarios/curl_fuzzer/test10.textproto create mode 100644 scenarios/curl_fuzzer/test100.textproto create mode 100644 scenarios/curl_fuzzer/test100_2.textproto create mode 100644 scenarios/curl_fuzzer/test100_3.textproto create mode 100644 scenarios/curl_fuzzer/test1011.textproto create mode 100644 scenarios/curl_fuzzer/test12.textproto create mode 100644 scenarios/curl_fuzzer/test1201.textproto create mode 100644 scenarios/curl_fuzzer/test13.textproto create mode 100644 scenarios/curl_fuzzer/test1326.textproto create mode 100644 scenarios/curl_fuzzer/test1450.textproto create mode 100644 scenarios/curl_fuzzer/test2.textproto create mode 100644 scenarios/curl_fuzzer/test271.textproto create mode 100644 scenarios/curl_fuzzer/test3.textproto create mode 100644 scenarios/curl_fuzzer/test39.textproto create mode 100644 scenarios/curl_fuzzer/test4.textproto create mode 100644 scenarios/curl_fuzzer/test46.textproto create mode 100644 scenarios/curl_fuzzer/test5.textproto create mode 100644 scenarios/curl_fuzzer/test567.textproto create mode 100644 scenarios/curl_fuzzer/test6.textproto create mode 100644 scenarios/curl_fuzzer/test64.textproto create mode 100644 scenarios/curl_fuzzer/test800.textproto create mode 100644 scenarios/curl_fuzzer/test800_2.textproto create mode 100644 scenarios/curl_fuzzer/test850.textproto create mode 100644 scenarios/curl_fuzzer/test900.textproto create mode 100644 scenarios/curl_fuzzer/test900_2.textproto create mode 100644 scenarios/curl_fuzzer/test_accept_encoding.textproto create mode 100644 scenarios/curl_fuzzer/test_file_nobody.textproto create mode 100644 scenarios/curl_fuzzer/test_ftp_list.textproto create mode 100644 scenarios/curl_fuzzer/test_ftp_wildcard.textproto create mode 100644 scenarios/curl_fuzzer/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer/timeout-4625841444093952.textproto create mode 100644 scenarios/curl_fuzzer_dict/test1450.textproto create mode 100644 scenarios/curl_fuzzer_dict/test_url_dict.textproto create mode 100644 scenarios/curl_fuzzer_dict/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_file/test_file_nobody.textproto create mode 100644 scenarios/curl_fuzzer_file/test_url_file.textproto create mode 100644 scenarios/curl_fuzzer_file/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_ftp/test_ftp_list.textproto create mode 100644 scenarios/curl_fuzzer_ftp/test_ftp_wildcard.textproto create mode 100644 scenarios/curl_fuzzer_ftp/test_url_ftp.textproto create mode 100644 scenarios/curl_fuzzer_ftp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_gopher/test1201.textproto create mode 100644 scenarios/curl_fuzzer_gopher/test_url_gopher.textproto create mode 100644 scenarios/curl_fuzzer_gopher/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_http/test1.textproto create mode 100644 scenarios/curl_fuzzer_http/test10.textproto create mode 100644 scenarios/curl_fuzzer_http/test100.textproto create mode 100644 scenarios/curl_fuzzer_http/test100_2.textproto create mode 100644 scenarios/curl_fuzzer_http/test100_3.textproto create mode 100644 scenarios/curl_fuzzer_http/test1011.textproto create mode 100644 scenarios/curl_fuzzer_http/test12.textproto create mode 100644 scenarios/curl_fuzzer_http/test1201.textproto create mode 100644 scenarios/curl_fuzzer_http/test13.textproto create mode 100644 scenarios/curl_fuzzer_http/test1326.textproto create mode 100644 scenarios/curl_fuzzer_http/test1450.textproto create mode 100644 scenarios/curl_fuzzer_http/test2.textproto create mode 100644 scenarios/curl_fuzzer_http/test271.textproto create mode 100644 scenarios/curl_fuzzer_http/test3.textproto create mode 100644 scenarios/curl_fuzzer_http/test39.textproto create mode 100644 scenarios/curl_fuzzer_http/test4.textproto create mode 100644 scenarios/curl_fuzzer_http/test46.textproto create mode 100644 scenarios/curl_fuzzer_http/test5.textproto create mode 100644 scenarios/curl_fuzzer_http/test567.textproto create mode 100644 scenarios/curl_fuzzer_http/test6.textproto create mode 100644 scenarios/curl_fuzzer_http/test64.textproto create mode 100644 scenarios/curl_fuzzer_http/test800.textproto create mode 100644 scenarios/curl_fuzzer_http/test800_2.textproto create mode 100644 scenarios/curl_fuzzer_http/test850.textproto create mode 100644 scenarios/curl_fuzzer_http/test900.textproto create mode 100644 scenarios/curl_fuzzer_http/test900_2.textproto create mode 100644 scenarios/curl_fuzzer_http/test_accept_encoding.textproto create mode 100644 scenarios/curl_fuzzer_http/test_alt_svc.textproto create mode 100644 scenarios/curl_fuzzer_http/test_alt_svc_with_ma.textproto create mode 100644 scenarios/curl_fuzzer_http/test_basic_http2.textproto create mode 100644 scenarios/curl_fuzzer_http/test_cookie_control_code_hackerone_1613943.textproto create mode 100644 scenarios/curl_fuzzer_http/test_http_upgrade_to_ws.textproto create mode 100644 scenarios/curl_fuzzer_http/test_http_upgrade_to_ws_and_detach.textproto create mode 100644 scenarios/curl_fuzzer_http/test_http_with_hsts.textproto create mode 100644 scenarios/curl_fuzzer_http/test_http_with_hsts_tlv.textproto create mode 100644 scenarios/curl_fuzzer_http/test_invalid_prior_http2.textproto create mode 100644 scenarios/curl_fuzzer_http/test_ipv6.textproto create mode 100644 scenarios/curl_fuzzer_http/test_ntlm.textproto create mode 100644 scenarios/curl_fuzzer_http/test_ntlm_wb.textproto create mode 100644 scenarios/curl_fuzzer_http/test_url_http.textproto create mode 100644 scenarios/curl_fuzzer_http/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_https/test_alt_svc_with_double_header.textproto create mode 100644 scenarios/curl_fuzzer_https/test_alt_svc_with_ma.textproto create mode 100644 scenarios/curl_fuzzer_https/test_altsvc_with_cache.textproto create mode 100644 scenarios/curl_fuzzer_https/test_hsts_response.textproto create mode 100644 scenarios/curl_fuzzer_https/test_hsts_response_to_ipv6.textproto create mode 100644 scenarios/curl_fuzzer_https/test_http_version_2.textproto create mode 100644 scenarios/curl_fuzzer_https/test_https_ntlm.textproto create mode 100644 scenarios/curl_fuzzer_https/test_ipv6.textproto create mode 100644 scenarios/curl_fuzzer_https/test_post_0byte.textproto create mode 100644 scenarios/curl_fuzzer_https/test_simple_httppost.textproto create mode 100644 scenarios/curl_fuzzer_https/test_url.textproto create mode 100644 scenarios/curl_fuzzer_https/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608.textproto create mode 100644 scenarios/curl_fuzzer_imap/test800.textproto create mode 100644 scenarios/curl_fuzzer_imap/test800_2.textproto create mode 100644 scenarios/curl_fuzzer_imap/test_oauthed_imap.textproto create mode 100644 scenarios/curl_fuzzer_imap/test_url_imap.textproto create mode 100644 scenarios/curl_fuzzer_imap/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_ldap/test_url_fullldap.textproto create mode 100644 scenarios/curl_fuzzer_ldap/test_url_ldap.textproto create mode 100644 scenarios/curl_fuzzer_ldap/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_mqtt/test_dummy.textproto create mode 100644 scenarios/curl_fuzzer_pop3/test850.textproto create mode 100644 scenarios/curl_fuzzer_pop3/test_oauthed_pop3.textproto create mode 100644 scenarios/curl_fuzzer_pop3/test_url_pop3.textproto create mode 100644 scenarios/curl_fuzzer_pop3/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_rtmp/test_url_rtmp.textproto create mode 100644 scenarios/curl_fuzzer_rtmp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test567.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_rtsp_client_cseq.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_rtsp_request.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_rtsp_request2.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_rtsp_session_id.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_rtsp_stream_uri.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_rtsp_transport.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_url_rtsp.textproto create mode 100644 scenarios/curl_fuzzer_rtsp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_scp/test_url_scp.textproto create mode 100644 scenarios/curl_fuzzer_scp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_sftp/test_url_sftp.textproto create mode 100644 scenarios/curl_fuzzer_sftp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_smb/test_url_smb.textproto create mode 100644 scenarios/curl_fuzzer_smb/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_smtp/test900.textproto create mode 100644 scenarios/curl_fuzzer_smtp/test900_2.textproto create mode 100644 scenarios/curl_fuzzer_smtp/test_mail_auth.textproto create mode 100644 scenarios/curl_fuzzer_smtp/test_smtps_with_oauth.textproto create mode 100644 scenarios/curl_fuzzer_smtp/test_url_smtp.textproto create mode 100644 scenarios/curl_fuzzer_smtp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_tftp/test_url_tftp.textproto create mode 100644 scenarios/curl_fuzzer_tftp/test_wrongproto.textproto create mode 100644 scenarios/curl_fuzzer_ws/basictest.textproto create mode 100644 scenarios/curl_fuzzer_ws/test_http_upgrade_to_ws.textproto create mode 100644 scenarios/curl_fuzzer_ws/ws_with_raw_mode_connect_test.textproto create mode 100644 scenarios/curl_fuzzer_ws/ws_with_raw_mode_test.textproto create mode 100644 scenarios/curl_fuzzer_ws/wss_test.textproto create mode 100644 scenarios/curl_fuzzer_ws/wss_with_basic_auth_test.textproto create mode 100755 scripts/compile_structured_corpora.sh diff --git a/README.md b/README.md index ac217fd2..e20050a9 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,22 @@ temporary directory instead. `./mainline.sh` is run regressibly by Github Actions. +## Structure-aware fuzzing with libprotobuf-mutator + +Every `curl_fuzzer*` binary now links +[libprotobuf-mutator](https://github.com/google/libprotobuf-mutator) directly. +Build the usual targets and you automatically get structured `Scenario` +generation: + +```shell +cmake -S . -B build +cmake --build build --target curl_fuzzer +``` + +The shared engine still understands legacy TLV corpora, but the libFuzzer +entry-point feeds decoded `Scenario` protos into the same execution path, so +crash reports remain comparable to the classic workflow. + ## I want more information when running a testcase or multiple testcases Setting the `FUZZ_VERBOSE` environment variable turns on curl verbose logging. @@ -80,6 +96,22 @@ read_corpus ``` This will print out a list of contents inside the file. +## I want to convert TLV corpora into structured scenarios + +Install the tooling (see above), then run the converter to mirror TLV corpus +entries into Scenario `.textproto` files: + +```shell +corpora_to_textproto --output scenarios/ +``` + +By default the tool walks the `corpora/` tree and writes `*.textproto` files to +`scenarios/`, preserving the directory structure. You can point `--output` to a +different directory or pass one or more explicit corpus paths when you only +want to convert selected inputs. The converter automatically skips corpora for +the `curl_fuzzer_fnmatch`, `curl_fuzzer_bufq`, and `fuzz_url` harnesses because +they do not use the structured Scenario pipeline. + ## I want an HTML decoder for corpus files Generate a standalone HTML page that can inspect TLV corpora directly in your browser: diff --git a/corpora/.gitignore b/corpora/.gitignore index 8d63b1b5..03b0ee1b 100644 --- a/corpora/.gitignore +++ b/corpora/.gitignore @@ -1 +1,20 @@ # Ignore all the scenario corpora +curl_fuzzer/ +curl_fuzzer_dict/ +curl_fuzzer_file/ +curl_fuzzer_ftp/ +curl_fuzzer_gopher/ +curl_fuzzer_http/ +curl_fuzzer_https/ +curl_fuzzer_imap/ +curl_fuzzer_ldap/ +curl_fuzzer_mqtt/ +curl_fuzzer_pop3/ +curl_fuzzer_rtmp/ +curl_fuzzer_rtsp/ +curl_fuzzer_scp/ +curl_fuzzer_sftp/ +curl_fuzzer_smb/ +curl_fuzzer_smtp/ +curl_fuzzer_tftp/ +curl_fuzzer_ws/ diff --git a/curl_fuzzer.cc b/curl_fuzzer.cc index 1d8a4a2a..cac6f057 100644 --- a/curl_fuzzer.cc +++ b/curl_fuzzer.cc @@ -30,7 +30,7 @@ #include -DEFINE_PROTO_FUZZER(const curl::fuzzer::proto::Scenario &scenario) +DEFINE_BINARY_PROTO_FUZZER(const curl::fuzzer::proto::Scenario &scenario) { CurlFuzzerRunScenario(scenario); } @@ -51,11 +51,18 @@ int CurlFuzzerRunScenario(const curl::fuzzer::proto::Scenario &scenario) rc = curl_fuzzer::ApplyScenario(scenario, &fuzz); if(rc != 0) { + FV_PRINTF(&fuzz, "SCENARIO: ApplyScenario failed with rc=%d\n", rc); goto EXIT_LABEL; } + FV_PRINTF(&fuzz, + "SCENARIO: successfully applied scenario, starting transfer\n"); /* Set up the standard easy options. */ - FTRY(fuzz_set_easy_options(&fuzz)); + rc = fuzz_set_easy_options(&fuzz); + if(rc != 0) { + FV_PRINTF(&fuzz, "SCENARIO: fuzz_set_easy_options failed with rc=%d\n", rc); + goto EXIT_LABEL; + } /** * Add in more curl options that have been accumulated over the scenario @@ -567,7 +574,7 @@ int fuzz_set_allowed_protocols(FUZZ_DATA *fuzz) allowed_protocols = "http,ws,wss"; FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_CONNECT_ONLY, 2L)); #endif - + FV_PRINTF(fuzz, "allowed_protocols=%s\n", allowed_protocols); FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_PROTOCOLS_STR, allowed_protocols)); EXIT_LABEL: diff --git a/curl_fuzzer.h b/curl_fuzzer.h index 72f7c7bb..d45655f3 100644 --- a/curl_fuzzer.h +++ b/curl_fuzzer.h @@ -495,6 +495,7 @@ int CurlFuzzerRunScenario(const curl::fuzzer::proto::Scenario &scenario); int _func_rc = (FUNC); \ if (_func_rc) \ { \ + fprintf(stderr, "FTRY failed: %s returned %d\n", #FUNC, _func_rc); \ rc = _func_rc; \ goto EXIT_LABEL; \ } \ diff --git a/curl_fuzzer_scenario.cc b/curl_fuzzer_scenario.cc index 5b4b506b..e214127e 100644 --- a/curl_fuzzer_scenario.cc +++ b/curl_fuzzer_scenario.cc @@ -1,14 +1,16 @@ #include "curl_fuzzer_scenario.h" +#include +#include #include #include #include +#include #include #include #include #include #include -#include #include #include @@ -47,61 +49,235 @@ const OptionDescriptor *LookupDescriptor(curl::fuzzer::proto::CurlOptionId id) { return nullptr; } -class ScenarioState { - public: - ScenarioState() = default; - ScenarioState(const ScenarioState &) = delete; - ScenarioState &operator=(const ScenarioState &) = delete; +const char *OptionScopeName(curl::fuzzer::proto::OptionScope scope) { + switch(scope) { + case curl::fuzzer::proto::OPTION_SCOPE_UNSPECIFIED: + return "unspecified"; + case curl::fuzzer::proto::OPTION_SCOPE_DEFAULT: + return "default"; + case curl::fuzzer::proto::OPTION_SCOPE_PROXY: + return "proxy"; + case curl::fuzzer::proto::OPTION_SCOPE_DOH: + return "doh"; + case curl::fuzzer::proto::OPTION_SCOPE_TLS: + return "tls"; + case curl::fuzzer::proto::OptionScope_INT_MIN_SENTINEL_DO_NOT_USE_: + case curl::fuzzer::proto::OptionScope_INT_MAX_SENTINEL_DO_NOT_USE_: + return "sentinel"; + } + return "unknown"; +} - int LoadBlobs(const curl::fuzzer::proto::Scenario &scenario) { - blobs_.clear(); - for(const auto &blob : scenario.blobs()) { - std::vector bytes; - switch(blob.payload_case()) { - case curl::fuzzer::proto::DataBlob::kRaw: - bytes.assign(blob.raw().begin(), blob.raw().end()); - break; - case curl::fuzzer::proto::DataBlob::kUtf8: { - const std::string &utf8 = blob.utf8(); - bytes.assign(utf8.begin(), utf8.end()); - break; - } - case curl::fuzzer::proto::DataBlob::PAYLOAD_NOT_SET: - bytes.clear(); - break; - } - blobs_.emplace(blob.id(), std::move(bytes)); +const char *TransferKindName(curl::fuzzer::proto::TransferKind kind) { + switch(kind) { + case curl::fuzzer::proto::TRANSFER_KIND_UNSPECIFIED: + return "unspecified"; + case curl::fuzzer::proto::TRANSFER_KIND_UPLOAD: + return "upload"; + case curl::fuzzer::proto::TRANSFER_KIND_POSTFIELDS: + return "postfields"; + case curl::fuzzer::proto::TRANSFER_KIND_SEND: + return "send"; + case curl::fuzzer::proto::TransferKind_INT_MIN_SENTINEL_DO_NOT_USE_: + case curl::fuzzer::proto::TransferKind_INT_MAX_SENTINEL_DO_NOT_USE_: + return "sentinel"; + } + return "unknown"; +} + +const char *ResponseStageName(curl::fuzzer::proto::ResponseStage stage) { + switch(stage) { + case curl::fuzzer::proto::RESPONSE_STAGE_UNSPECIFIED: + return "unspecified"; + case curl::fuzzer::proto::RESPONSE_STAGE_ON_CONNECT: + return "on_connect"; + case curl::fuzzer::proto::RESPONSE_STAGE_ON_READABLE: + return "on_readable"; + case curl::fuzzer::proto::ResponseStage_INT_MIN_SENTINEL_DO_NOT_USE_: + case curl::fuzzer::proto::ResponseStage_INT_MAX_SENTINEL_DO_NOT_USE_: + return "sentinel"; + } + return "unknown"; +} + +const char *ShutdownPolicyName(curl::fuzzer::proto::ShutdownPolicy policy) { + switch(policy) { + case curl::fuzzer::proto::SHUTDOWN_POLICY_UNSPECIFIED: + return "unspecified"; + case curl::fuzzer::proto::SHUTDOWN_POLICY_HALF_CLOSE_AFTER_LAST_RESPONSE: + return "half_close"; + case curl::fuzzer::proto::SHUTDOWN_POLICY_KEEP_OPEN: + return "keep_open"; + case curl::fuzzer::proto::SHUTDOWN_POLICY_CLOSE_IMMEDIATELY: + return "close_immediately"; + case curl::fuzzer::proto::ShutdownPolicy_INT_MIN_SENTINEL_DO_NOT_USE_: + case curl::fuzzer::proto::ShutdownPolicy_INT_MAX_SENTINEL_DO_NOT_USE_: + return "sentinel"; + } + return "unknown"; +} + +std::string SanitizedSnippet(std::string_view data, size_t max_len = 64) { + std::string out; + size_t limit = std::min(data.size(), max_len); + out.reserve(limit * 4); + for(size_t ii = 0; ii < limit; ++ii) { + unsigned char ch = static_cast(data[ii]); + if(std::isprint(ch) && ch != '\\' && ch != '"') { + out.push_back(static_cast(ch)); } - return 0; + else { + char buf[5]; + std::snprintf(buf, sizeof(buf), "\\x%02X", ch); + out.append(buf); + } + } + if(data.size() > limit) { + out.append("…"); } + return out; +} - const std::vector *LookupBlob(uint32_t id) const { - auto it = blobs_.find(id); - if(it == blobs_.end()) { - return nullptr; +std::string HexSnippet(std::string_view data, size_t max_len = 16) { + static constexpr char kHexDigits[] = "0123456789ABCDEF"; + std::string out; + size_t limit = std::min(data.size(), max_len); + out.reserve(limit * 3); + for(size_t ii = 0; ii < limit; ++ii) { + unsigned char ch = static_cast(data[ii]); + if(ii > 0) { + out.push_back(' '); } - return &it->second; + out.push_back(kHexDigits[(ch >> 4) & 0x0F]); + out.push_back(kHexDigits[ch & 0x0F]); + } + if(data.size() > limit) { + out.append(" …"); } + return out; +} - int ResolveBlobRef(const curl::fuzzer::proto::BlobRef &ref, - const uint8_t **data, - size_t *length) const { - auto *blob = LookupBlob(ref.blob_id()); - if(blob == nullptr) { - return 255; +std::string SummarizeText(std::string_view data) { + std::string summary = "len=" + std::to_string(data.size()); + summary.append(" text=\""); + summary.append(SanitizedSnippet(data, 80)); + summary.push_back('"'); + return summary; +} + +std::string SummarizeBinary(std::string_view data) { + std::string summary = "len=" + std::to_string(data.size()); + if(!data.empty()) { + summary.append(" hex=["); + summary.append(HexSnippet(data, 16)); + summary.append("] ascii=\""); + summary.append(SanitizedSnippet(data, 32)); + summary.push_back('"'); + } + return summary; +} + +std::string SummarizeHeaderValue(const curl::fuzzer::proto::HeaderValue &value) { + switch(value.value_case()) { + case curl::fuzzer::proto::HeaderValue::kText: + return std::string("text ") + SummarizeText(value.text()); + case curl::fuzzer::proto::HeaderValue::kBinary: + return std::string("binary ") + SummarizeBinary(value.binary()); + case curl::fuzzer::proto::HeaderValue::VALUE_NOT_SET: + default: + return "unset"; + } +} + +std::string SummarizeResponse(const curl::fuzzer::proto::Response &response) { + std::string summary = SummarizeBinary(response.payload()); + if(response.has_hint()) { + std::string hints; + if(response.hint().chunked()) { + hints.append(hints.empty() ? "chunked" : ",chunked"); } - size_t offset = ref.has_offset() ? ref.offset() : 0; - if(offset > blob->size()) { - return 255; + if(response.hint().websocket_frame()) { + hints.append(hints.empty() ? "websocket" : ",websocket"); } - size_t view_len = ref.has_length() ? ref.length() : (blob->size() - offset); - if(offset + view_len > blob->size()) { - return 255; + if(response.hint().tls_record()) { + hints.append(hints.empty() ? "tls_record" : ",tls_record"); } - *data = blob->data() + offset; - *length = view_len; - return 0; + if(!hints.empty()) { + summary.append(" hints="); + summary.append(hints); + } + } + if(response.has_delay_before()) { + summary.append(" delay_ms="); + summary.append(std::to_string(response.delay_before().milliseconds())); + } + return summary; +} + +std::string SummarizeMimePart(const curl::fuzzer::proto::MimePart &part) { + std::string summary; + if(!part.name().empty()) { + summary.append("name="); + summary.append(SummarizeText(part.name())); + summary.append(" "); } + if(!part.filename().empty()) { + summary.append("filename="); + summary.append(SummarizeText(part.filename())); + summary.append(" "); + } + if(!part.content_type().empty()) { + summary.append("content_type=\""); + summary.append(part.content_type()); + summary.append("\" "); + } + switch(part.body_case()) { + case curl::fuzzer::proto::MimePart::kBytesValue: + summary.append("body_bytes "); + summary.append(SummarizeBinary(part.bytes_value())); + summary.append(" "); + break; + case curl::fuzzer::proto::MimePart::kInlineData: + summary.append("body_inline "); + summary.append(SummarizeText(part.inline_data())); + summary.append(" "); + break; + case curl::fuzzer::proto::MimePart::BODY_NOT_SET: + default: + break; + } + summary.append("headers="); + summary.append(std::to_string(part.headers_size())); + return summary; +} + +std::string SummarizeFormField(const curl::fuzzer::proto::FormField &field) { + std::string summary; + summary.append("name="); + summary.append(SummarizeText(field.name())); + summary.append(" "); + switch(field.body_case()) { + case curl::fuzzer::proto::FormField::kInlineData: + summary.append("inline "); + summary.append(SummarizeText(field.inline_data())); + break; + case curl::fuzzer::proto::FormField::kBytesValue: + summary.append("bytes "); + summary.append(SummarizeBinary(field.bytes_value())); + break; + case curl::fuzzer::proto::FormField::BODY_NOT_SET: + default: + summary.append("empty"); + break; + } + return summary; +} + +class ScenarioState { + public: + ScenarioState() = default; + ScenarioState(const ScenarioState &) = delete; + ScenarioState &operator=(const ScenarioState &) = delete; const char *CopyString(std::string_view sv) { auto owned = std::make_unique(sv.size() + 1); @@ -112,20 +288,29 @@ class ScenarioState { return ptr; } + std::pair CopyBytes(std::string_view sv) { + byte_buffers_.emplace_back(); + auto &storage = byte_buffers_.back(); + storage.assign(reinterpret_cast(sv.data()), + reinterpret_cast(sv.data()) + sv.size()); + const uint8_t *ptr = storage.data(); + return {ptr, storage.size()}; + } + int HeaderValueToCString(const curl::fuzzer::proto::HeaderValue &value, const char **out) { switch(value.value_case()) { case curl::fuzzer::proto::HeaderValue::kText: *out = CopyString(value.text()); return 0; - case curl::fuzzer::proto::HeaderValue::kBlob: { - const uint8_t *data = nullptr; - size_t length = 0; - int rc = ResolveBlobRef(value.blob(), &data, &length); - if(rc != 0) { - return rc; + case curl::fuzzer::proto::HeaderValue::kBinary: { + auto view = CopyBytes(value.binary()); + if(view.second == 0) { + *out = CopyString(""); + } + else { + *out = CopyString(std::string_view(reinterpret_cast(view.first), view.second)); } - *out = CopyString(std::string_view(reinterpret_cast(data), length)); return 0; } case curl::fuzzer::proto::HeaderValue::VALUE_NOT_SET: @@ -136,7 +321,7 @@ class ScenarioState { } private: - std::unordered_map> blobs_; + std::vector> byte_buffers_; std::vector> cstrings_; }; @@ -144,24 +329,6 @@ void DestroyScenarioState(void *ptr) { delete static_cast(ptr); } -bool HasStructuredTag(const curl::fuzzer::proto::Scenario &scenario) { - const auto &metadata = scenario.metadata(); - for(const auto &label : metadata.labels()) { - if(label == "structured-scenario" || label == "curl-structured") { - return true; - } - } - const auto &annotations = metadata.annotations(); - auto it = annotations.find("format"); - if(it != annotations.end()) { - const std::string &value = it->second; - if(value == "curl-structured" || value == "curl-structured-v1") { - return true; - } - } - return false; -} - long ProtoToLong(const curl::fuzzer::proto::SetOption &option) { if(option.has_int32_value()) { return static_cast(option.int32_value()); @@ -254,29 +421,42 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, } int rc = 0; + const char *scope_name = OptionScopeName(option.scope()); switch(desc->kind) { case OptionValueKind::kString: { const char *value = nullptr; + std::string detail; if(option.has_string_value()) { + detail = std::string("string ") + SummarizeText(option.string_value()); value = state->CopyString(option.string_value()); } - else if(option.has_blob()) { - const uint8_t *data = nullptr; - size_t len = 0; - rc = state->ResolveBlobRef(option.blob(), &data, &len); - if(rc != 0) { - return rc; + else if(option.has_bytes_value()) { + detail = std::string("bytes ") + SummarizeBinary(option.bytes_value()); + auto view = state->CopyBytes(option.bytes_value()); + if(view.second == 0 || view.first == nullptr) { + value = state->CopyString(""); + } + else { + value = state->CopyString(std::string_view(reinterpret_cast(view.first), view.second)); } - value = state->CopyString(std::string_view(reinterpret_cast(data), len)); } else { + detail = "string "; value = state->CopyString(""); } rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); if(rc != 0) { return rc; } - return ApplyStringOption(fuzz, desc, value); + rc = ApplyStringOption(fuzz, desc, value); + if(rc == 0 && fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: set_option %s scope=%s %s\n", + desc->name, + scope_name, + detail.c_str()); + } + return rc; } case OptionValueKind::kUint32: { rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); @@ -284,7 +464,16 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, return rc; } long value = ProtoToLong(option); - return ApplyLongOption(fuzz, desc, value); + rc = ApplyLongOption(fuzz, desc, value); + if(rc == 0 && fuzz->verbose) { + std::string detail = "uint32=" + std::to_string(static_cast(value)); + FV_PRINTF(fuzz, + "SCENARIO: set_option %s scope=%s %s\n", + desc->name, + scope_name, + detail.c_str()); + } + return rc; } case OptionValueKind::kUint64: { rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); @@ -292,7 +481,16 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, return rc; } curl_off_t value = ProtoToOffT(option); - return ApplyOffOption(fuzz, desc, value); + rc = ApplyOffOption(fuzz, desc, value); + if(rc == 0 && fuzz->verbose) { + std::string detail = "uint64=" + std::to_string(static_cast(value)); + FV_PRINTF(fuzz, + "SCENARIO: set_option %s scope=%s %s\n", + desc->name, + scope_name, + detail.c_str()); + } + return rc; } case OptionValueKind::kBool: { rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); @@ -300,7 +498,22 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, return rc; } long value = option.has_bool_value() ? (option.bool_value() ? 1L : 0L) : ProtoToLong(option); - return ApplyLongOption(fuzz, desc, value); + rc = ApplyLongOption(fuzz, desc, value); + if(rc == 0 && fuzz->verbose) { + std::string detail; + if(option.has_bool_value()) { + detail = std::string("bool=") + (option.bool_value() ? "true" : "false"); + } + else { + detail = "long=" + std::to_string(static_cast(value)); + } + FV_PRINTF(fuzz, + "SCENARIO: set_option %s scope=%s %s\n", + desc->name, + scope_name, + detail.c_str()); + } + return rc; } case OptionValueKind::kHttpPost: { rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); @@ -315,6 +528,12 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, return static_cast(code); } MarkOptionSet(fuzz, desc->curlopt); + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: set_option %s scope=%s httppost attached\n", + desc->name, + scope_name); + } return 0; } case OptionValueKind::kMime: { @@ -330,6 +549,12 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, return static_cast(code); } MarkOptionSet(fuzz, desc->curlopt); + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: set_option %s scope=%s mime attached\n", + desc->name, + scope_name); + } return 0; } case OptionValueKind::kUnknown: @@ -341,6 +566,7 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, int ApplyHeader(const curl::fuzzer::proto::AddHeader &header, ScenarioState *state, FUZZ_DATA *fuzz) { + std::string detail = SummarizeHeaderValue(header.value()); const char *value = nullptr; int rc = state->HeaderValueToCString(header.value(), &value); if(rc != 0) { @@ -352,12 +578,19 @@ int ApplyHeader(const curl::fuzzer::proto::AddHeader &header, } fuzz->header_list = new_list; fuzz->header_list_count++; + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: add_header #%d %s\n", + fuzz->header_list_count, + detail.c_str()); + } return 0; } int ApplyMailRecipient(const curl::fuzzer::proto::AddMailRecipient &recipient, ScenarioState *state, FUZZ_DATA *fuzz) { + std::string detail = SummarizeHeaderValue(recipient.value()); const char *value = nullptr; int rc = state->HeaderValueToCString(recipient.value(), &value); if(rc != 0) { @@ -369,24 +602,27 @@ int ApplyMailRecipient(const curl::fuzzer::proto::AddMailRecipient &recipient, } fuzz->mail_recipients_list = new_list; fuzz->header_list_count++; + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: add_mail_recipient #%d %s\n", + fuzz->header_list_count, + detail.c_str()); + } return 0; } int ApplyRegisterUpload(const curl::fuzzer::proto::RegisterUpload &upload, ScenarioState *state, FUZZ_DATA *fuzz) { - const uint8_t *data = nullptr; - size_t length = 0; - int rc = state->ResolveBlobRef(upload.payload(), &data, &length); - if(rc != 0) { - return rc; - } + auto view = state->CopyBytes(upload.payload()); + const uint8_t *data = view.first; + size_t length = view.second; fuzz->upload1_data = data; fuzz->upload1_data_len = length; fuzz->upload1_data_written = 0; const OptionDescriptor *upload_desc = LookupDescriptor(curl::fuzzer::proto::CURLOPT_UPLOAD); if(upload_desc != nullptr) { - rc = EnsureOptionUnset(fuzz, upload_desc->curlopt, upload_desc); + int rc = EnsureOptionUnset(fuzz, upload_desc->curlopt, upload_desc); if(rc != 0) { return rc; } @@ -402,11 +638,23 @@ int ApplyRegisterUpload(const curl::fuzzer::proto::RegisterUpload &upload, const OptionDescriptor *length_desc = LookupDescriptor(curl::fuzzer::proto::CURLOPT_INFILESIZE_LARGE); if(length_desc != nullptr) { - rc = EnsureOptionUnset(fuzz, length_desc->curlopt, length_desc); + int rc = EnsureOptionUnset(fuzz, length_desc->curlopt, length_desc); + if(rc != 0) { + return rc; + } + rc = ApplyOffOption(fuzz, length_desc, static_cast(length)); if(rc != 0) { return rc; } - return ApplyOffOption(fuzz, length_desc, static_cast(length)); + } + if(fuzz->verbose) { + std::string detail = SummarizeBinary(upload.payload()); + std::string size_hint = std::to_string(static_cast(upload.size_hint())); + FV_PRINTF(fuzz, + "SCENARIO: register_upload kind=%s %s size_hint=%s\n", + TransferKindName(upload.kind()), + detail.c_str(), + size_hint.c_str()); } return 0; } @@ -431,14 +679,9 @@ int ApplyMimePart(const curl::fuzzer::proto::MimePart &part, curl_mime_type(m, ctype); } switch(part.body_case()) { - case curl::fuzzer::proto::MimePart::kBlob: { - const uint8_t *data = nullptr; - size_t len = 0; - int rc = state->ResolveBlobRef(part.blob(), &data, &len); - if(rc != 0) { - return rc; - } - CURLcode code = curl_mime_data(m, reinterpret_cast(data), len); + case curl::fuzzer::proto::MimePart::kBytesValue: { + auto view = state->CopyBytes(part.bytes_value()); + CURLcode code = curl_mime_data(m, reinterpret_cast(view.first), view.second); if(code != CURLE_OK) { return static_cast(code); } @@ -483,11 +726,20 @@ int ApplyConfigureMime(const curl::fuzzer::proto::ConfigureMime &config, return 255; } } + size_t index = 0; for(const auto &part : config.parts()) { + if(fuzz->verbose) { + std::string detail = SummarizeMimePart(part); + FV_PRINTF(fuzz, + "SCENARIO: configure_mime part[%zu] %s\n", + index, + detail.c_str()); + } int rc = ApplyMimePart(part, state, fuzz->mime); if(rc != 0) { return rc; } + ++index; } return 0; } @@ -497,7 +749,15 @@ int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, FUZZ_DATA *fuzz) { struct curl_httppost *post = NULL; struct curl_httppost *last = fuzz->httppost; + size_t index = 0; for(const auto &field : config.fields()) { + if(fuzz->verbose) { + std::string detail = SummarizeFormField(field); + FV_PRINTF(fuzz, + "SCENARIO: configure_http_post field[%zu] %s\n", + index, + detail.c_str()); + } const char *name = state->CopyString(field.name()); CURLFORMcode form_rc = CURL_FORMADD_OK; switch(field.body_case()) { @@ -509,17 +769,12 @@ int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, CURLFORM_END); break; } - case curl::fuzzer::proto::FormField::kBlob: { - const uint8_t *data = nullptr; - size_t len = 0; - int rc = state->ResolveBlobRef(field.blob(), &data, &len); - if(rc != 0) { - return rc; - } + case curl::fuzzer::proto::FormField::kBytesValue: { + auto view = state->CopyBytes(field.bytes_value()); form_rc = curl_formadd(&post, &last, CURLFORM_COPYNAME, name, - CURLFORM_PTRCONTENTS, data, - CURLFORM_CONTENTLEN, static_cast(len), + CURLFORM_PTRCONTENTS, view.first, + CURLFORM_CONTENTLEN, static_cast(view.second), CURLFORM_END); break; } @@ -533,6 +788,7 @@ int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, if(form_rc != CURL_FORMADD_OK) { return 255; } + ++index; } if(fuzz->httppost == NULL) { fuzz->httppost = post; @@ -547,14 +803,9 @@ int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, int ApplyResponse(const curl::fuzzer::proto::Response &response, ScenarioState *state, FUZZ_RESPONSE *dest) { - const uint8_t *data = nullptr; - size_t len = 0; - int rc = state->ResolveBlobRef(response.payload(), &data, &len); - if(rc != 0) { - return rc; - } - dest->data = data; - dest->data_len = len; + auto view = state->CopyBytes(response.payload()); + dest->data = view.first; + dest->data_len = view.second; return 0; } @@ -566,11 +817,29 @@ int ApplyConnections(const google::protobuf::RepeatedPtrFieldsockman[connection.id()]; + if(fuzz->verbose) { + uint32_t idle_ms = connection.has_idle_after_send() + ? connection.idle_after_send().milliseconds() + : 0U; + FV_PRINTF(fuzz, + "SCENARIO: connection %u policy=%s idle_after_send_ms=%u responses=%d\n", + connection.id(), + ShutdownPolicyName(connection.shutdown_policy()), + idle_ms, + connection.on_readable_size() + (connection.has_initial_response() ? 1 : 0)); + } if(connection.has_initial_response()) { int rc = ApplyResponse(connection.initial_response(), state, &manager->responses[0]); if(rc != 0) { return rc; } + if(fuzz->verbose) { + std::string detail = SummarizeResponse(connection.initial_response()); + FV_PRINTF(fuzz, + "SCENARIO: connection %u initial_response %s\n", + connection.id(), + detail.c_str()); + } } int idx = 1; for(const auto &resp : connection.on_readable()) { @@ -581,6 +850,14 @@ int ApplyConnections(const google::protobuf::RepeatedPtrFieldverbose) { + std::string detail = SummarizeResponse(resp); + FV_PRINTF(fuzz, + "SCENARIO: connection %u on_readable[%d] %s\n", + connection.id(), + idx - 1, + detail.c_str()); + } idx++; } } @@ -595,21 +872,51 @@ int ApplyRegisterResponse(const curl::fuzzer::proto::RegisterResponse ®istrat return 255; } FUZZ_SOCKET_MANAGER *manager = &fuzz->sockman[id]; + int rc = 0; + int stage_index = -1; switch(registration.stage()) { case curl::fuzzer::proto::RESPONSE_STAGE_ON_CONNECT: - return ApplyResponse(registration.response(), state, &manager->responses[0]); + rc = ApplyResponse(registration.response(), state, &manager->responses[0]); + break; case curl::fuzzer::proto::RESPONSE_STAGE_ON_READABLE: { for(int idx = 1; idx < TLV_MAX_NUM_RESPONSES; ++idx) { if(manager->responses[idx].data_len == 0 && manager->responses[idx].data == NULL) { - return ApplyResponse(registration.response(), state, &manager->responses[idx]); + rc = ApplyResponse(registration.response(), state, &manager->responses[idx]); + stage_index = idx - 1; + break; } } - return 255; + if(stage_index == -1) { + return 255; + } + break; } case curl::fuzzer::proto::RESPONSE_STAGE_UNSPECIFIED: default: return 255; } + if(rc != 0) { + return rc; + } + if(fuzz->verbose) { + std::string detail = SummarizeResponse(registration.response()); + if(registration.stage() == curl::fuzzer::proto::RESPONSE_STAGE_ON_READABLE) { + FV_PRINTF(fuzz, + "SCENARIO: register_response conn=%u stage=%s index=%d %s\n", + id, + ResponseStageName(registration.stage()), + stage_index, + detail.c_str()); + } + else { + FV_PRINTF(fuzz, + "SCENARIO: register_response conn=%u stage=%s %s\n", + id, + ResponseStageName(registration.stage()), + detail.c_str()); + } + } + return 0; } int ApplyAction(const curl::fuzzer::proto::Action &action, @@ -653,6 +960,11 @@ int ApplyGlobalDefaults(const curl::fuzzer::proto::GlobalConfig &config, } protocols.append(config.allowed_protocols(ii)); } + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: global allowed_protocols=%s\n", + protocols.c_str()); + } const char *value = state->CopyString(protocols); CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_PROTOCOLS_STR, value); if(code != CURLE_OK) { @@ -660,6 +972,11 @@ int ApplyGlobalDefaults(const curl::fuzzer::proto::GlobalConfig &config, } } if(config.timeout_ms() != 0) { + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: global timeout_ms=%u\n", + config.timeout_ms()); + } CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_TIMEOUT_MS, static_cast(config.timeout_ms())); if(code != CURLE_OK) { @@ -667,6 +984,11 @@ int ApplyGlobalDefaults(const curl::fuzzer::proto::GlobalConfig &config, } } if(config.server_response_timeout_ms() != 0) { + if(fuzz->verbose) { + FV_PRINTF(fuzz, + "SCENARIO: global server_response_timeout_ms=%u\n", + config.server_response_timeout_ms()); + } CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_SERVER_RESPONSE_TIMEOUT, static_cast(config.server_response_timeout_ms())); @@ -675,6 +997,9 @@ int ApplyGlobalDefaults(const curl::fuzzer::proto::GlobalConfig &config, } } if(config.verbose()) { + if(fuzz->verbose) { + FV_PRINTF(fuzz, "SCENARIO: global enable_verbose\n"); + } CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_VERBOSE, 1L); if(code != CURLE_OK) { return static_cast(code); @@ -685,34 +1010,10 @@ int ApplyGlobalDefaults(const curl::fuzzer::proto::GlobalConfig &config, } // namespace -bool TryParseScenario(const uint8_t *data, - size_t size, - curl::fuzzer::proto::Scenario *out) { - if(size < 2) { - return false; - } - curl::fuzzer::proto::Scenario scenario; - if(!scenario.ParseFromArray(data, static_cast(size))) { - return false; - } - if(!HasStructuredTag(scenario) && - scenario.actions_size() == 0 && - scenario.connections_size() == 0 && - scenario.blobs_size() == 0) { - return false; - } - out->Swap(&scenario); - return true; -} - int ApplyScenario(const curl::fuzzer::proto::Scenario &scenario, FUZZ_DATA *fuzz) { auto state = std::make_unique(); - int rc = state->LoadBlobs(scenario); - if(rc != 0) { - return rc; - } - rc = ApplyGlobalDefaults(scenario.global(), state.get(), fuzz); + int rc = ApplyGlobalDefaults(scenario.global(), state.get(), fuzz); if(rc != 0) { return rc; } diff --git a/ossfuzz.sh b/ossfuzz.sh index 26f67215..1848e3f2 100755 --- a/ossfuzz.sh +++ b/ossfuzz.sh @@ -38,6 +38,9 @@ export CURL_SOURCE_DIR=/src/curl # Compile the fuzzers. "${SCRIPTDIR}"/compile_target.sh fuzz +# Convert structured scenarios into binary corpora entries. +"${SCRIPTDIR}"/compile_structured_corpora.sh + # Zip up the seed corpus. scripts/create_zip.sh diff --git a/scenarios/curl_fuzzer/oss-fuzz-3327.textproto b/scenarios/curl_fuzzer/oss-fuzz-3327.textproto new file mode 100644 index 00000000..13a89a0b --- /dev/null +++ b/scenarios/curl_fuzzer/oss-fuzz-3327.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/oss-fuzz-3327 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "RtSp:/1 " + } +} +connections { + id: 0 + initial_response { + payload: "$ \x00\x00u\x00o" + } +} diff --git a/scenarios/curl_fuzzer/test1.textproto b/scenarios/curl_fuzzer/test1.textproto new file mode 100644 index 00000000..7fa46413 --- /dev/null +++ b/scenarios/curl_fuzzer/test1.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test1 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:80/1" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake\nLast-Modified: Tue, 13 Jun 2000 12:10:00 GMT\nETag: \x2221025-dc7-39462498\x22\nAccept-Ranges: bytes\nContent-Length: 6\nConnection: close\nContent-Type: text/html\nFunny-head: yesyes\n\n-foo-\n" + } +} diff --git a/scenarios/curl_fuzzer/test10.textproto b/scenarios/curl_fuzzer/test10.textproto new file mode 100644 index 00000000..be56f9d1 --- /dev/null +++ b/scenarios/curl_fuzzer/test10.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer/test10 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/10" + } +} +actions { + register_upload { + payload: "Weird\n file\n to\n upload\nfor\n testing\nthe\n PUT\n feature\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 78 + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.0 200 OK swsclose\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake\n\nblablabla\n\n" + } +} diff --git a/scenarios/curl_fuzzer/test100.textproto b/scenarios/curl_fuzzer/test100.textproto new file mode 100644 index 00000000..41f43a11 --- /dev/null +++ b/scenarios/curl_fuzzer/test100.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test100 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-100/" + } +} +connections { + id: 0 + initial_response { + payload: "total 20\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 .\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 ..\r\ndrwxr-xr-x 2 98 98 512 May 2 1996 curl-releases\r\n-r--r--r-- 1 0 1 35 Jul 16 1996 README\r\nlrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin\r\ndr-xr-xr-x 2 0 1 512 Oct 1 1997 dev\r\ndrwxrwxrwx 2 98 98 512 May 29 16:04 download.html\r\ndr-xr-xr-x 2 0 1 512 Nov 30 1995 etc\r\ndrwxrwxrwx 2 98 1 512 Oct 30 14:33 pub\r\ndr-xr-xr-x 5 0 1 512 Oct 1 1997 usr\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test100_2.textproto b/scenarios/curl_fuzzer/test100_2.textproto new file mode 100644 index 00000000..92ade6d7 --- /dev/null +++ b/scenarios/curl_fuzzer/test100_2.textproto @@ -0,0 +1,30 @@ +# source: corpora/curl_fuzzer/test100_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-100/" + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } +} diff --git a/scenarios/curl_fuzzer/test100_3.textproto b/scenarios/curl_fuzzer/test100_3.textproto new file mode 100644 index 00000000..b84908ce --- /dev/null +++ b/scenarios/curl_fuzzer/test100_3.textproto @@ -0,0 +1,48 @@ +# source: corpora/curl_fuzzer/test100_3 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-100" + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "227 Entering Passive Mode (213,229,112,130,216,4)\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "213 10\n" + } + on_readable { + payload: "125 Already open\n" + } + on_readable { + payload: "226 Sent everything\n" + } +} +connections { + id: 1 + initial_response { + payload: "1234567890" + } + on_readable { + payload: "noworries" + } +} diff --git a/scenarios/curl_fuzzer/test1011.textproto b/scenarios/curl_fuzzer/test1011.textproto new file mode 100644 index 00000000..7d047947 --- /dev/null +++ b/scenarios/curl_fuzzer/test1011.textproto @@ -0,0 +1,25 @@ +# source: corpora/curl_fuzzer/test1011 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:12345" + } +} +actions { + set_option { + option_id: CURLOPT_FOLLOWLOCATION + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 301 OK\r\nLocation: moo.html&testcase=/10110002\r\nDate: Thu, 09 Nov 2010 14:49:00 GMT\r\nSet-Cookie: firstcookie=want; path=/\r\nContent-Length: 0\r\n\r\n" + } + on_readable { + payload: "HTTP/1.1 200 OK swsclose\r\nLocation: this should be ignored\r\nDate: Thu, 09 Nov 2010 14:49:00 GMT\r\nConnection: close\r\n\r\nbody\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test12.textproto b/scenarios/curl_fuzzer/test12.textproto new file mode 100644 index 00000000..2a6060a3 --- /dev/null +++ b/scenarios/curl_fuzzer/test12.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer/test12 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/12" + } +} +actions { + set_option { + option_id: CURLOPT_RANGE + scope: OPTION_SCOPE_DEFAULT + string_value: "100-200" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 206 Partial Content\r\nDate: Mon, 13 Nov 2000 13:41:09 GMT\r\nServer: Apache/1.3.11 (Unix) PHP/3.0.14\r\nLast-Modified: Tue, 13 Jun 2000 12:10:00 GMT\r\nETag: \x2221025-dc7-39462498\x22\r\nAccept-Ranges: bytes\r\nContent-Length: 101\r\nContent-Range: bytes 100-200/3527\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n..partial data returned from the\nserver as a result of setting an explicit byte range\nin the request\n" + } +} diff --git a/scenarios/curl_fuzzer/test1201.textproto b/scenarios/curl_fuzzer/test1201.textproto new file mode 100644 index 00000000..0931a11b --- /dev/null +++ b/scenarios/curl_fuzzer/test1201.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test1201 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "gopher://127.0.0.1:9009/1/selector/SELECTOR/1201" + } +} +connections { + id: 0 + initial_response { + payload: "iMenu results\t\terror.host\t1\r\n0Selector /selector/SELECTOR\t/bar\tbar.foo.invalid\t70\r\n.\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test13.textproto b/scenarios/curl_fuzzer/test13.textproto new file mode 100644 index 00000000..abadf281 --- /dev/null +++ b/scenarios/curl_fuzzer/test13.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer/test13 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/13" + } +} +actions { + set_option { + option_id: CURLOPT_CUSTOMREQUEST + scope: OPTION_SCOPE_DEFAULT + string_value: "DELETE" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 Read you\r\nContent-Length: 29\r\nDeleted: suppose we got a header like this! ;-)\r\n\r\nblabla custom request result\n" + } +} diff --git a/scenarios/curl_fuzzer/test1326.textproto b/scenarios/curl_fuzzer/test1326.textproto new file mode 100644 index 00000000..26f9a767 --- /dev/null +++ b/scenarios/curl_fuzzer/test1326.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test1326 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "telnet://127.0.0.1:8990" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 swsclose\n\nmoo\n" + } +} diff --git a/scenarios/curl_fuzzer/test1450.textproto b/scenarios/curl_fuzzer/test1450.textproto new file mode 100644 index 00000000..d98740cd --- /dev/null +++ b/scenarios/curl_fuzzer/test1450.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test1450 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "dict://127.0.0.1:9016/d:basic" + } +} +connections { + id: 0 + initial_response { + payload: "220 dictserver \n552 no matches\n" + } +} diff --git a/scenarios/curl_fuzzer/test2.textproto b/scenarios/curl_fuzzer/test2.textproto new file mode 100644 index 00000000..68638d51 --- /dev/null +++ b/scenarios/curl_fuzzer/test2.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer/test2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:80/2" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "fake" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake swsclose\nContent-Type: text/html\nFunny-head: yesyes\n" + } +} diff --git a/scenarios/curl_fuzzer/test271.textproto b/scenarios/curl_fuzzer/test271.textproto new file mode 100644 index 00000000..c0481c5a --- /dev/null +++ b/scenarios/curl_fuzzer/test271.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test271 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "tftp://127.0.0.1:8997//271" + } +} +connections { + id: 0 + initial_response { + payload: "a chunk of\ndata\nreturned\n to client\n" + } +} diff --git a/scenarios/curl_fuzzer/test3.textproto b/scenarios/curl_fuzzer/test3.textproto new file mode 100644 index 00000000..e7bba25b --- /dev/null +++ b/scenarios/curl_fuzzer/test3.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer/test3 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/3" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "fake" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_POSTFIELDS + scope: OPTION_SCOPE_DEFAULT + string_value: "fooo=mooo&pooo=clue&doo=%20%20%20++++" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.0 200 OK\r\nServer: test-server/fake\r\nContent-Type: text/html\r\nContent-Length: 0\r\n\r\nthis is data even though Content-Length is set to zero\n" + } +} diff --git a/scenarios/curl_fuzzer/test39.textproto b/scenarios/curl_fuzzer/test39.textproto new file mode 100644 index 00000000..1a75a796 --- /dev/null +++ b/scenarios/curl_fuzzer/test39.textproto @@ -0,0 +1,23 @@ +# source: corpora/curl_fuzzer/test39 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/39" + } +} +actions { + configure_mime { + parts { + name: "name" + inline_data: "daniel" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nDate: Thu, 09 Nov 2010 14:49:00 GMT\r\nServer: test-server/fake\r\nContent-Length: 10\r\n\r\nblablabla\n" + } +} diff --git a/scenarios/curl_fuzzer/test4.textproto b/scenarios/curl_fuzzer/test4.textproto new file mode 100644 index 00000000..b87a1519 --- /dev/null +++ b/scenarios/curl_fuzzer/test4.textproto @@ -0,0 +1,78 @@ +# source: corpora/curl_fuzzer/test4 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/4" + } +} +actions { + add_header { + value { + text: "extra-header: here" + } + } +} +actions { + add_header { + value { + text: "Accept: replaced" + } + } +} +actions { + add_header { + value { + text: "X-Custom-Header;" + } + } +} +actions { + add_header { + value { + text: "X-Test: foo;" + } + } +} +actions { + add_header { + value { + text: "X-Test:" + } + } +} +actions { + add_header { + value { + text: "X-Test2: foo;" + } + } +} +actions { + add_header { + value { + text: "X-Test3: " + } + } +} +actions { + add_header { + value { + text: "X-Test4; " + } + } +} +actions { + add_header { + value { + text: "X-Test5;ignored" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake swsclose\nContent-Type: text/html\nFunny-head: yesyes\n\n" + } +} diff --git a/scenarios/curl_fuzzer/test46.textproto b/scenarios/curl_fuzzer/test46.textproto new file mode 100644 index 00000000..0bda41b0 --- /dev/null +++ b/scenarios/curl_fuzzer/test46.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test46 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/want/46" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nServer: Microsoft-IIS/4.0\r\nDate: Tue, 25 Sep 2001 19:37:44 GMT\r\nContent-Type: text/html\r\nSet-Cookie: ckyPersistent=permanent; expires=Fri, 02-Feb-2035 11:56:27 GMT; path=/\r\nSet-Cookie: ckySession=temporary; path=/\r\nSet-Cookie: ASPSESSIONIDQGGQQSJJ=GKNBDIFAAOFDPDAIEAKDIBKE; path=/\r\nSet-Cookie: justaname=; path=/;\r\nSet-Cookie: simplyhuge=zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz\r\nCache-control: private\r\nContent-Length: 41\r\n\r\nThis server reply is for testing cookies\n" + } +} diff --git a/scenarios/curl_fuzzer/test5.textproto b/scenarios/curl_fuzzer/test5.textproto new file mode 100644 index 00000000..407646c4 --- /dev/null +++ b/scenarios/curl_fuzzer/test5.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test5 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/that/page/5#5" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake swsclose\nContent-Type: text/html\nFunny-head: yesyes\n\n" + } +} diff --git a/scenarios/curl_fuzzer/test567.textproto b/scenarios/curl_fuzzer/test567.textproto new file mode 100644 index 00000000..0280609e --- /dev/null +++ b/scenarios/curl_fuzzer/test567.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/test567 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test6.textproto b/scenarios/curl_fuzzer/test6.textproto new file mode 100644 index 00000000..5e188c59 --- /dev/null +++ b/scenarios/curl_fuzzer/test6.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer/test6 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/that/page/6" + } +} +actions { + set_option { + option_id: CURLOPT_COOKIE + scope: OPTION_SCOPE_DEFAULT + string_value: "name=contents;name2=content2" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake\nContent-Type: text/html\nFunny-head: yesyes\nswsclose: booo\n\n" + } +} diff --git a/scenarios/curl_fuzzer/test64.textproto b/scenarios/curl_fuzzer/test64.textproto new file mode 100644 index 00000000..ac865ab1 --- /dev/null +++ b/scenarios/curl_fuzzer/test64.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer/test64 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/64" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "james" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "bond" + } +} +actions { + set_option { + option_id: CURLOPT_HTTPAUTH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 401 Authorization Required swsclose\r\nServer: Apache/1.3.27 (Darwin) PHP/4.1.2\r\nWWW-Authenticate: Digest realm=\x22testrealm\x22, nonce=\x221053604145\x22\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 26\r\n\r\nThis is not the real page\n" + } +} diff --git a/scenarios/curl_fuzzer/test800.textproto b/scenarios/curl_fuzzer/test800.textproto new file mode 100644 index 00000000..f231d3e2 --- /dev/null +++ b/scenarios/curl_fuzzer/test800.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer/test800 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1:9003/800/;UID=1" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "secret" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test800_2.textproto b/scenarios/curl_fuzzer/test800_2.textproto new file mode 100644 index 00000000..90eec84a --- /dev/null +++ b/scenarios/curl_fuzzer/test800_2.textproto @@ -0,0 +1,24 @@ +# source: corpora/curl_fuzzer/test800_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1:9003/800/;UID=1" + } +} +connections { + id: 0 + initial_response { + payload: "* OK IMAP4rev1 Service Ready\n" + } + on_readable { + payload: "A001 IMAP4\n" + } + on_readable { + payload: "* 800 EXISTS\nA002 OK [READ-WRITE] SELECT completed\n" + } + on_readable { + payload: "* 1 FETCH (BODY[TEXT] {69}\r\nFrom: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n)\r\nA003 OK FETCH completed\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test850.textproto b/scenarios/curl_fuzzer/test850.textproto new file mode 100644 index 00000000..fb544dec --- /dev/null +++ b/scenarios/curl_fuzzer/test850.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer/test850 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "pop3://127.0.0.1:9001/850" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "secret" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test900.textproto b/scenarios/curl_fuzzer/test900.textproto new file mode 100644 index 00000000..efb23e3a --- /dev/null +++ b/scenarios/curl_fuzzer/test900.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer/test900 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 34 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: " " + } +} diff --git a/scenarios/curl_fuzzer/test900_2.textproto b/scenarios/curl_fuzzer/test900_2.textproto new file mode 100644 index 00000000..0576c183 --- /dev/null +++ b/scenarios/curl_fuzzer/test900_2.textproto @@ -0,0 +1,51 @@ +# source: corpora/curl_fuzzer/test900_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n.\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 36 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: "220 smtp.example.com ESMTP Postfix\n" + } + on_readable { + payload: "250 SIZE 14680064\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "354 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } +} diff --git a/scenarios/curl_fuzzer/test_accept_encoding.textproto b/scenarios/curl_fuzzer/test_accept_encoding.textproto new file mode 100644 index 00000000..2ecc1993 --- /dev/null +++ b/scenarios/curl_fuzzer/test_accept_encoding.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer/test_accept_encoding + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1/" + } +} +actions { + set_option { + option_id: CURLOPT_ACCEPT_ENCODING + scope: OPTION_SCOPE_DEFAULT + string_value: "" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nDate: Tue, 17 Oct 2017 22:03:56 GMT\r\nContent-Type: application/json\r\nContent-Length: 110\r\nContent-Encoding: gzip\r\n\r\n\x1f\x8b\x08\x00\x08\x7f\xe6Y\x00\x03\xab\xe6RPPJ\xaf\xca,(HMQ\xb2R()*M\xd5Q\x00\x89e\xa4&\xa6\xa4\x16\x15\x03\xc5\xaa\x81\x5c\xa0\x80crrjA\t\x90\xaf\xa4\xa5\xaf\xa5\x04V\x04\x14u\xce\xcf\xcbKM.\xc9\xcc\xcf\x03\xc9$\xe7\xe4\x17\xa7B\xe4j!\xc6\xe4\xa6\x96d\xe4\x83LVrw\r\x01\xc9\xd4r\x01\x00k\x5cH,s\x00\x00\x00" + } +} diff --git a/scenarios/curl_fuzzer/test_file_nobody.textproto b/scenarios/curl_fuzzer/test_file_nobody.textproto new file mode 100644 index 00000000..25884b4f --- /dev/null +++ b/scenarios/curl_fuzzer/test_file_nobody.textproto @@ -0,0 +1,23 @@ +# source: corpora/curl_fuzzer/test_file_nobody + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "file:///proc/self/status" + } +} +actions { + set_option { + option_id: CURLOPT_HEADER + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +actions { + set_option { + option_id: CURLOPT_NOBODY + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} diff --git a/scenarios/curl_fuzzer/test_ftp_list.textproto b/scenarios/curl_fuzzer/test_ftp_list.textproto new file mode 100644 index 00000000..2f8f2896 --- /dev/null +++ b/scenarios/curl_fuzzer/test_ftp_list.textproto @@ -0,0 +1,52 @@ +# source: corpora/curl_fuzzer/test_ftp_list + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-list/" + } +} +actions { + set_option { + option_id: CURLOPT_WILDCARDMATCH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 0 + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "227 Entering Passive Mode (213,229,112,130,216,4)\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "150 Success\r\n226 Everything sent\r\n" + } + on_readable { + payload: "200 Sure\n" + } +} +connections { + id: 1 + initial_response { + payload: "total 20\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 .\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 ..\r\ndrwxr-xr-x 2 98 98 512 May 2 1996 .NeXT\r\n-r--r--r-- 1 0 1 35 Jul 16 1996 README\r\nlrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin\r\ndr-xr-xr-x 2 0 1 512 Oct 1 1997 dev\r\ndrwxrwxrwx 2 98 98 512 May 29 16:04 download.html\r\ndr-xr-xr-x 2 0 1 512 Nov 30 1995 etc\r\ndrwxrwxrwx 2 98 1 512 Oct 30 14:33 pub\r\ndr-xr-xr-x 5 0 1 512 Oct 1 1997 usr\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test_ftp_wildcard.textproto b/scenarios/curl_fuzzer/test_ftp_wildcard.textproto new file mode 100644 index 00000000..104e4017 --- /dev/null +++ b/scenarios/curl_fuzzer/test_ftp_wildcard.textproto @@ -0,0 +1,52 @@ +# source: corpora/curl_fuzzer/test_ftp_wildcard + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-list/*.html" + } +} +actions { + set_option { + option_id: CURLOPT_WILDCARDMATCH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "227 Entering Passive Mode (213,229,112,130,216,4)\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "150 Success\r\n226 Everything sent\r\n" + } + on_readable { + payload: "200 Sure\n" + } +} +connections { + id: 1 + initial_response { + payload: "total 20\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 .\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 ..\r\ndrwxr-xr-x 2 98 98 512 May 2 1996 .NeXT\r\n-r--r--r-- 1 0 1 35 Jul 16 1996 README\r\nlrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin\r\ndr-xr-xr-x 2 0 1 512 Oct 1 1997 dev\r\ndrwxrwxrwx 2 98 98 512 May 29 16:04 download.html\r\ndr-xr-xr-x 2 0 1 512 Nov 30 1995 etc\r\ndrwxrwxrwx 2 98 1 512 Oct 30 14:33 pub\r\ndr-xr-xr-x 5 0 1 512 Oct 1 1997 usr\r\n" + } +} diff --git a/scenarios/curl_fuzzer/test_wrongproto.textproto b/scenarios/curl_fuzzer/test_wrongproto.textproto new file mode 100644 index 00000000..5619086a --- /dev/null +++ b/scenarios/curl_fuzzer/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer/timeout-4625841444093952.textproto b/scenarios/curl_fuzzer/timeout-4625841444093952.textproto new file mode 100644 index 00000000..460706da --- /dev/null +++ b/scenarios/curl_fuzzer/timeout-4625841444093952.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer/timeout-4625841444093952 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + bytes_value: "telnet:/0@2\000\000\000>0\xe71:8990" + } +} +connections { + id: 0 + initial_response { + payload: "ttp://1@7.0.0.1:8990/we/want/12\x00\x02\x00\x00\x01\x97HTTP/1.1 206 Partial Content\r\neleases\r\n-r--r--r-- 1 35 Jul 16 19ad.html\r\n000 bin -> usr/bin\r\ndr 1 /1ad.htm9\r'l\n99 b 1 i /1ad.htm\x00\x01\x00\x00\x00\x19pop3)//126.070.0:9\x84#0/850\x00\x02\x00\x00\x00F+\x1c\x00\x00\x00\x00\x00\x00\x00\x9b\xbf\x82omewhke@\xeeowe\rh\n..+\n-E\xb5Rybs oiu\x9a\x8cely\r\n+OKF\n\r\nehn.ow\r.\r\n-E*noswsclose\n;mode= 201 04:149:00 GMT\nS\x00\x00\x00\x04fake\x00\x04\x00\x00\x00\x04use r00 bin -> usr/bin\r\ndr 1 1 35 Jul 16 19ad.html\r\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xef\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xff.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\x00\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff/1.\xfd\xfd\xff\xfb 98 # .htmx 8 98 \x00\x01\x00\x00\x00 http://127.0.0\x00\x01\x00\x06\x00\x17tr 1 1 35 Jul 16 19ad.html\r\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfe\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff # .htmx 8 98 \x00\x01\x00\x00\x00 http://127.0.0\x00\x01\x00\x06\x00\x17tr 1 1 35 Jul 16 19ad.h\xa7ml\r\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\x00\xfa\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \n\xc6002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xff.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/X&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%dSp@/ \x003://127.070.0:9000/850\x00\x02\x00\x00\x00F+OKF\n\rr me@some./whke@nowe\rh\n..\r\n-\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff # .htmx 8 98 \x00\x01\x00\x00\x00 http://127.0.0\x00\x01\x00\x06\x00\x17tr 1 1 35 Jul 16 19ad.h\xa7ml\r\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xef\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xff.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/X&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA2 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/X&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA2 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb 98 # .htmx5\x00/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb \r\r\r\x00w\xff\xfa\xff\xfasC\r\xffw\x00\r\xfa\xff\xfbsC\r\r\x00w\xff\xfa\xff\xfa200\nm\n0.1:\x00\x01\x00\x00\x00\x08%\n000 bi\x00\x01\x00\x00001 \nA002 OKo\xe6err\xe5s\n\r-\n* \xff\xfa\x18/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\xff\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1.\xfd\xfd\xff\xfb / 98 \x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xff\xfc\xff\xff\xfa\xff/1&\xff\xff\xff\xfd0\x00\x02\x00\x00\x00\n\r\xff\xff\xfb\xff/1.\x8c\xff\xfd\xfd\xff\xfb\x01\x1f\xff\xfc\x01\xffs/1.\xff\xff\xff\xfb\xff/1/ 98 \x00y\xff\x1e\xff\xfc\xff\xef\xfa'\xff/1&\xff\xff\xff\xfd\x1f\x07\xfc\xff\xff\xfa\xff1:\xff\x01\x00\x00y\xff\x1e\xffbytes\n\r00-200/3527\r\nConnectiMTs\nD\r00-200/3527\r\nC/" + } +} diff --git a/scenarios/curl_fuzzer_dict/test1450.textproto b/scenarios/curl_fuzzer_dict/test1450.textproto new file mode 100644 index 00000000..6f09d85f --- /dev/null +++ b/scenarios/curl_fuzzer_dict/test1450.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_dict/test1450 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "dict://127.0.0.1:9016/d:basic" + } +} +connections { + id: 0 + initial_response { + payload: "220 dictserver \n552 no matches\n" + } +} diff --git a/scenarios/curl_fuzzer_dict/test_url_dict.textproto b/scenarios/curl_fuzzer_dict/test_url_dict.textproto new file mode 100644 index 00000000..4ac2869a --- /dev/null +++ b/scenarios/curl_fuzzer_dict/test_url_dict.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_dict/test_url_dict + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "dict://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_dict/test_wrongproto.textproto b/scenarios/curl_fuzzer_dict/test_wrongproto.textproto new file mode 100644 index 00000000..ce165d5d --- /dev/null +++ b/scenarios/curl_fuzzer_dict/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_dict/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_file/test_file_nobody.textproto b/scenarios/curl_fuzzer_file/test_file_nobody.textproto new file mode 100644 index 00000000..f5cad9fe --- /dev/null +++ b/scenarios/curl_fuzzer_file/test_file_nobody.textproto @@ -0,0 +1,23 @@ +# source: corpora/curl_fuzzer_file/test_file_nobody + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "file:///proc/self/status" + } +} +actions { + set_option { + option_id: CURLOPT_HEADER + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +actions { + set_option { + option_id: CURLOPT_NOBODY + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} diff --git a/scenarios/curl_fuzzer_file/test_url_file.textproto b/scenarios/curl_fuzzer_file/test_url_file.textproto new file mode 100644 index 00000000..202085a4 --- /dev/null +++ b/scenarios/curl_fuzzer_file/test_url_file.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_file/test_url_file + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "file://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_file/test_wrongproto.textproto b/scenarios/curl_fuzzer_file/test_wrongproto.textproto new file mode 100644 index 00000000..48720e0e --- /dev/null +++ b/scenarios/curl_fuzzer_file/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_file/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_ftp/test_ftp_list.textproto b/scenarios/curl_fuzzer_ftp/test_ftp_list.textproto new file mode 100644 index 00000000..76ae8571 --- /dev/null +++ b/scenarios/curl_fuzzer_ftp/test_ftp_list.textproto @@ -0,0 +1,52 @@ +# source: corpora/curl_fuzzer_ftp/test_ftp_list + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-list/" + } +} +actions { + set_option { + option_id: CURLOPT_WILDCARDMATCH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 0 + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "227 Entering Passive Mode (213,229,112,130,216,4)\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "150 Success\r\n226 Everything sent\r\n" + } + on_readable { + payload: "200 Sure\n" + } +} +connections { + id: 1 + initial_response { + payload: "total 20\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 .\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 ..\r\ndrwxr-xr-x 2 98 98 512 May 2 1996 .NeXT\r\n-r--r--r-- 1 0 1 35 Jul 16 1996 README\r\nlrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin\r\ndr-xr-xr-x 2 0 1 512 Oct 1 1997 dev\r\ndrwxrwxrwx 2 98 98 512 May 29 16:04 download.html\r\ndr-xr-xr-x 2 0 1 512 Nov 30 1995 etc\r\ndrwxrwxrwx 2 98 1 512 Oct 30 14:33 pub\r\ndr-xr-xr-x 5 0 1 512 Oct 1 1997 usr\r\n" + } +} diff --git a/scenarios/curl_fuzzer_ftp/test_ftp_wildcard.textproto b/scenarios/curl_fuzzer_ftp/test_ftp_wildcard.textproto new file mode 100644 index 00000000..cea46f81 --- /dev/null +++ b/scenarios/curl_fuzzer_ftp/test_ftp_wildcard.textproto @@ -0,0 +1,52 @@ +# source: corpora/curl_fuzzer_ftp/test_ftp_wildcard + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-list/*.html" + } +} +actions { + set_option { + option_id: CURLOPT_WILDCARDMATCH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "227 Entering Passive Mode (213,229,112,130,216,4)\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "150 Success\r\n226 Everything sent\r\n" + } + on_readable { + payload: "200 Sure\n" + } +} +connections { + id: 1 + initial_response { + payload: "total 20\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 .\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 ..\r\ndrwxr-xr-x 2 98 98 512 May 2 1996 .NeXT\r\n-r--r--r-- 1 0 1 35 Jul 16 1996 README\r\nlrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin\r\ndr-xr-xr-x 2 0 1 512 Oct 1 1997 dev\r\ndrwxrwxrwx 2 98 98 512 May 29 16:04 download.html\r\ndr-xr-xr-x 2 0 1 512 Nov 30 1995 etc\r\ndrwxrwxrwx 2 98 1 512 Oct 30 14:33 pub\r\ndr-xr-xr-x 5 0 1 512 Oct 1 1997 usr\r\n" + } +} diff --git a/scenarios/curl_fuzzer_ftp/test_url_ftp.textproto b/scenarios/curl_fuzzer_ftp/test_url_ftp.textproto new file mode 100644 index 00000000..040db114 --- /dev/null +++ b/scenarios/curl_fuzzer_ftp/test_url_ftp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_ftp/test_url_ftp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_ftp/test_wrongproto.textproto b/scenarios/curl_fuzzer_ftp/test_wrongproto.textproto new file mode 100644 index 00000000..a71ac249 --- /dev/null +++ b/scenarios/curl_fuzzer_ftp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_ftp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_gopher/test1201.textproto b/scenarios/curl_fuzzer_gopher/test1201.textproto new file mode 100644 index 00000000..502a7076 --- /dev/null +++ b/scenarios/curl_fuzzer_gopher/test1201.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_gopher/test1201 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "gopher://127.0.0.1:9009/1/selector/SELECTOR/1201" + } +} +connections { + id: 0 + initial_response { + payload: "iMenu results\t\terror.host\t1\r\n0Selector /selector/SELECTOR\t/bar\tbar.foo.invalid\t70\r\n.\r\n" + } +} diff --git a/scenarios/curl_fuzzer_gopher/test_url_gopher.textproto b/scenarios/curl_fuzzer_gopher/test_url_gopher.textproto new file mode 100644 index 00000000..ee9ae460 --- /dev/null +++ b/scenarios/curl_fuzzer_gopher/test_url_gopher.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_gopher/test_url_gopher + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "gopher://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_gopher/test_wrongproto.textproto b/scenarios/curl_fuzzer_gopher/test_wrongproto.textproto new file mode 100644 index 00000000..bea2d2a8 --- /dev/null +++ b/scenarios/curl_fuzzer_gopher/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_gopher/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_http/test1.textproto b/scenarios/curl_fuzzer_http/test1.textproto new file mode 100644 index 00000000..bff9d0bc --- /dev/null +++ b/scenarios/curl_fuzzer_http/test1.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test1 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:80/1" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake\nLast-Modified: Tue, 13 Jun 2000 12:10:00 GMT\nETag: \x2221025-dc7-39462498\x22\nAccept-Ranges: bytes\nContent-Length: 6\nConnection: close\nContent-Type: text/html\nFunny-head: yesyes\n\n-foo-\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test10.textproto b/scenarios/curl_fuzzer_http/test10.textproto new file mode 100644 index 00000000..94913f96 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test10.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_http/test10 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/10" + } +} +actions { + register_upload { + payload: "Weird\n file\n to\n upload\nfor\n testing\nthe\n PUT\n feature\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 78 + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.0 200 OK swsclose\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake\n\nblablabla\n\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test100.textproto b/scenarios/curl_fuzzer_http/test100.textproto new file mode 100644 index 00000000..548cdd2b --- /dev/null +++ b/scenarios/curl_fuzzer_http/test100.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test100 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-100/" + } +} +connections { + id: 0 + initial_response { + payload: "total 20\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 .\r\ndrwxr-xr-x 8 98 98 512 Oct 22 13:06 ..\r\ndrwxr-xr-x 2 98 98 512 May 2 1996 curl-releases\r\n-r--r--r-- 1 0 1 35 Jul 16 1996 README\r\nlrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin\r\ndr-xr-xr-x 2 0 1 512 Oct 1 1997 dev\r\ndrwxrwxrwx 2 98 98 512 May 29 16:04 download.html\r\ndr-xr-xr-x 2 0 1 512 Nov 30 1995 etc\r\ndrwxrwxrwx 2 98 1 512 Oct 30 14:33 pub\r\ndr-xr-xr-x 5 0 1 512 Oct 1 1997 usr\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test100_2.textproto b/scenarios/curl_fuzzer_http/test100_2.textproto new file mode 100644 index 00000000..4a93ade9 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test100_2.textproto @@ -0,0 +1,30 @@ +# source: corpora/curl_fuzzer_http/test100_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-100/" + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test100_3.textproto b/scenarios/curl_fuzzer_http/test100_3.textproto new file mode 100644 index 00000000..bc6ae38d --- /dev/null +++ b/scenarios/curl_fuzzer_http/test100_3.textproto @@ -0,0 +1,48 @@ +# source: corpora/curl_fuzzer_http/test100_3 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ftp://127.0.0.1:8992/test-100" + } +} +connections { + id: 0 + initial_response { + payload: "220 Hello!\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "400 Sure\n" + } + on_readable { + payload: "227 Entering Passive Mode (213,229,112,130,216,4)\n" + } + on_readable { + payload: "200 Sure\n" + } + on_readable { + payload: "213 10\n" + } + on_readable { + payload: "125 Already open\n" + } + on_readable { + payload: "226 Sent everything\n" + } +} +connections { + id: 1 + initial_response { + payload: "1234567890" + } + on_readable { + payload: "noworries" + } +} diff --git a/scenarios/curl_fuzzer_http/test1011.textproto b/scenarios/curl_fuzzer_http/test1011.textproto new file mode 100644 index 00000000..12240655 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test1011.textproto @@ -0,0 +1,25 @@ +# source: corpora/curl_fuzzer_http/test1011 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:12345" + } +} +actions { + set_option { + option_id: CURLOPT_FOLLOWLOCATION + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 301 OK\r\nLocation: moo.html&testcase=/10110002\r\nDate: Thu, 09 Nov 2010 14:49:00 GMT\r\nSet-Cookie: firstcookie=want; path=/\r\nContent-Length: 0\r\n\r\n" + } + on_readable { + payload: "HTTP/1.1 200 OK swsclose\r\nLocation: this should be ignored\r\nDate: Thu, 09 Nov 2010 14:49:00 GMT\r\nConnection: close\r\n\r\nbody\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test12.textproto b/scenarios/curl_fuzzer_http/test12.textproto new file mode 100644 index 00000000..f51cbaeb --- /dev/null +++ b/scenarios/curl_fuzzer_http/test12.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_http/test12 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/12" + } +} +actions { + set_option { + option_id: CURLOPT_RANGE + scope: OPTION_SCOPE_DEFAULT + string_value: "100-200" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 206 Partial Content\r\nDate: Mon, 13 Nov 2000 13:41:09 GMT\r\nServer: Apache/1.3.11 (Unix) PHP/3.0.14\r\nLast-Modified: Tue, 13 Jun 2000 12:10:00 GMT\r\nETag: \x2221025-dc7-39462498\x22\r\nAccept-Ranges: bytes\r\nContent-Length: 101\r\nContent-Range: bytes 100-200/3527\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n..partial data returned from the\nserver as a result of setting an explicit byte range\nin the request\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test1201.textproto b/scenarios/curl_fuzzer_http/test1201.textproto new file mode 100644 index 00000000..9e0905d3 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test1201.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test1201 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "gopher://127.0.0.1:9009/1/selector/SELECTOR/1201" + } +} +connections { + id: 0 + initial_response { + payload: "iMenu results\t\terror.host\t1\r\n0Selector /selector/SELECTOR\t/bar\tbar.foo.invalid\t70\r\n.\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test13.textproto b/scenarios/curl_fuzzer_http/test13.textproto new file mode 100644 index 00000000..9d24bdef --- /dev/null +++ b/scenarios/curl_fuzzer_http/test13.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_http/test13 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/13" + } +} +actions { + set_option { + option_id: CURLOPT_CUSTOMREQUEST + scope: OPTION_SCOPE_DEFAULT + string_value: "DELETE" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 Read you\r\nContent-Length: 29\r\nDeleted: suppose we got a header like this! ;-)\r\n\r\nblabla custom request result\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test1326.textproto b/scenarios/curl_fuzzer_http/test1326.textproto new file mode 100644 index 00000000..762586bb --- /dev/null +++ b/scenarios/curl_fuzzer_http/test1326.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test1326 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "telnet://127.0.0.1:8990" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 swsclose\n\nmoo\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test1450.textproto b/scenarios/curl_fuzzer_http/test1450.textproto new file mode 100644 index 00000000..43728c92 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test1450.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test1450 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "dict://127.0.0.1:9016/d:basic" + } +} +connections { + id: 0 + initial_response { + payload: "220 dictserver \n552 no matches\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test2.textproto b/scenarios/curl_fuzzer_http/test2.textproto new file mode 100644 index 00000000..b69d99bd --- /dev/null +++ b/scenarios/curl_fuzzer_http/test2.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_http/test2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:80/2" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "fake" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake swsclose\nContent-Type: text/html\nFunny-head: yesyes\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test271.textproto b/scenarios/curl_fuzzer_http/test271.textproto new file mode 100644 index 00000000..14c1eaa6 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test271.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test271 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "tftp://127.0.0.1:8997//271" + } +} +connections { + id: 0 + initial_response { + payload: "a chunk of\ndata\nreturned\n to client\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test3.textproto b/scenarios/curl_fuzzer_http/test3.textproto new file mode 100644 index 00000000..2089200d --- /dev/null +++ b/scenarios/curl_fuzzer_http/test3.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_http/test3 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/3" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "fake" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_POSTFIELDS + scope: OPTION_SCOPE_DEFAULT + string_value: "fooo=mooo&pooo=clue&doo=%20%20%20++++" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.0 200 OK\r\nServer: test-server/fake\r\nContent-Type: text/html\r\nContent-Length: 0\r\n\r\nthis is data even though Content-Length is set to zero\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test39.textproto b/scenarios/curl_fuzzer_http/test39.textproto new file mode 100644 index 00000000..7316f367 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test39.textproto @@ -0,0 +1,23 @@ +# source: corpora/curl_fuzzer_http/test39 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/39" + } +} +actions { + configure_mime { + parts { + name: "name" + inline_data: "daniel" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nDate: Thu, 09 Nov 2010 14:49:00 GMT\r\nServer: test-server/fake\r\nContent-Length: 10\r\n\r\nblablabla\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test4.textproto b/scenarios/curl_fuzzer_http/test4.textproto new file mode 100644 index 00000000..b569747d --- /dev/null +++ b/scenarios/curl_fuzzer_http/test4.textproto @@ -0,0 +1,78 @@ +# source: corpora/curl_fuzzer_http/test4 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/4" + } +} +actions { + add_header { + value { + text: "extra-header: here" + } + } +} +actions { + add_header { + value { + text: "Accept: replaced" + } + } +} +actions { + add_header { + value { + text: "X-Custom-Header;" + } + } +} +actions { + add_header { + value { + text: "X-Test: foo;" + } + } +} +actions { + add_header { + value { + text: "X-Test:" + } + } +} +actions { + add_header { + value { + text: "X-Test2: foo;" + } + } +} +actions { + add_header { + value { + text: "X-Test3: " + } + } +} +actions { + add_header { + value { + text: "X-Test4; " + } + } +} +actions { + add_header { + value { + text: "X-Test5;ignored" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake swsclose\nContent-Type: text/html\nFunny-head: yesyes\n\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test46.textproto b/scenarios/curl_fuzzer_http/test46.textproto new file mode 100644 index 00000000..c8931db4 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test46.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test46 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/want/46" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nServer: Microsoft-IIS/4.0\r\nDate: Tue, 25 Sep 2001 19:37:44 GMT\r\nContent-Type: text/html\r\nSet-Cookie: ckyPersistent=permanent; expires=Fri, 02-Feb-2035 11:56:27 GMT; path=/\r\nSet-Cookie: ckySession=temporary; path=/\r\nSet-Cookie: ASPSESSIONIDQGGQQSJJ=GKNBDIFAAOFDPDAIEAKDIBKE; path=/\r\nSet-Cookie: justaname=; path=/;\r\nSet-Cookie: simplyhuge=zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz\r\nCache-control: private\r\nContent-Length: 41\r\n\r\nThis server reply is for testing cookies\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test5.textproto b/scenarios/curl_fuzzer_http/test5.textproto new file mode 100644 index 00000000..cfcfa820 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test5.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test5 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/that/page/5#5" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake swsclose\nContent-Type: text/html\nFunny-head: yesyes\n\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test567.textproto b/scenarios/curl_fuzzer_http/test567.textproto new file mode 100644 index 00000000..02e21d3a --- /dev/null +++ b/scenarios/curl_fuzzer_http/test567.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test567 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test6.textproto b/scenarios/curl_fuzzer_http/test6.textproto new file mode 100644 index 00000000..85088a65 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test6.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_http/test6 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/we/want/that/page/6" + } +} +actions { + set_option { + option_id: CURLOPT_COOKIE + scope: OPTION_SCOPE_DEFAULT + string_value: "name=contents;name2=content2" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\nDate: Thu, 09 Nov 2010 14:49:00 GMT\nServer: test-server/fake\nContent-Type: text/html\nFunny-head: yesyes\nswsclose: booo\n\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test64.textproto b/scenarios/curl_fuzzer_http/test64.textproto new file mode 100644 index 00000000..0f926f80 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test64.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_http/test64 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1:8990/64" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "james" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "bond" + } +} +actions { + set_option { + option_id: CURLOPT_HTTPAUTH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 401 Authorization Required swsclose\r\nServer: Apache/1.3.27 (Darwin) PHP/4.1.2\r\nWWW-Authenticate: Digest realm=\x22testrealm\x22, nonce=\x221053604145\x22\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 26\r\n\r\nThis is not the real page\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test800.textproto b/scenarios/curl_fuzzer_http/test800.textproto new file mode 100644 index 00000000..a41c0617 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test800.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_http/test800 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1:9003/800/;UID=1" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "secret" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test800_2.textproto b/scenarios/curl_fuzzer_http/test800_2.textproto new file mode 100644 index 00000000..baf76260 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test800_2.textproto @@ -0,0 +1,24 @@ +# source: corpora/curl_fuzzer_http/test800_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1:9003/800/;UID=1" + } +} +connections { + id: 0 + initial_response { + payload: "* OK IMAP4rev1 Service Ready\n" + } + on_readable { + payload: "A001 IMAP4\n" + } + on_readable { + payload: "* 800 EXISTS\nA002 OK [READ-WRITE] SELECT completed\n" + } + on_readable { + payload: "* 1 FETCH (BODY[TEXT] {69}\r\nFrom: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n)\r\nA003 OK FETCH completed\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test850.textproto b/scenarios/curl_fuzzer_http/test850.textproto new file mode 100644 index 00000000..8bd44477 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test850.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_http/test850 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "pop3://127.0.0.1:9001/850" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "secret" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test900.textproto b/scenarios/curl_fuzzer_http/test900.textproto new file mode 100644 index 00000000..60c38646 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test900.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_http/test900 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 34 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: " " + } +} diff --git a/scenarios/curl_fuzzer_http/test900_2.textproto b/scenarios/curl_fuzzer_http/test900_2.textproto new file mode 100644 index 00000000..aaff8a73 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test900_2.textproto @@ -0,0 +1,51 @@ +# source: corpora/curl_fuzzer_http/test900_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n.\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 36 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: "220 smtp.example.com ESMTP Postfix\n" + } + on_readable { + payload: "250 SIZE 14680064\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "354 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test_accept_encoding.textproto b/scenarios/curl_fuzzer_http/test_accept_encoding.textproto new file mode 100644 index 00000000..615ce0dd --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_accept_encoding.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_http/test_accept_encoding + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1/" + } +} +actions { + set_option { + option_id: CURLOPT_ACCEPT_ENCODING + scope: OPTION_SCOPE_DEFAULT + string_value: "" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nDate: Tue, 17 Oct 2017 22:03:56 GMT\r\nContent-Type: application/json\r\nContent-Length: 110\r\nContent-Encoding: gzip\r\n\r\n\x1f\x8b\x08\x00\x08\x7f\xe6Y\x00\x03\xab\xe6RPPJ\xaf\xca,(HMQ\xb2R()*M\xd5Q\x00\x89e\xa4&\xa6\xa4\x16\x15\x03\xc5\xaa\x81\x5c\xa0\x80crrjA\t\x90\xaf\xa4\xa5\xaf\xa5\x04V\x04\x14u\xce\xcf\xcbKM.\xc9\xcc\xcf\x03\xc9$\xe7\xe4\x17\xa7B\xe4j!\xc6\xe4\xa6\x96d\xe4\x83LVrw\r\x01\xc9\xd4r\x01\x00k\x5cH,s\x00\x00\x00" + } +} diff --git a/scenarios/curl_fuzzer_http/test_alt_svc.textproto b/scenarios/curl_fuzzer_http/test_alt_svc.textproto new file mode 100644 index 00000000..4d842285 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_alt_svc.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_http/test_alt_svc + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://server.example.com" + } +} +actions { + add_header { + value { + text: "Origin: http://example.com" + } + } +} +actions { + add_header { + value { + text: "X-Foo-3: ba\tr" + } + } +} +actions { + add_header { + value { + text: "Cookie: __m=-1" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nHost: server.example.com\r\nAlt-Svc: clear\r\nConnection: Keep-Alive\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test_alt_svc_with_ma.textproto b/scenarios/curl_fuzzer_http/test_alt_svc_with_ma.textproto new file mode 100644 index 00000000..b873daa9 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_alt_svc_with_ma.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_http/test_alt_svc_with_ma + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://server.example.com" + } +} +actions { + add_header { + value { + text: "Origin: http://example.com" + } + } +} +actions { + add_header { + value { + text: "X-Foo-3: ba\tr" + } + } +} +actions { + add_header { + value { + text: "Cookie: __m=-1" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nHost: server.example.com\r\nAlt-Svc: h2=\x22alt.example.com:443\x22, h2=\x22:443\x22\r\nConnection: Keep-Alive\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test_basic_http2.textproto b/scenarios/curl_fuzzer_http/test_basic_http2.textproto new file mode 100644 index 00000000..41544e9c --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_basic_http2.textproto @@ -0,0 +1,25 @@ +# source: corpora/curl_fuzzer_http/test_basic_http2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1" + } +} +actions { + set_option { + option_id: CURLOPT_HTTP_VERSION + scope: OPTION_SCOPE_DEFAULT + uint32_value: 5 + } +} +connections { + id: 0 + initial_response { + payload: "\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00d\x00\x04\x00\x10\x00\x00\x00\x08\x00\x00\x00\x01\x00\x01\x00\x00 \x00\x00\x00\xbc\x01\x04\x00\x00\x00\x01\x88a\x96\xdfi~\x94\x0b\xaaC]\x8a\x08\x01y@?p\x0f\x5cm\xc51h\xdf_\x8b\x1du\xd0b\r&=LtA\xea\x0f\r\x82\x10[T\x01*@\x96\x19\x08T!b\x1e\xa4\xd8z\x16\x1d\x14\x1f\xc2\xc4\xb0\xb2\x16\xa4\x98t#\x83M\x96\x97@\x8f\xf2\xb4c'R\xd5\x22\xd3\x94r\x16\xc5\xacJ\x7f\x86\x02\xe0\x03\x22\x03\xbfv\x86\xaai\xd2\x9a\xfc\xff|\x88\n\xe1R\xa9\xa7Jk\xf3@\x8b\xf2\xb4\xb6\x0e\x92\xacz\xd2c\xd4\x8f\x89\xdd\x0e\x8c\x1a\xb6\xe4\xc5\x93O@\x8c\xf2\xb7\x94!j\xec:JD\x98\xf5\x7f\x8a\x0f\xda\x94\x9eB\xc1\x1d\x07'_@\x90\xf2\xb1\x0fRKRVO\xaa\xca\xb1\xebI\x8fR?\x85\xa8\xe8\xa8\xd2\xcb\x00\x00\xd7\x00\x01\x00\x00\x00\x01{\n \x22args\x22: {},\n \x22headers\x22: {\n \x22Accept\x22: \x22*/*\x22,\n \x22Host\x22: \x22nghttp2.org\x22,\n \x22User-Agent\x22: \x22curl/7.60.0-DEV\x22,\n \x22Via\x22: \x222 nghttpx\x22\n },\n \x22origin\x22: \x22127.0.10.10\x22,\n \x22url\x22: \x22http://nghttp2.org/httpbin/get\x22\n}\n" + } + on_readable { + payload: "\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00d\x00\x04\x00\x10\x00\x00\x00\x08\x00\x00\x00\x01\x00\x01\x00\x00 \x00" + } +} diff --git a/scenarios/curl_fuzzer_http/test_cookie_control_code_hackerone_1613943.textproto b/scenarios/curl_fuzzer_http/test_cookie_control_code_hackerone_1613943.textproto new file mode 100644 index 00000000..4e54ac36 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_cookie_control_code_hackerone_1613943.textproto @@ -0,0 +1,37 @@ +# source: corpora/curl_fuzzer_http/test_cookie_control_code_hackerone_1613943 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://example.com:8080/chat?a=b&c=d" + } +} +actions { + add_header { + value { + text: "Host: server.example.com" + } + } +} +actions { + add_header { + value { + text: "Connection: Close" + } + } +} +actions { + add_header { + value { + text: "Origin: http://example.com" + } + } +} +actions { + add_header { + value { + text: "Cookie: a=b\\f" + } + } +} diff --git a/scenarios/curl_fuzzer_http/test_http_upgrade_to_ws.textproto b/scenarios/curl_fuzzer_http/test_http_upgrade_to_ws.textproto new file mode 100644 index 00000000..2caf64e0 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_http_upgrade_to_ws.textproto @@ -0,0 +1,64 @@ +# source: corpora/curl_fuzzer_http/test_http_upgrade_to_ws + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://example.com:8080/chat?a=b&c=d" + } +} +actions { + add_header { + value { + text: "Host: server.example.com" + } + } +} +actions { + add_header { + value { + text: "Upgrade: websocket" + } + } +} +actions { + add_header { + value { + text: "Connection: Close" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Key: Aa01AAaAA1AaAa1900aAAa==" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Protocol: chat, superchat" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Version: 13" + } + } +} +actions { + add_header { + value { + text: "Origin: http://localhost.localdomain:80" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 101 SwitchingProtocols\r\nUpgrade:websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: AAAAAAAAAA0000000aaaaaaaaaa=\r\nSec-WebSocket-Protocol: chat\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test_http_upgrade_to_ws_and_detach.textproto b/scenarios/curl_fuzzer_http/test_http_upgrade_to_ws_and_detach.textproto new file mode 100644 index 00000000..dd454c63 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_http_upgrade_to_ws_and_detach.textproto @@ -0,0 +1,78 @@ +# source: corpora/curl_fuzzer_http/test_http_upgrade_to_ws_and_detach + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://example.com:8080/chat?a=b&c=d" + } +} +actions { + set_option { + option_id: CURLOPT_WS_OPTIONS + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +actions { + set_option { + option_id: CURLOPT_POST + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +actions { + add_header { + value { + text: "Host: server.example.com" + } + } +} +actions { + add_header { + value { + text: "Upgrade: websocket" + } + } +} +actions { + add_header { + value { + text: "Connection: Close" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Key: Aa01AAaAA1AaAa1900aAAa==" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Protocol: chat, superchat" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Version: 13" + } + } +} +actions { + add_header { + value { + text: "Origin: http://localhost.localdomain:80" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 101 SwitchingProtocols\r\nUpgrade:websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: AAAAAAAAAA0000000aaaaaaaaaa=\r\nSec-WebSocket-Protocol: chat\r\nSet-Cookie: aaaaaaaaaaaa=bbbbbbbbbbbbbb; Domain=.example.com; Path=/\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test_http_with_hsts.textproto b/scenarios/curl_fuzzer_http/test_http_with_hsts.textproto new file mode 100644 index 00000000..a3b5b6be --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_http_with_hsts.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_http/test_http_with_hsts + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://2130706433:8080/chat" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 307 Temporary Redirect\r\nStrict-Transport-Security: max-age=9001; includeSubDomains\r\nLocation: https://2130706433:8443/chat\r\nHost: http://2130706433:8080\r\nContent-Length: 0\r\nContent-Type: text/json\r\n\r\n{ isthisjson: kinda }" + } +} diff --git a/scenarios/curl_fuzzer_http/test_http_with_hsts_tlv.textproto b/scenarios/curl_fuzzer_http/test_http_with_hsts_tlv.textproto new file mode 100644 index 00000000..fb4c02a7 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_http_with_hsts_tlv.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_http/test_http_with_hsts_tlv + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://google.com" + } +} +actions { + set_option { + option_id: CURLOPT_LOGIN_OPTIONS + scope: OPTION_SCOPE_DEFAULT + string_value: "/tmp/hsts.foobar" + } +} +actions { + set_option { + option_id: CURLOPT_XOAUTH2_BEARER + scope: OPTION_SCOPE_DEFAULT + bytes_value: "\000\000\000\003" + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nServer: foo\r\nContent-Type: text/plain\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains;\r\nContent-Length: 4\r\n\r\nbody" + } +} diff --git a/scenarios/curl_fuzzer_http/test_invalid_prior_http2.textproto b/scenarios/curl_fuzzer_http/test_invalid_prior_http2.textproto new file mode 100644 index 00000000..3ab3458c --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_invalid_prior_http2.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_http/test_invalid_prior_http2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1" + } +} +actions { + set_option { + option_id: CURLOPT_HTTP_VERSION + scope: OPTION_SCOPE_DEFAULT + uint32_value: 5 + } +} +connections { + id: 0 + initial_response { + payload: "this is not valid" + } +} diff --git a/scenarios/curl_fuzzer_http/test_ipv6.textproto b/scenarios/curl_fuzzer_http/test_ipv6.textproto new file mode 100644 index 00000000..9c7c3c62 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_ipv6.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_http/test_ipv6 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://[::ffff:c0a8:101]/file.txt" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "pass" + } +} +actions { + add_header { + value { + text: "Accept-Encoding: identity" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\t\r\nConnection: Close\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_http/test_ntlm.textproto b/scenarios/curl_fuzzer_http/test_ntlm.textproto new file mode 100644 index 00000000..9f771280 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_ntlm.textproto @@ -0,0 +1,58 @@ +# source: corpora/curl_fuzzer_http/test_ntlm + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://localhost.localdomain:86/DynamicsNAV80/WS/nasr/Page/Delivery/Incident" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "DOMAIN\\user:" + } +} +actions { + set_option { + option_id: CURLOPT_NETRC + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +actions { + set_option { + option_id: CURLOPT_HTTPAUTH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 8 + } +} +actions { + register_upload { + payload: "TEST" + kind: TRANSFER_KIND_UPLOAD + size_hint: 394 + } +} +actions { + add_header { + value { + text: "Content-Type: text/xml; charset=utf-8" + } + } +} +actions { + add_header { + value { + text: "Origin: http://127.0.0.1:9999" + } + } +} +actions { + add_header { + value { + text: "SOAPAction: http://localhost.localdomain/IncidentMgmtWFWS/StartIncidentByWS" + } + } +} diff --git a/scenarios/curl_fuzzer_http/test_ntlm_wb.textproto b/scenarios/curl_fuzzer_http/test_ntlm_wb.textproto new file mode 100644 index 00000000..db00a78c --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_ntlm_wb.textproto @@ -0,0 +1,65 @@ +# source: corpora/curl_fuzzer_http/test_ntlm_wb + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://localhost.localdomain:86/DynamicsNAV80/WS/nasr/Page/Delivery/Incident" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "DOMAIN\\user:" + } +} +actions { + set_option { + option_id: CURLOPT_HTTP_VERSION + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +actions { + set_option { + option_id: CURLOPT_NETRC + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +actions { + set_option { + option_id: CURLOPT_HTTPAUTH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 32 + } +} +actions { + register_upload { + payload: "TEST" + kind: TRANSFER_KIND_UPLOAD + size_hint: 394 + } +} +actions { + add_header { + value { + text: "Content-Type: text/xml; charset=utf-8" + } + } +} +actions { + add_header { + value { + text: "Origin: http://127.0.0.1:9999" + } + } +} +actions { + add_header { + value { + text: "SOAPAction: http://localhost.localdomain/IncidentMgmtWFWS/StartIncidentByWS" + } + } +} diff --git a/scenarios/curl_fuzzer_http/test_url_http.textproto b/scenarios/curl_fuzzer_http/test_url_http.textproto new file mode 100644 index 00000000..b92e282e --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_url_http.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_http/test_url_http + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "http://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_http/test_wrongproto.textproto b/scenarios/curl_fuzzer_http/test_wrongproto.textproto new file mode 100644 index 00000000..9adee554 --- /dev/null +++ b/scenarios/curl_fuzzer_http/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_http/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_https/test_alt_svc_with_double_header.textproto b/scenarios/curl_fuzzer_https/test_alt_svc_with_double_header.textproto new file mode 100644 index 00000000..e59f04af --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_alt_svc_with_double_header.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_https/test_alt_svc_with_double_header + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://www2.server.example.com" + } +} +actions { + add_header { + value { + text: "Origin: https://example.com/a/b/path/to/thing/foo" + } + } +} +actions { + add_header { + value { + text: "X-Foo-3: ba\tr" + } + } +} +actions { + add_header { + value { + text: "Cookie: __m=-1" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nHost: server.example.com\r\nAlt-Svc: h3-23=\x22something.example.com:9999\x22\r\nAlt-Svc: h2=\x22alt.example.com:443\x22, h2=\x22:443\x22\r\nConnection: Keep-Alive\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_https/test_alt_svc_with_ma.textproto b/scenarios/curl_fuzzer_https/test_alt_svc_with_ma.textproto new file mode 100644 index 00000000..4ac2f01b --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_alt_svc_with_ma.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_https/test_alt_svc_with_ma + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://server.example.com" + } +} +actions { + add_header { + value { + text: "Origin: https://example.com/a/b/path/to/thing/foo" + } + } +} +actions { + add_header { + value { + text: "X-Foo-3: ba\tr" + } + } +} +actions { + add_header { + value { + text: "Cookie: __m=-1" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\r\nHost: server.example.com\r\nAlt-Svc: h2=\x22alt.example.com:443\x22, h2=\x22:443\x22\r\nConnection: Keep-Alive\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_https/test_altsvc_with_cache.textproto b/scenarios/curl_fuzzer_https/test_altsvc_with_cache.textproto new file mode 100644 index 00000000..0572d2b2 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_altsvc_with_cache.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_https/test_altsvc_with_cache + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://0x7F000001?foobar.json" + } +} +actions { + add_header { + value { + text: "Alt-Svc: h3-25=\":4430\"; ma=0" + } + } +} +actions { + add_header { + value { + text: "Connection: Keep-Alive" + } + } +} +actions { + add_header { + value { + text: "Authorization: Basic aaaaaaaaaaaaaaaaaaa" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTPS/2 200 OK" + } +} diff --git a/scenarios/curl_fuzzer_https/test_hsts_response.textproto b/scenarios/curl_fuzzer_https/test_hsts_response.textproto new file mode 100644 index 00000000..34f6363d --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_hsts_response.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_https/test_hsts_response + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://0x7F000001?foobar.json" + } +} +connections { + id: 0 + initial_response { + payload: "HTTPS/2 302 Found\r\nConnection: Keep-Alive\r\nLocation: https://foo.co.uk:9999/bar?type=foobar.json\r\nStrict-Transport-Security: max-age 3600; includeSubdomains; persist" + } +} diff --git a/scenarios/curl_fuzzer_https/test_hsts_response_to_ipv6.textproto b/scenarios/curl_fuzzer_https/test_hsts_response_to_ipv6.textproto new file mode 100644 index 00000000..7bdaa820 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_hsts_response_to_ipv6.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_https/test_hsts_response_to_ipv6 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://[2001:db8:122:344:c0:2:2100::]:9090/filethings.json?oops=a¶m=tru" + } +} +connections { + id: 0 + initial_response { + payload: "HTTPS/2 200 OK\r\nConnection: Close\r\nStrict-Transport-Security: max-age 60\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_https/test_http_version_2.textproto b/scenarios/curl_fuzzer_https/test_http_version_2.textproto new file mode 100644 index 00000000..d5a6e216 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_http_version_2.textproto @@ -0,0 +1,43 @@ +# source: corpora/curl_fuzzer_https/test_http_version_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://localhost.localdomain?foobar.json" + } +} +actions { + set_option { + option_id: CURLOPT_USERAGENT + scope: OPTION_SCOPE_DEFAULT + string_value: "Mozilla/5.0 (iPhone; CPU iPhone OS 10_3 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) CriOS/56.0.2924.75 Mobile/14E5239e Safari/602.1" + } +} +actions { + set_option { + option_id: CURLOPT_HTTP_VERSION + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +actions { + add_header { + value { + text: "Authorization: Basic aaaaaaaaaaaaaaaaaaa" + } + } +} +actions { + add_header { + value { + text: "Connection: Keep-Alive" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/2 403 Forbidden\r\nConnection: close\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_https/test_https_ntlm.textproto b/scenarios/curl_fuzzer_https/test_https_ntlm.textproto new file mode 100644 index 00000000..c02642c3 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_https_ntlm.textproto @@ -0,0 +1,30 @@ +# source: corpora/curl_fuzzer_https/test_https_ntlm + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://whattheheckisntlm.example.com/Endpoint.wsdl" + } +} +actions { + set_option { + option_id: CURLOPT_HTTPAUTH + scope: OPTION_SCOPE_DEFAULT + uint32_value: 8 + } +} +actions { + add_header { + value { + text: "Connection: Keep-Alive" + } + } +} +actions { + add_header { + value { + text: "Content-Type: application/json" + } + } +} diff --git a/scenarios/curl_fuzzer_https/test_ipv6.textproto b/scenarios/curl_fuzzer_https/test_ipv6.textproto new file mode 100644 index 00000000..e75e26c1 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_ipv6.textproto @@ -0,0 +1,30 @@ +# source: corpora/curl_fuzzer_https/test_ipv6 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://[::ffff:c0a8:101]/file.txt" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "pass" + } +} +actions { + add_header { + value { + text: "Accept-Encoding: identity" + } + } +} diff --git a/scenarios/curl_fuzzer_https/test_post_0byte.textproto b/scenarios/curl_fuzzer_https/test_post_0byte.textproto new file mode 100644 index 00000000..157659a3 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_post_0byte.textproto @@ -0,0 +1,67 @@ +# source: corpora/curl_fuzzer_https/test_post_0byte + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://0xff.localdomain/upload" + } +} +actions { + set_option { + option_id: CURLOPT_NOBODY + scope: OPTION_SCOPE_DEFAULT + uint32_value: 0 + } +} +actions { + set_option { + option_id: CURLOPT_CONNECT_ONLY + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +actions { + add_header { + value { + text: "Content-Length: 0" + } + } +} +actions { + add_header { + value { + text: "Transfer-Encoding: gzip,chunked" + } + } +} +actions { + add_header { + value { + text: "Content-Encoding: gzip" + } + } +} +actions { + add_header { + value { + text: "Content-Type: application/gzip" + } + } +} +actions { + add_header { + value { + text: "Expect: 100-continue" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 100 Continue\r\n\r\n" + } + on_readable { + payload: "HTTP/1.1 415 Unsupported Media Type\r\nConnection: Close\r\nContent-Type: */*\r\nContent-Length: 289\r\nX-Frame-Options: SAMEORIGIN\r\n" + } +} diff --git a/scenarios/curl_fuzzer_https/test_simple_httppost.textproto b/scenarios/curl_fuzzer_https/test_simple_httppost.textproto new file mode 100644 index 00000000..30aa47fa --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_simple_httppost.textproto @@ -0,0 +1,44 @@ +# source: corpora/curl_fuzzer_https/test_simple_httppost + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://[::1]/upload/a/thing/here" + } +} +actions { + configure_http_post { + fields { + name: "test" + inline_data: "{ a: b, bar: -1, 3: 2L }" + } + } +} +actions { + set_option { + option_id: CURLOPT_NOBODY + scope: OPTION_SCOPE_DEFAULT + uint32_value: 0 + } +} +actions { + add_header { + value { + text: "Content-Type: text/json" + } + } +} +actions { + add_header { + value { + text: "Connection: Close" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 200 OK\n\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_https/test_url.textproto b/scenarios/curl_fuzzer_https/test_url.textproto new file mode 100644 index 00000000..e6dfc784 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_url.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_https/test_url + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "https://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_https/test_wrongproto.textproto b/scenarios/curl_fuzzer_https/test_wrongproto.textproto new file mode 100644 index 00000000..e57854a6 --- /dev/null +++ b/scenarios/curl_fuzzer_https/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_https/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608.textproto b/scenarios/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608.textproto new file mode 100644 index 00000000..1bfa1c45 --- /dev/null +++ b/scenarios/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_imap/clusterfuzz-testcase-minimized-5817192030404608 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://./7.0.09\000\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" + } +} +actions { + register_upload { + payload: " \xff\xff\xff \xff\xff\xff \xff :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3::::::::::::::::::::::::::::::::::::\x02\x00:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::(:::::::::::::::\x80\xff:::::::::::::::::::::::::::::::::::::::::::::::(::::\x01\x00\x00\x00\x00\x00\x00>:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::H:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::>:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::z::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::+:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::+:::::::\xff::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::=::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::2::::::::::::::::::::::::::::::::::::::::::::::::::;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x00::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x02\x00::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::(:::::::::::::::\x80\xff:::::::::::::::::::::::::::::::::::::::::::::::(::::\x01\x00\x00\x00\x00\x00\x00>:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::H:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::>:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::/:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x00:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::z::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::+:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::+:::::::\xff::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::=:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::+:::::::\xff::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::=::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::2::::::::::::::::::::::::::::::::::::::::::::::::::;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x00::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3::::::::::::::::::::::::::::::::::::::::::::::2::::::::::::::::::::::::::::::::::::::::::::::::::;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x00::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3::::::::::::::::::::::::::::::::::::::::::::::2::::::::::::::::::::::::::::::::::::::::::::::::::;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x00::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3::::::::::::::::::::::::::::::::::::::::::::::2::::::::::::::::::::::::::::::::::::::::::::::::::;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::\x17:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\x00::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::B::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::O::::::\x80\x00::::::::::::::\x80::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::6::::::::::::::::::::::M:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::NN1eeeeeeee\x7f\xff\xff\xff$yp$*&0.1CJ\x5cJm@/.Dbat/gtm\x85UuWWW?cw3/\xdf\x00\x02\x00\x00\x00\x14* QKNKWwWwcy\x10A\x04\x00\x02\x00\x00\x00\x14* OKN\xa3\x04M\x7f\nA001 (\xed\n&\xe3" + kind: TRANSFER_KIND_UPLOAD + size_hint: 31075 + } +} +connections { + id: 0 + initial_response { + payload: "* OK \nA001 \n+ \n " + } +} diff --git a/scenarios/curl_fuzzer_imap/test800.textproto b/scenarios/curl_fuzzer_imap/test800.textproto new file mode 100644 index 00000000..9be4a4f7 --- /dev/null +++ b/scenarios/curl_fuzzer_imap/test800.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_imap/test800 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1:9003/800/;UID=1" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "secret" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer_imap/test800_2.textproto b/scenarios/curl_fuzzer_imap/test800_2.textproto new file mode 100644 index 00000000..e0fb33ae --- /dev/null +++ b/scenarios/curl_fuzzer_imap/test800_2.textproto @@ -0,0 +1,24 @@ +# source: corpora/curl_fuzzer_imap/test800_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1:9003/800/;UID=1" + } +} +connections { + id: 0 + initial_response { + payload: "* OK IMAP4rev1 Service Ready\n" + } + on_readable { + payload: "A001 IMAP4\n" + } + on_readable { + payload: "* 800 EXISTS\nA002 OK [READ-WRITE] SELECT completed\n" + } + on_readable { + payload: "* 1 FETCH (BODY[TEXT] {69}\r\nFrom: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n)\r\nA003 OK FETCH completed\r\n" + } +} diff --git a/scenarios/curl_fuzzer_imap/test_oauthed_imap.textproto b/scenarios/curl_fuzzer_imap/test_oauthed_imap.textproto new file mode 100644 index 00000000..d9babe45 --- /dev/null +++ b/scenarios/curl_fuzzer_imap/test_oauthed_imap.textproto @@ -0,0 +1,52 @@ +# source: corpora/curl_fuzzer_imap/test_oauthed_imap + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://localhost.localdomain:9999/wow/a/path/1/;MAILINDEX=1" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "sekrit" + } +} +actions { + set_option { + option_id: CURLOPT_LOGIN_OPTIONS + scope: OPTION_SCOPE_DEFAULT + string_value: "AUTH=OAUTHBEARER" + } +} +actions { + set_option { + option_id: CURLOPT_XOAUTH2_BEARER + scope: OPTION_SCOPE_DEFAULT + string_value: "aaaaaaaaaaaaa\tAAAAAAAAAAAAAAAAAAAAA==" + } +} +connections { + id: 0 + initial_response { + payload: "* OK IMAP4rev1 Service Ready" + } + on_readable { + payload: "* OK IMAP4rev1 Service Ready" + } + on_readable { + payload: "* 800 EXISTS\nA002 OK [READ-WRITE] SELECT completed\n" + } + on_readable { + payload: "* 1 FETCH (BODY[TEXT] {69}\r\nFrom: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\n yours sincerely\nA003 OK FETCH completed\r\n" + } +} diff --git a/scenarios/curl_fuzzer_imap/test_url_imap.textproto b/scenarios/curl_fuzzer_imap/test_url_imap.textproto new file mode 100644 index 00000000..5b45d560 --- /dev/null +++ b/scenarios/curl_fuzzer_imap/test_url_imap.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_imap/test_url_imap + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "imap://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_imap/test_wrongproto.textproto b/scenarios/curl_fuzzer_imap/test_wrongproto.textproto new file mode 100644 index 00000000..b5f51f87 --- /dev/null +++ b/scenarios/curl_fuzzer_imap/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_imap/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_ldap/test_url_fullldap.textproto b/scenarios/curl_fuzzer_ldap/test_url_fullldap.textproto new file mode 100644 index 00000000..b77a8cdf --- /dev/null +++ b/scenarios/curl_fuzzer_ldap/test_url_fullldap.textproto @@ -0,0 +1,32 @@ +# source: corpora/curl_fuzzer_ldap/test_url_fullldap + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ldap://localhost:1389/dc=example,dc=com?homephone?sub?cn=*cm2*" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "cn=dirman" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "123456" + } +} +connections { + id: 0 + on_readable { + payload: "123456" + } + on_readable { + payload: "123456" + } +} diff --git a/scenarios/curl_fuzzer_ldap/test_url_ldap.textproto b/scenarios/curl_fuzzer_ldap/test_url_ldap.textproto new file mode 100644 index 00000000..7026ec7b --- /dev/null +++ b/scenarios/curl_fuzzer_ldap/test_url_ldap.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_ldap/test_url_ldap + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ldap://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_ldap/test_wrongproto.textproto b/scenarios/curl_fuzzer_ldap/test_wrongproto.textproto new file mode 100644 index 00000000..2972b2f1 --- /dev/null +++ b/scenarios/curl_fuzzer_ldap/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_ldap/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_mqtt/test_dummy.textproto b/scenarios/curl_fuzzer_mqtt/test_dummy.textproto new file mode 100644 index 00000000..e5ff2b77 --- /dev/null +++ b/scenarios/curl_fuzzer_mqtt/test_dummy.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_mqtt/test_dummy + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "mqtt://127.0.0.1/test" + } +} +connections { + id: 0 + initial_response { + payload: "hello" + } +} diff --git a/scenarios/curl_fuzzer_pop3/test850.textproto b/scenarios/curl_fuzzer_pop3/test850.textproto new file mode 100644 index 00000000..464e0c51 --- /dev/null +++ b/scenarios/curl_fuzzer_pop3/test850.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_pop3/test850 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "pop3://127.0.0.1:9001/850" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_PASSWORD + scope: OPTION_SCOPE_DEFAULT + string_value: "secret" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n yours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer_pop3/test_oauthed_pop3.textproto b/scenarios/curl_fuzzer_pop3/test_oauthed_pop3.textproto new file mode 100644 index 00000000..c602bb5c --- /dev/null +++ b/scenarios/curl_fuzzer_pop3/test_oauthed_pop3.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_pop3/test_oauthed_pop3 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "pop3s://localhost.localdomain:9991/wow/a/path/1/;MAILINDEX=1" + } +} +actions { + set_option { + option_id: CURLOPT_USERNAME + scope: OPTION_SCOPE_DEFAULT + string_value: "user" + } +} +actions { + set_option { + option_id: CURLOPT_LOGIN_OPTIONS + scope: OPTION_SCOPE_DEFAULT + string_value: "AUTH=OAUTHBEARER" + } +} +actions { + set_option { + option_id: CURLOPT_XOAUTH2_BEARER + scope: OPTION_SCOPE_DEFAULT + string_value: "a\tAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1==" + } +} +connections { + id: 0 + initial_response { + payload: "From: me@somewhere\r\nTo: fake@nowhere\r\n\r\nbody\r\n\r\n--\r\n\tyours sincerely\r\n" + } +} diff --git a/scenarios/curl_fuzzer_pop3/test_url_pop3.textproto b/scenarios/curl_fuzzer_pop3/test_url_pop3.textproto new file mode 100644 index 00000000..e81ce6fd --- /dev/null +++ b/scenarios/curl_fuzzer_pop3/test_url_pop3.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_pop3/test_url_pop3 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "pop3://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_pop3/test_wrongproto.textproto b/scenarios/curl_fuzzer_pop3/test_wrongproto.textproto new file mode 100644 index 00000000..72dafabf --- /dev/null +++ b/scenarios/curl_fuzzer_pop3/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_pop3/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_rtmp/test_url_rtmp.textproto b/scenarios/curl_fuzzer_rtmp/test_url_rtmp.textproto new file mode 100644 index 00000000..d4887c69 --- /dev/null +++ b/scenarios/curl_fuzzer_rtmp/test_url_rtmp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_rtmp/test_url_rtmp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtmp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_rtmp/test_wrongproto.textproto b/scenarios/curl_fuzzer_rtmp/test_wrongproto.textproto new file mode 100644 index 00000000..df7af2d7 --- /dev/null +++ b/scenarios/curl_fuzzer_rtmp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_rtmp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test567.textproto b/scenarios/curl_fuzzer_rtsp/test567.textproto new file mode 100644 index 00000000..08efaec7 --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test567.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_rtsp/test567 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_rtsp_client_cseq.textproto b/scenarios/curl_fuzzer_rtsp/test_rtsp_client_cseq.textproto new file mode 100644 index 00000000..a2b5b81e --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_rtsp_client_cseq.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_rtsp/test_rtsp_client_cseq + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_CLIENT_CSEQ + scope: OPTION_SCOPE_DEFAULT + uint32_value: 4294967295 + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 4294967295\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_rtsp_request.textproto b/scenarios/curl_fuzzer_rtsp/test_rtsp_request.textproto new file mode 100644 index 00000000..bf8fbe87 --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_rtsp_request.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_rtsp/test_rtsp_request + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_REQUEST + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_rtsp_request2.textproto b/scenarios/curl_fuzzer_rtsp/test_rtsp_request2.textproto new file mode 100644 index 00000000..3bf398f0 --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_rtsp_request2.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_rtsp/test_rtsp_request2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_REQUEST + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_rtsp_session_id.textproto b/scenarios/curl_fuzzer_rtsp/test_rtsp_session_id.textproto new file mode 100644 index 00000000..d3879191 --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_rtsp_session_id.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_rtsp/test_rtsp_session_id + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_SESSION_ID + scope: OPTION_SCOPE_DEFAULT + string_value: "12345" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_REQUEST + scope: OPTION_SCOPE_DEFAULT + uint32_value: 3 + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_rtsp_stream_uri.textproto b/scenarios/curl_fuzzer_rtsp/test_rtsp_stream_uri.textproto new file mode 100644 index 00000000..48370b04 --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_rtsp_stream_uri.textproto @@ -0,0 +1,22 @@ +# source: corpora/curl_fuzzer_rtsp/test_rtsp_stream_uri + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_STREAM_URI + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1/twister/video" + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_rtsp_transport.textproto b/scenarios/curl_fuzzer_rtsp/test_rtsp_transport.textproto new file mode 100644 index 00000000..ac09f2d7 --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_rtsp_transport.textproto @@ -0,0 +1,29 @@ +# source: corpora/curl_fuzzer_rtsp/test_rtsp_transport + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1:1234/567" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_TRANSPORT + scope: OPTION_SCOPE_DEFAULT + string_value: "RTP/AVP;unicast;client_port=4588-4589" + } +} +actions { + set_option { + option_id: CURLOPT_RTSP_REQUEST + scope: OPTION_SCOPE_DEFAULT + uint32_value: 4 + } +} +connections { + id: 0 + on_readable { + payload: "RTSP/1.0 200 OK\r\nServer: RTSPD/libcurl-test\r\nCSeq: 1\r\nPublic: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE\r\nCurl-Private: swsclose\r\n" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_url_rtsp.textproto b/scenarios/curl_fuzzer_rtsp/test_url_rtsp.textproto new file mode 100644 index 00000000..702bda9f --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_url_rtsp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_rtsp/test_url_rtsp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "rtsp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_rtsp/test_wrongproto.textproto b/scenarios/curl_fuzzer_rtsp/test_wrongproto.textproto new file mode 100644 index 00000000..7476513a --- /dev/null +++ b/scenarios/curl_fuzzer_rtsp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_rtsp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_scp/test_url_scp.textproto b/scenarios/curl_fuzzer_scp/test_url_scp.textproto new file mode 100644 index 00000000..103d05e0 --- /dev/null +++ b/scenarios/curl_fuzzer_scp/test_url_scp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_scp/test_url_scp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "scp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_scp/test_wrongproto.textproto b/scenarios/curl_fuzzer_scp/test_wrongproto.textproto new file mode 100644 index 00000000..fe86f8b6 --- /dev/null +++ b/scenarios/curl_fuzzer_scp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_scp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_sftp/test_url_sftp.textproto b/scenarios/curl_fuzzer_sftp/test_url_sftp.textproto new file mode 100644 index 00000000..0a0a1185 --- /dev/null +++ b/scenarios/curl_fuzzer_sftp/test_url_sftp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_sftp/test_url_sftp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "sftp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_sftp/test_wrongproto.textproto b/scenarios/curl_fuzzer_sftp/test_wrongproto.textproto new file mode 100644 index 00000000..62806fd7 --- /dev/null +++ b/scenarios/curl_fuzzer_sftp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_sftp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_smb/test_url_smb.textproto b/scenarios/curl_fuzzer_smb/test_url_smb.textproto new file mode 100644 index 00000000..fa223f88 --- /dev/null +++ b/scenarios/curl_fuzzer_smb/test_url_smb.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_smb/test_url_smb + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smb://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_smb/test_wrongproto.textproto b/scenarios/curl_fuzzer_smb/test_wrongproto.textproto new file mode 100644 index 00000000..af951744 --- /dev/null +++ b/scenarios/curl_fuzzer_smb/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_smb/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_smtp/test900.textproto b/scenarios/curl_fuzzer_smtp/test900.textproto new file mode 100644 index 00000000..78fa5ae0 --- /dev/null +++ b/scenarios/curl_fuzzer_smtp/test900.textproto @@ -0,0 +1,36 @@ +# source: corpora/curl_fuzzer_smtp/test900 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 34 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: " " + } +} diff --git a/scenarios/curl_fuzzer_smtp/test900_2.textproto b/scenarios/curl_fuzzer_smtp/test900_2.textproto new file mode 100644 index 00000000..f4bad452 --- /dev/null +++ b/scenarios/curl_fuzzer_smtp/test900_2.textproto @@ -0,0 +1,51 @@ +# source: corpora/curl_fuzzer_smtp/test900_2 + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n.\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 36 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: "220 smtp.example.com ESMTP Postfix\n" + } + on_readable { + payload: "250 SIZE 14680064\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "354 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } +} diff --git a/scenarios/curl_fuzzer_smtp/test_mail_auth.textproto b/scenarios/curl_fuzzer_smtp/test_mail_auth.textproto new file mode 100644 index 00000000..f2ce67ed --- /dev/null +++ b/scenarios/curl_fuzzer_smtp/test_mail_auth.textproto @@ -0,0 +1,58 @@ +# source: corpora/curl_fuzzer_smtp/test_mail_auth + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1:9005/900" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.com" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_AUTH + scope: OPTION_SCOPE_DEFAULT + string_value: "whatever@secret" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 35 + } +} +actions { + add_mail_recipient { + value { + text: "recipient@example.com" + } + } +} +connections { + id: 0 + initial_response { + payload: "220 smtp.example.com ESMTP Postfix\n" + } + on_readable { + payload: "250 SIZE 14680064\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "354 Ok\n" + } + on_readable { + payload: "250 Ok" + } +} diff --git a/scenarios/curl_fuzzer_smtp/test_smtps_with_oauth.textproto b/scenarios/curl_fuzzer_smtp/test_smtps_with_oauth.textproto new file mode 100644 index 00000000..3a731538 --- /dev/null +++ b/scenarios/curl_fuzzer_smtp/test_smtps_with_oauth.textproto @@ -0,0 +1,65 @@ +# source: corpora/curl_fuzzer_smtp/test_smtps_with_oauth + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtps://localhost.localdomain:9005" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_FROM + scope: OPTION_SCOPE_DEFAULT + string_value: "sender@example.is" + } +} +actions { + set_option { + option_id: CURLOPT_MAIL_AUTH + scope: OPTION_SCOPE_DEFAULT + string_value: "foo@secret" + } +} +actions { + set_option { + option_id: CURLOPT_LOGIN_OPTIONS + scope: OPTION_SCOPE_DEFAULT + string_value: "AUTH=OAUTHBEARER" + } +} +actions { + set_option { + option_id: CURLOPT_XOAUTH2_BEARER + scope: OPTION_SCOPE_DEFAULT + string_value: "abearertokenvalue!" + } +} +actions { + register_upload { + payload: "From: different\nTo: another\n\nbody\n\n" + kind: TRANSFER_KIND_UPLOAD + size_hint: 35 + } +} +connections { + id: 0 + initial_response { + payload: "220 smtp.example.com ESMTP Postfix\n" + } + on_readable { + payload: "250 SIZE 14680064\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } + on_readable { + payload: "354 Ok\n" + } + on_readable { + payload: "250 Ok\n" + } +} diff --git a/scenarios/curl_fuzzer_smtp/test_url_smtp.textproto b/scenarios/curl_fuzzer_smtp/test_url_smtp.textproto new file mode 100644 index 00000000..6bb353a0 --- /dev/null +++ b/scenarios/curl_fuzzer_smtp/test_url_smtp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_smtp/test_url_smtp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "smtp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_smtp/test_wrongproto.textproto b/scenarios/curl_fuzzer_smtp/test_wrongproto.textproto new file mode 100644 index 00000000..d3af75df --- /dev/null +++ b/scenarios/curl_fuzzer_smtp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_smtp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_tftp/test_url_tftp.textproto b/scenarios/curl_fuzzer_tftp/test_url_tftp.textproto new file mode 100644 index 00000000..ba67528a --- /dev/null +++ b/scenarios/curl_fuzzer_tftp/test_url_tftp.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_tftp/test_url_tftp + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "tftp://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_tftp/test_wrongproto.textproto b/scenarios/curl_fuzzer_tftp/test_wrongproto.textproto new file mode 100644 index 00000000..b62dbef7 --- /dev/null +++ b/scenarios/curl_fuzzer_tftp/test_wrongproto.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_tftp/test_wrongproto + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "thisisnotaproto://127.0.0.1" + } +} diff --git a/scenarios/curl_fuzzer_ws/basictest.textproto b/scenarios/curl_fuzzer_ws/basictest.textproto new file mode 100644 index 00000000..b682c2a1 --- /dev/null +++ b/scenarios/curl_fuzzer_ws/basictest.textproto @@ -0,0 +1,15 @@ +# source: corpora/curl_fuzzer_ws/basictest + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ws://localhost" + } +} +connections { + id: 0 + initial_response { + payload: "test" + } +} diff --git a/scenarios/curl_fuzzer_ws/test_http_upgrade_to_ws.textproto b/scenarios/curl_fuzzer_ws/test_http_upgrade_to_ws.textproto new file mode 100644 index 00000000..85c57ef4 --- /dev/null +++ b/scenarios/curl_fuzzer_ws/test_http_upgrade_to_ws.textproto @@ -0,0 +1,64 @@ +# source: corpora/curl_fuzzer_ws/test_http_upgrade_to_ws + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ws://example.com:8080/wschat?a=b&c=d" + } +} +actions { + add_header { + value { + text: "Host: server.example.com" + } + } +} +actions { + add_header { + value { + text: "Upgrade: websocket" + } + } +} +actions { + add_header { + value { + text: "Connection: Close" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Key: Aa01AAaAA1AaAa1900aAAa==" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Protocol: chat, superchat" + } + } +} +actions { + add_header { + value { + text: "Sec-WebSocket-Version: 13" + } + } +} +actions { + add_header { + value { + text: "Origin: http://localhost.localdomain:80" + } + } +} +connections { + id: 0 + initial_response { + payload: "HTTP/1.1 101 SwitchingProtocols\r\nUpgrade:websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: AAAAAAAAAA0000000aaaaaaaaaa=\r\nSec-WebSocket-Protocol: chat\r\n\r\n" + } +} diff --git a/scenarios/curl_fuzzer_ws/ws_with_raw_mode_connect_test.textproto b/scenarios/curl_fuzzer_ws/ws_with_raw_mode_connect_test.textproto new file mode 100644 index 00000000..0122d347 --- /dev/null +++ b/scenarios/curl_fuzzer_ws/ws_with_raw_mode_connect_test.textproto @@ -0,0 +1,23 @@ +# source: corpora/curl_fuzzer_ws/ws_with_raw_mode_connect_test + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ws://foo.bar.localdomain/this/is/a/path" + } +} +actions { + set_option { + option_id: CURLOPT_WS_OPTIONS + scope: OPTION_SCOPE_DEFAULT + uint32_value: 2 + } +} +actions { + set_option { + option_id: CURLOPT_POST + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} diff --git a/scenarios/curl_fuzzer_ws/ws_with_raw_mode_test.textproto b/scenarios/curl_fuzzer_ws/ws_with_raw_mode_test.textproto new file mode 100644 index 00000000..a40b862f --- /dev/null +++ b/scenarios/curl_fuzzer_ws/ws_with_raw_mode_test.textproto @@ -0,0 +1,16 @@ +# source: corpora/curl_fuzzer_ws/ws_with_raw_mode_test + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "ws://foo.bar.localdomain/this/is/a/path" + } +} +actions { + set_option { + option_id: CURLOPT_WS_OPTIONS + scope: OPTION_SCOPE_DEFAULT + uint32_value: 1 + } +} diff --git a/scenarios/curl_fuzzer_ws/wss_test.textproto b/scenarios/curl_fuzzer_ws/wss_test.textproto new file mode 100644 index 00000000..f5588797 --- /dev/null +++ b/scenarios/curl_fuzzer_ws/wss_test.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_ws/wss_test + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "wss://chat.example.is/foo?bar=baz&boop=borp" + } +} diff --git a/scenarios/curl_fuzzer_ws/wss_with_basic_auth_test.textproto b/scenarios/curl_fuzzer_ws/wss_with_basic_auth_test.textproto new file mode 100644 index 00000000..322ddfbe --- /dev/null +++ b/scenarios/curl_fuzzer_ws/wss_with_basic_auth_test.textproto @@ -0,0 +1,9 @@ +# source: corpora/curl_fuzzer_ws/wss_with_basic_auth_test + +actions { + set_option { + option_id: CURLOPT_URL + scope: OPTION_SCOPE_DEFAULT + string_value: "wss://username:password@chat.example.is/foo?bar=baz&boop=borp" + } +} diff --git a/schemas/curl_fuzzer.proto b/schemas/curl_fuzzer.proto index 5d25bea4..cc5f7f0b 100644 --- a/schemas/curl_fuzzer.proto +++ b/schemas/curl_fuzzer.proto @@ -2,8 +2,7 @@ syntax = "proto3"; package curl.fuzzer.proto; -// Structured scenario description for the curl fuzzing harness. Mirrors the -// design documented in SPEC.md and is intended for consumption by +// Structured scenario description for the curl fuzzing harness. Intended for consumption by // libprotobuf-mutator powered fuzz targets as well as tooling that converts // between legacy TLV corpora and the structured representation. @@ -11,8 +10,6 @@ message Scenario { GlobalConfig global = 1; repeated Action actions = 2; repeated Connection connections = 3; - repeated DataBlob blobs = 4; - Metadata metadata = 5; } // Global options and defaults that apply before individual actions run. @@ -29,7 +26,7 @@ message SetOption { OptionScope scope = 2; oneof value { string string_value = 10; - BlobRef blob = 11; + bytes bytes_value = 11; int32 int32_value = 12; uint32 uint32_value = 13; int64 int64_value = 14; @@ -69,7 +66,7 @@ message ConfigureHttpPost { } message RegisterUpload { - BlobRef payload = 1; + bytes payload = 1; TransferKind kind = 2; uint64 size_hint = 3; } @@ -90,7 +87,7 @@ message Connection { } message Response { - BlobRef payload = 1; + bytes payload = 1; ResponseHint hint = 2; OptionalDelay delay_before = 3; } @@ -105,41 +102,17 @@ message OptionalDelay { uint32 milliseconds = 1; } -// Canonical storage for reusable byte buffers. -message DataBlob { - uint32 id = 1; - oneof payload { - bytes raw = 2; - string utf8 = 3; - } - uint32 max_mutation_size = 4; - repeated string tags = 5; -} - -message BlobRef { - uint32 blob_id = 1; - optional uint32 offset = 2; - optional uint32 length = 3; -} - -message Metadata { - string description = 1; - repeated string labels = 2; - map annotations = 3; - repeated string provenance = 4; -} - message HeaderValue { oneof value { string text = 1; - BlobRef blob = 2; + bytes binary = 2; } } message MimePart { string name = 1; oneof body { - BlobRef blob = 2; + bytes bytes_value = 2; string inline_data = 3; } string filename = 4; @@ -150,7 +123,7 @@ message MimePart { message FormField { string name = 1; oneof body { - BlobRef blob = 2; + bytes bytes_value = 2; string inline_data = 3; } string filename = 4; diff --git a/scripts/compile_structured_corpora.sh b/scripts/compile_structured_corpora.sh new file mode 100755 index 00000000..3f04c415 --- /dev/null +++ b/scripts/compile_structured_corpora.sh @@ -0,0 +1,52 @@ +#!/usr/bin/env bash +set -euo pipefail + +SCRIPTDIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +ROOT=$(readlink -f "${SCRIPTDIR}/..") + +SCENARIOS_DIR="${ROOT}/scenarios" +CORPORA_DIR="${ROOT}/corpora" +SCHEMAS_DIR="${ROOT}/schemas" +PROTO_FILE="curl_fuzzer.proto" +MESSAGE_TYPE="curl.fuzzer.proto.Scenario" +PROTOC_BIN="${PROTOC:-protoc}" + +if ! command -v "${PROTOC_BIN}" >/dev/null 2>&1; then + echo "error: protoc compiler not found. Set PROTOC to override." >&2 + exit 1 +fi + +if [[ ! -d "${SCENARIOS_DIR}" ]]; then + echo "error: scenarios directory '${SCENARIOS_DIR}' not found" >&2 + exit 1 +fi + +if [[ ! -d "${SCHEMAS_DIR}" ]]; then + echo "error: schemas directory '${SCHEMAS_DIR}' not found" >&2 + exit 1 +fi + +mkdir -p "${CORPORA_DIR}" + +# Prune stale structured corpus entries to keep parity with the scenarios tree. +find "${CORPORA_DIR}" -type f -name '*.scenario' -delete 2>/dev/null || true + +count=0 +while IFS= read -r -d '' textproto ; do + rel_path="${textproto#${SCENARIOS_DIR}/}" + output_path="${CORPORA_DIR}/${rel_path%.textproto}.scenario" + mkdir -p "$(dirname -- "${output_path}")" + if ! "${PROTOC_BIN}" \ + --proto_path="${SCHEMAS_DIR}" \ + --encode="${MESSAGE_TYPE}" \ + "${SCHEMAS_DIR}/${PROTO_FILE}" \ + < "${textproto}" \ + > "${output_path}" ; then + echo "error: failed to compile '${textproto}'" >&2 + exit 1 + fi + printf 'compiled %s -> %s\n' "${rel_path}" "${output_path#${CORPORA_DIR}/}" + count=$((count + 1)) +done < <(find "${SCENARIOS_DIR}" -type f -name '*.textproto' -print0) + +echo "Generated ${count} structured corpus entrie(s) under ${CORPORA_DIR}." diff --git a/src/curl_fuzzer_tools/generate_option_manifest.py b/src/curl_fuzzer_tools/generate_option_manifest.py index b6282d70..08cd867e 100644 --- a/src/curl_fuzzer_tools/generate_option_manifest.py +++ b/src/curl_fuzzer_tools/generate_option_manifest.py @@ -1,5 +1,6 @@ #!/usr/bin/env python3 -"""Regenerate option manifest artefacts from the supported CURLOPT list. +""" +Regenerate option manifest artefacts from the supported CURLOPT list. This script reads a plain-text list of supported CURLOPT identifiers, looks up metadata in curl.h to determine each option's numeric value and value kind, and @@ -165,8 +166,9 @@ def rewrite_proto(entries: Iterable[CurlOption], proto_path: pathlib.Path) -> No indent = " " enum_lines = [f"{indent}CURL_OPTION_UNSPECIFIED = 0;"] - for option in entries: - enum_lines.append(f"{indent}{option.name} = {option.curl_value};") + enum_lines.extend( + f"{indent}{option.name} = {option.curl_value};" for option in entries + ) enum_body = "\n".join(enum_lines) + "\n" new_text = text[: brace_idx + 1] + "\n" + enum_body + text[closing_idx:] From 71b888c5fe6b0f6aa7765df5a5372f02162e4fe1 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 20:34:03 +0000 Subject: [PATCH 05/10] Fix CI --- .github/workflows/build.yml | 6 +- curl_fuzzer_scenario.cc | 107 ++++++++++++++++++++---------------- 2 files changed, 64 insertions(+), 49 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b8da84c9..75b364f6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,8 @@ jobs: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install -y cmake clang ninja-build + sudo apt-get -o Dpkg::Use-Pty=0 install -y \ + cmake clang ninja-build protobuf-compiler libprotobuf-dev - name: Compile mainline env: @@ -54,7 +55,8 @@ jobs: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install -y cmake clang ninja-build + sudo apt-get -o Dpkg::Use-Pty=0 install -y \ + cmake clang ninja-build protobuf-compiler libprotobuf-dev - name: Compile deps target run: ./scripts/compile_target.sh deps diff --git a/curl_fuzzer_scenario.cc b/curl_fuzzer_scenario.cc index e214127e..3dfb7600 100644 --- a/curl_fuzzer_scenario.cc +++ b/curl_fuzzer_scenario.cc @@ -330,41 +330,47 @@ void DestroyScenarioState(void *ptr) { } long ProtoToLong(const curl::fuzzer::proto::SetOption &option) { - if(option.has_int32_value()) { - return static_cast(option.int32_value()); - } - if(option.has_uint32_value()) { - return static_cast(option.uint32_value()); - } - if(option.has_int64_value()) { - return static_cast(option.int64_value()); - } - if(option.has_uint64_value()) { - return static_cast(option.uint64_value()); - } - if(option.has_bool_value()) { - return option.bool_value() ? 1L : 0L; - } - if(option.has_double_value()) { - return static_cast(option.double_value()); + switch(option.value_case()) { + case curl::fuzzer::proto::SetOption::kInt32Value: + return static_cast(option.int32_value()); + case curl::fuzzer::proto::SetOption::kUint32Value: + return static_cast(option.uint32_value()); + case curl::fuzzer::proto::SetOption::kInt64Value: + return static_cast(option.int64_value()); + case curl::fuzzer::proto::SetOption::kUint64Value: + return static_cast(option.uint64_value()); + case curl::fuzzer::proto::SetOption::kBoolValue: + return option.bool_value() ? 1L : 0L; + case curl::fuzzer::proto::SetOption::kDoubleValue: + return static_cast(option.double_value()); + case curl::fuzzer::proto::SetOption::kStringValue: + case curl::fuzzer::proto::SetOption::kBytesValue: + case curl::fuzzer::proto::SetOption::VALUE_NOT_SET: + return 0L; + default: + return 0L; } - return 0L; } curl_off_t ProtoToOffT(const curl::fuzzer::proto::SetOption &option) { - if(option.has_uint64_value()) { - return static_cast(option.uint64_value()); - } - if(option.has_int64_value()) { - return static_cast(option.int64_value()); - } - if(option.has_uint32_value()) { - return static_cast(option.uint32_value()); - } - if(option.has_int32_value()) { - return static_cast(option.int32_value()); + switch(option.value_case()) { + case curl::fuzzer::proto::SetOption::kUint64Value: + return static_cast(option.uint64_value()); + case curl::fuzzer::proto::SetOption::kInt64Value: + return static_cast(option.int64_value()); + case curl::fuzzer::proto::SetOption::kUint32Value: + return static_cast(option.uint32_value()); + case curl::fuzzer::proto::SetOption::kInt32Value: + return static_cast(option.int32_value()); + case curl::fuzzer::proto::SetOption::kBoolValue: + case curl::fuzzer::proto::SetOption::kDoubleValue: + case curl::fuzzer::proto::SetOption::kStringValue: + case curl::fuzzer::proto::SetOption::kBytesValue: + case curl::fuzzer::proto::SetOption::VALUE_NOT_SET: + return static_cast(ProtoToLong(option)); + default: + return static_cast(ProtoToLong(option)); } - return static_cast(ProtoToLong(option)); } int EnsureOptionUnset(FUZZ_DATA *fuzz, CURLoption opt, const OptionDescriptor *desc) { @@ -426,23 +432,28 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, case OptionValueKind::kString: { const char *value = nullptr; std::string detail; - if(option.has_string_value()) { - detail = std::string("string ") + SummarizeText(option.string_value()); - value = state->CopyString(option.string_value()); - } - else if(option.has_bytes_value()) { - detail = std::string("bytes ") + SummarizeBinary(option.bytes_value()); - auto view = state->CopyBytes(option.bytes_value()); - if(view.second == 0 || view.first == nullptr) { - value = state->CopyString(""); + switch(option.value_case()) { + case curl::fuzzer::proto::SetOption::kStringValue: { + detail = std::string("string ") + SummarizeText(option.string_value()); + value = state->CopyString(option.string_value()); + break; } - else { - value = state->CopyString(std::string_view(reinterpret_cast(view.first), view.second)); + case curl::fuzzer::proto::SetOption::kBytesValue: { + detail = std::string("bytes ") + SummarizeBinary(option.bytes_value()); + auto view = state->CopyBytes(option.bytes_value()); + if(view.second == 0 || view.first == nullptr) { + value = state->CopyString(""); + } + else { + value = state->CopyString(std::string_view(reinterpret_cast(view.first), view.second)); + } + break; + } + default: { + detail = "string "; + value = state->CopyString(""); + break; } - } - else { - detail = "string "; - value = state->CopyString(""); } rc = EnsureOptionUnset(fuzz, desc->curlopt, desc); if(rc != 0) { @@ -497,11 +508,13 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, if(rc != 0) { return rc; } - long value = option.has_bool_value() ? (option.bool_value() ? 1L : 0L) : ProtoToLong(option); + const bool has_bool_value = + option.value_case() == curl::fuzzer::proto::SetOption::kBoolValue; + long value = has_bool_value ? (option.bool_value() ? 1L : 0L) : ProtoToLong(option); rc = ApplyLongOption(fuzz, desc, value); if(rc == 0 && fuzz->verbose) { std::string detail; - if(option.has_bool_value()) { + if(has_bool_value) { detail = std::string("bool=") + (option.bool_value() ? "true" : "false"); } else { From 771d9c54a4a709ae741796270276120c05702ce1 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 22:27:40 +0000 Subject: [PATCH 06/10] Fix linking against stdc++ and fix verbosity --- curl_fuzzer.cc | 20 ++++ curl_fuzzer_scenario.cc | 128 +++++++++------------ generated/curl_fuzzer_option_manifest.inc | 3 - schemas/curl_fuzzer.proto | 17 +-- schemas/curl_fuzzer_supported_curlopts.txt | 3 - scripts/compile_target.sh | 13 +++ scripts/stdlib_flag_utils.sh | 89 ++++++++++++++ 7 files changed, 180 insertions(+), 93 deletions(-) create mode 100644 scripts/stdlib_flag_utils.sh diff --git a/curl_fuzzer.cc b/curl_fuzzer.cc index cac6f057..41555041 100644 --- a/curl_fuzzer.cc +++ b/curl_fuzzer.cc @@ -30,6 +30,19 @@ #include +namespace { + +bool FuzzOptionIsSet(const FUZZ_DATA *fuzz, CURLoption opt) +{ + size_t idx = static_cast(opt % 1000); + if(idx >= FUZZ_CURLOPT_TRACKER_SPACE) { + return false; + } + return fuzz->options[idx] != 0; +} + +} // namespace + DEFINE_BINARY_PROTO_FUZZER(const curl::fuzzer::proto::Scenario &scenario) { CurlFuzzerRunScenario(scenario); @@ -54,6 +67,12 @@ int CurlFuzzerRunScenario(const curl::fuzzer::proto::Scenario &scenario) FV_PRINTF(&fuzz, "SCENARIO: ApplyScenario failed with rc=%d\n", rc); goto EXIT_LABEL; } + + if(!FuzzOptionIsSet(&fuzz, CURLOPT_URL)) { + FV_PRINTF(&fuzz, "SCENARIO: skipping transfer due to missing CURLOPT_URL\n"); + goto EXIT_LABEL; + } + FV_PRINTF(&fuzz, "SCENARIO: successfully applied scenario, starting transfer\n"); @@ -282,6 +301,7 @@ void fuzz_terminate_fuzz_data(FUZZ_DATA *fuzz) curl_formfree(fuzz->httppost); fuzz->httppost = NULL; } + fuzz->last_post_part = NULL; // free after httppost and last_post_part. if (fuzz->post_body != NULL) { diff --git a/curl_fuzzer_scenario.cc b/curl_fuzzer_scenario.cc index 3dfb7600..a61ec34c 100644 --- a/curl_fuzzer_scenario.cc +++ b/curl_fuzzer_scenario.cc @@ -49,6 +49,7 @@ const OptionDescriptor *LookupDescriptor(curl::fuzzer::proto::CurlOptionId id) { return nullptr; } +// Human-readable label for logging; keeps prints decipherable instead of raw enums. const char *OptionScopeName(curl::fuzzer::proto::OptionScope scope) { switch(scope) { case curl::fuzzer::proto::OPTION_SCOPE_UNSPECIFIED: @@ -68,6 +69,7 @@ const char *OptionScopeName(curl::fuzzer::proto::OptionScope scope) { return "unknown"; } +// Logs use textual names for transfer kinds so scenario traces stay readable. const char *TransferKindName(curl::fuzzer::proto::TransferKind kind) { switch(kind) { case curl::fuzzer::proto::TRANSFER_KIND_UNSPECIFIED: @@ -85,6 +87,7 @@ const char *TransferKindName(curl::fuzzer::proto::TransferKind kind) { return "unknown"; } +// The fuzzer prints stage transitions; mapping the enum keeps diagnostics obvious. const char *ResponseStageName(curl::fuzzer::proto::ResponseStage stage) { switch(stage) { case curl::fuzzer::proto::RESPONSE_STAGE_UNSPECIFIED: @@ -100,6 +103,7 @@ const char *ResponseStageName(curl::fuzzer::proto::ResponseStage stage) { return "unknown"; } +// Shutdown policies surface in verbose traces; stringifying the enum clarifies intent. const char *ShutdownPolicyName(curl::fuzzer::proto::ShutdownPolicy policy) { switch(policy) { case curl::fuzzer::proto::SHUTDOWN_POLICY_UNSPECIFIED: @@ -157,6 +161,7 @@ std::string HexSnippet(std::string_view data, size_t max_len = 16) { return out; } +// Helper summaries annotate verbose logging without dumping entire buffers. std::string SummarizeText(std::string_view data) { std::string summary = "len=" + std::to_string(data.size()); summary.append(" text=\""); @@ -165,6 +170,7 @@ std::string SummarizeText(std::string_view data) { return summary; } +// Presents binary payloads in a compact mixed hex/text form for diagnostics. std::string SummarizeBinary(std::string_view data) { std::string summary = "len=" + std::to_string(data.size()); if(!data.empty()) { @@ -177,6 +183,7 @@ std::string SummarizeBinary(std::string_view data) { return summary; } +// Encodes headers for trace logs so we can see what mutator just set. std::string SummarizeHeaderValue(const curl::fuzzer::proto::HeaderValue &value) { switch(value.value_case()) { case curl::fuzzer::proto::HeaderValue::kText: @@ -189,6 +196,7 @@ std::string SummarizeHeaderValue(const curl::fuzzer::proto::HeaderValue &value) } } +// Distills response payloads plus hints to one log line for replay debugging. std::string SummarizeResponse(const curl::fuzzer::proto::Response &response) { std::string summary = SummarizeBinary(response.payload()); if(response.has_hint()) { @@ -214,6 +222,7 @@ std::string SummarizeResponse(const curl::fuzzer::proto::Response &response) { return summary; } +// Breaks down MIME parts so verbose output shows the shape of each upload. std::string SummarizeMimePart(const curl::fuzzer::proto::MimePart &part) { std::string summary; if(!part.name().empty()) { @@ -251,6 +260,7 @@ std::string SummarizeMimePart(const curl::fuzzer::proto::MimePart &part) { return summary; } +// Similar to MIME summaries but tailored for classic form posts. std::string SummarizeFormField(const curl::fuzzer::proto::FormField &field) { std::string summary; summary.append("name="); @@ -273,12 +283,14 @@ std::string SummarizeFormField(const curl::fuzzer::proto::FormField &field) { return summary; } +// Owns scratch buffers that mirror proto data so libcurl can outlive the message. class ScenarioState { public: ScenarioState() = default; ScenarioState(const ScenarioState &) = delete; ScenarioState &operator=(const ScenarioState &) = delete; + // Curl expects zero-terminated strings that stay valid; copy them into owned storage. const char *CopyString(std::string_view sv) { auto owned = std::make_unique(sv.size() + 1); std::memcpy(owned.get(), sv.data(), sv.size()); @@ -288,6 +300,7 @@ class ScenarioState { return ptr; } + // Binary blobs need stable backing memory for CURLFORM_PTRCONTENTS and similar paths. std::pair CopyBytes(std::string_view sv) { byte_buffers_.emplace_back(); auto &storage = byte_buffers_.back(); @@ -297,6 +310,7 @@ class ScenarioState { return {ptr, storage.size()}; } + // Converts proto headers to the format curl_slist requires, owning the storage. int HeaderValueToCString(const curl::fuzzer::proto::HeaderValue &value, const char **out) { switch(value.value_case()) { @@ -325,10 +339,12 @@ class ScenarioState { std::vector> cstrings_; }; +// Passed into the fuzz harness so the lifetime of ScenarioState is reference counted. void DestroyScenarioState(void *ptr) { delete static_cast(ptr); } +// curl_easy_setopt "long" overload accepts several proto numeric types; normalize here. long ProtoToLong(const curl::fuzzer::proto::SetOption &option) { switch(option.value_case()) { case curl::fuzzer::proto::SetOption::kInt32Value: @@ -352,6 +368,7 @@ long ProtoToLong(const curl::fuzzer::proto::SetOption &option) { } } +// Some CURLOPTs expect curl_off_t; reuse ProtoToLong while preserving native width. curl_off_t ProtoToOffT(const curl::fuzzer::proto::SetOption &option) { switch(option.value_case()) { case curl::fuzzer::proto::SetOption::kUint64Value: @@ -373,6 +390,7 @@ curl_off_t ProtoToOffT(const curl::fuzzer::proto::SetOption &option) { } } +// Prevents conflicting mutations: once an option is set we refuse to overwrite it. int EnsureOptionUnset(FUZZ_DATA *fuzz, CURLoption opt, const OptionDescriptor *desc) { (void)desc; if(fuzz->options[opt % 1000] != 0) { @@ -381,10 +399,12 @@ int EnsureOptionUnset(FUZZ_DATA *fuzz, CURLoption opt, const OptionDescriptor *d return 0; } +// Tracks which curl options have been claimed, so EnsureOptionUnset can police reuse. void MarkOptionSet(FUZZ_DATA *fuzz, CURLoption opt) { fuzz->options[opt % 1000] = 1; } +// Shared helpers wrap curl_easy_setopt calls and mark bookkeeping on success. int ApplyStringOption(FUZZ_DATA *fuzz, const OptionDescriptor *desc, const char *value) { @@ -418,6 +438,8 @@ int ApplyOffOption(FUZZ_DATA *fuzz, return 0; } +// Central dispatcher for option mutations: validates descriptor, enforces scope rules, +// and copies data so curl references remain valid after the protobuf message is gone. int ApplySetOption(const curl::fuzzer::proto::SetOption &option, ScenarioState *state, FUZZ_DATA *fuzz) { @@ -576,6 +598,7 @@ int ApplySetOption(const curl::fuzzer::proto::SetOption &option, } } +// Adds a header to the easy handle: we store it in a curl_slist the harness will free. int ApplyHeader(const curl::fuzzer::proto::AddHeader &header, ScenarioState *state, FUZZ_DATA *fuzz) { @@ -600,6 +623,7 @@ int ApplyHeader(const curl::fuzzer::proto::AddHeader &header, return 0; } +// POP3/SMTP fuzzers need dynamic recipient lists; mirror header handling for mail APIs. int ApplyMailRecipient(const curl::fuzzer::proto::AddMailRecipient &recipient, ScenarioState *state, FUZZ_DATA *fuzz) { @@ -624,6 +648,7 @@ int ApplyMailRecipient(const curl::fuzzer::proto::AddMailRecipient &recipient, return 0; } +// Captures upload payloads in ScenarioState buffers and toggles CURLOPTs accordingly. int ApplyRegisterUpload(const curl::fuzzer::proto::RegisterUpload &upload, ScenarioState *state, FUZZ_DATA *fuzz) { @@ -672,6 +697,7 @@ int ApplyRegisterUpload(const curl::fuzzer::proto::RegisterUpload &upload, return 0; } +// Builds individual MIME parts while copying proto-managed storage into curl-owned form. int ApplyMimePart(const curl::fuzzer::proto::MimePart &part, ScenarioState *state, curl_mime *mime) { @@ -730,6 +756,7 @@ int ApplyMimePart(const curl::fuzzer::proto::MimePart &part, return 0; } +// Lazily allocates a curl_mime handle and appends each proto part for the active request. int ApplyConfigureMime(const curl::fuzzer::proto::ConfigureMime &config, ScenarioState *state, FUZZ_DATA *fuzz) { @@ -757,11 +784,13 @@ int ApplyConfigureMime(const curl::fuzzer::proto::ConfigureMime &config, return 0; } +// Recreates the legacy curl_httppost linked list for form submissions, stitching chains +// together across multiple actions so later CURLOPT_HTTPPOST calls see all parts. int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, ScenarioState *state, FUZZ_DATA *fuzz) { struct curl_httppost *post = NULL; - struct curl_httppost *last = fuzz->httppost; + struct curl_httppost *last = NULL; size_t index = 0; for(const auto &field : config.fields()) { if(fuzz->verbose) { @@ -799,20 +828,36 @@ int ApplyConfigureHttpPost(const curl::fuzzer::proto::ConfigureHttpPost &config, break; } if(form_rc != CURL_FORMADD_OK) { + if(post != NULL) { + curl_formfree(post); + } return 255; } ++index; } + if(post == NULL) { + return 0; + } + if(fuzz->httppost == NULL) { fuzz->httppost = post; } - else if(post != NULL) { - fuzz->last_post_part->next = post; + else { + struct curl_httppost *tail = fuzz->last_post_part; + if(tail == NULL) { + tail = fuzz->httppost; + while(tail->next != NULL) { + tail = tail->next; + } + } + tail->next = post; } + fuzz->last_post_part = last; return 0; } +// Copies response payloads into ScenarioState buffers so socket managers can replay them. int ApplyResponse(const curl::fuzzer::proto::Response &response, ScenarioState *state, FUZZ_RESPONSE *dest) { @@ -822,6 +867,8 @@ int ApplyResponse(const curl::fuzzer::proto::Response &response, return 0; } +// Applies scripted server behaviour: each connection slot gets preset responses and +// optional follow-up messages so the harness can emulate remote peers. int ApplyConnections(const google::protobuf::RepeatedPtrField &connections, ScenarioState *state, FUZZ_DATA *fuzz) { @@ -877,6 +924,8 @@ int ApplyConnections(const google::protobuf::RepeatedPtrField(config.allowed_protocols_size()); ++ii) { - if(ii > 0) { - protocols.append(","); - } - protocols.append(config.allowed_protocols(ii)); - } - if(fuzz->verbose) { - FV_PRINTF(fuzz, - "SCENARIO: global allowed_protocols=%s\n", - protocols.c_str()); - } - const char *value = state->CopyString(protocols); - CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_PROTOCOLS_STR, value); - if(code != CURLE_OK) { - return static_cast(code); - } - } - if(config.timeout_ms() != 0) { - if(fuzz->verbose) { - FV_PRINTF(fuzz, - "SCENARIO: global timeout_ms=%u\n", - config.timeout_ms()); - } - CURLcode code = - curl_easy_setopt(fuzz->easy, CURLOPT_TIMEOUT_MS, static_cast(config.timeout_ms())); - if(code != CURLE_OK) { - return static_cast(code); - } - } - if(config.server_response_timeout_ms() != 0) { - if(fuzz->verbose) { - FV_PRINTF(fuzz, - "SCENARIO: global server_response_timeout_ms=%u\n", - config.server_response_timeout_ms()); - } - CURLcode code = curl_easy_setopt(fuzz->easy, - CURLOPT_SERVER_RESPONSE_TIMEOUT, - static_cast(config.server_response_timeout_ms())); - if(code != CURLE_OK) { - return static_cast(code); - } - } - if(config.verbose()) { - if(fuzz->verbose) { - FV_PRINTF(fuzz, "SCENARIO: global enable_verbose\n"); - } - CURLcode code = curl_easy_setopt(fuzz->easy, CURLOPT_VERBOSE, 1L); - if(code != CURLE_OK) { - return static_cast(code); - } - } - return 0; -} - } // namespace +// Entry point from the fuzz harness: hydrate scenario state, run all actions, then wire +// up scripted connections so the fuzzer sees a complete environment. int ApplyScenario(const curl::fuzzer::proto::Scenario &scenario, FUZZ_DATA *fuzz) { auto state = std::make_unique(); - int rc = ApplyGlobalDefaults(scenario.global(), state.get(), fuzz); - if(rc != 0) { - return rc; - } + int rc = 0; for(const auto &action : scenario.actions()) { rc = ApplyAction(action, state.get(), fuzz); if(rc != 0) { diff --git a/generated/curl_fuzzer_option_manifest.inc b/generated/curl_fuzzer_option_manifest.inc index a54f0f0d..acd115ac 100644 --- a/generated/curl_fuzzer_option_manifest.inc +++ b/generated/curl_fuzzer_option_manifest.inc @@ -17,8 +17,6 @@ static constexpr OptionDescriptor kOptionManifest[] = { {curl::fuzzer::proto::CURLOPT_CONNECTTIMEOUT_MS, OptionValueKind::kUint32, true, "CURLOPT_CONNECTTIMEOUT_MS", CURLOPT_CONNECTTIMEOUT_MS}, {curl::fuzzer::proto::CURLOPT_CONNECT_ONLY, OptionValueKind::kUint32, true, "CURLOPT_CONNECT_ONLY", CURLOPT_CONNECT_ONLY}, {curl::fuzzer::proto::CURLOPT_COOKIE, OptionValueKind::kString, true, "CURLOPT_COOKIE", CURLOPT_COOKIE}, - {curl::fuzzer::proto::CURLOPT_COOKIEFILE, OptionValueKind::kString, true, "CURLOPT_COOKIEFILE", CURLOPT_COOKIEFILE}, - {curl::fuzzer::proto::CURLOPT_COOKIEJAR, OptionValueKind::kString, true, "CURLOPT_COOKIEJAR", CURLOPT_COOKIEJAR}, {curl::fuzzer::proto::CURLOPT_COOKIELIST, OptionValueKind::kString, true, "CURLOPT_COOKIELIST", CURLOPT_COOKIELIST}, {curl::fuzzer::proto::CURLOPT_COOKIESESSION, OptionValueKind::kUint32, true, "CURLOPT_COOKIESESSION", CURLOPT_COOKIESESSION}, {curl::fuzzer::proto::CURLOPT_CUSTOMREQUEST, OptionValueKind::kString, true, "CURLOPT_CUSTOMREQUEST", CURLOPT_CUSTOMREQUEST}, @@ -92,7 +90,6 @@ static constexpr OptionDescriptor kOptionManifest[] = { {curl::fuzzer::proto::CURLOPT_MAXREDIRS, OptionValueKind::kUint32, true, "CURLOPT_MAXREDIRS", CURLOPT_MAXREDIRS}, {curl::fuzzer::proto::CURLOPT_MAX_RECV_SPEED_LARGE, OptionValueKind::kUint64, true, "CURLOPT_MAX_RECV_SPEED_LARGE", CURLOPT_MAX_RECV_SPEED_LARGE}, {curl::fuzzer::proto::CURLOPT_MAX_SEND_SPEED_LARGE, OptionValueKind::kUint64, true, "CURLOPT_MAX_SEND_SPEED_LARGE", CURLOPT_MAX_SEND_SPEED_LARGE}, - {curl::fuzzer::proto::CURLOPT_MIMEPOST, OptionValueKind::kMime, true, "CURLOPT_MIMEPOST", CURLOPT_MIMEPOST}, {curl::fuzzer::proto::CURLOPT_MIME_OPTIONS, OptionValueKind::kUint32, true, "CURLOPT_MIME_OPTIONS", CURLOPT_MIME_OPTIONS}, {curl::fuzzer::proto::CURLOPT_NETRC, OptionValueKind::kUint32, true, "CURLOPT_NETRC", CURLOPT_NETRC}, {curl::fuzzer::proto::CURLOPT_NEW_DIRECTORY_PERMS, OptionValueKind::kUint32, true, "CURLOPT_NEW_DIRECTORY_PERMS", CURLOPT_NEW_DIRECTORY_PERMS}, diff --git a/schemas/curl_fuzzer.proto b/schemas/curl_fuzzer.proto index cc5f7f0b..55e09ee8 100644 --- a/schemas/curl_fuzzer.proto +++ b/schemas/curl_fuzzer.proto @@ -7,18 +7,8 @@ package curl.fuzzer.proto; // between legacy TLV corpora and the structured representation. message Scenario { - GlobalConfig global = 1; - repeated Action actions = 2; - repeated Connection connections = 3; -} - -// Global options and defaults that apply before individual actions run. -message GlobalConfig { - repeated SetOption defaults = 1; - repeated string allowed_protocols = 2; - uint32 timeout_ms = 3; - uint32 server_response_timeout_ms = 4; - bool verbose = 5; + repeated Action actions = 1; + repeated Connection connections = 2; } message SetOption { @@ -180,8 +170,6 @@ enum CurlOptionId { CURLOPT_CONNECTTIMEOUT_MS = 156; CURLOPT_CONNECT_ONLY = 141; CURLOPT_COOKIE = 10022; - CURLOPT_COOKIEFILE = 10031; - CURLOPT_COOKIEJAR = 10082; CURLOPT_COOKIELIST = 10135; CURLOPT_COOKIESESSION = 96; CURLOPT_CUSTOMREQUEST = 10036; @@ -255,7 +243,6 @@ enum CurlOptionId { CURLOPT_MAXREDIRS = 68; CURLOPT_MAX_RECV_SPEED_LARGE = 30146; CURLOPT_MAX_SEND_SPEED_LARGE = 30145; - CURLOPT_MIMEPOST = 10269; CURLOPT_MIME_OPTIONS = 315; CURLOPT_NETRC = 51; CURLOPT_NEW_DIRECTORY_PERMS = 160; diff --git a/schemas/curl_fuzzer_supported_curlopts.txt b/schemas/curl_fuzzer_supported_curlopts.txt index a6a67a96..ee9bdd79 100644 --- a/schemas/curl_fuzzer_supported_curlopts.txt +++ b/schemas/curl_fuzzer_supported_curlopts.txt @@ -15,8 +15,6 @@ CURLOPT_CONNECTTIMEOUT CURLOPT_CONNECTTIMEOUT_MS CURLOPT_CONNECT_ONLY CURLOPT_COOKIE -CURLOPT_COOKIEFILE -CURLOPT_COOKIEJAR CURLOPT_COOKIELIST CURLOPT_COOKIESESSION CURLOPT_CUSTOMREQUEST @@ -90,7 +88,6 @@ CURLOPT_MAXLIFETIME_CONN CURLOPT_MAXREDIRS CURLOPT_MAX_RECV_SPEED_LARGE CURLOPT_MAX_SEND_SPEED_LARGE -CURLOPT_MIMEPOST CURLOPT_MIME_OPTIONS CURLOPT_NETRC CURLOPT_NEW_DIRECTORY_PERMS diff --git a/scripts/compile_target.sh b/scripts/compile_target.sh index 7cd27ba5..76bde8d5 100755 --- a/scripts/compile_target.sh +++ b/scripts/compile_target.sh @@ -28,6 +28,9 @@ TARGET=${1:-fuzz} SCRIPTDIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) export BUILD_ROOT; BUILD_ROOT=$(readlink -f "${SCRIPTDIR}/..") +# shellcheck source=stdlib_flag_utils.sh +source "${SCRIPTDIR}/stdlib_flag_utils.sh" + # Check for GDB-specific behaviour by checking for the GDBMODE flag. # - Compile with -O0 so that DEBUGASSERTs can be debugged in gdb. if [[ -n ${GDBMODE:-} ]] @@ -39,6 +42,16 @@ else CMAKE_GDB_FLAG="-DBUILD_GDB=OFF" fi +# The OSS-Fuzz toolchain injects -stdlib=libc++, but several of our +# dependencies (notably system protobuf) are built against libstdc++. +# Mixing libstdc++ and libc++ results in unresolved symbols with +# std::__1 types, so drop the explicit libc++ request and rely on the +# default toolchain choice instead. +strip_flag CXXFLAGS "-stdlib=libc++" +strip_flag CFLAGS "-stdlib=libc++" + +ensure_libstdcxx_flag CXXFLAGS + echo "BUILD_ROOT: $BUILD_ROOT" echo "SRC: ${SRC:-undefined}" echo "CC: ${CC:-undefined}" diff --git a/scripts/stdlib_flag_utils.sh b/scripts/stdlib_flag_utils.sh new file mode 100644 index 00000000..b780d71e --- /dev/null +++ b/scripts/stdlib_flag_utils.sh @@ -0,0 +1,89 @@ +#!/usr/bin/env bash +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Max Dymond, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +########################################################################### + +# shellcheck shell=bash + +strip_flag() +{ + local var_name=$1 + local flag=$2 + local current=${!var_name-} + + if [[ -n ${current:-} ]] + then + # shellcheck disable=SC2140 + current=${current//${flag}/} + current=$(echo "${current}" | tr -s ' ') + export "${var_name}"="${current}" + fi +} + +_stdlib_compiler_supports_libstdcxx() +{ + local compiler_words + + if [[ -n ${CXX:-} ]] + then + # shellcheck disable=SC2206 + compiler_words=( ${CXX} ) + else + compiler_words=( c++ ) + fi + + if ! command -v "${compiler_words[0]}" >/dev/null 2>&1 + then + return 1 + fi + + local tmp_src tmp_obj + tmp_src=$(mktemp) + tmp_obj=$(mktemp) + + cat <<'EOF' > "${tmp_src}" +int main() { return 0; } +EOF + + if "${compiler_words[@]}" -x c++ "${tmp_src}" -c -o "${tmp_obj}" -stdlib=libstdc++ >/dev/null 2>&1 + then + rm -f "${tmp_src}" "${tmp_obj}" + return 0 + fi + + rm -f "${tmp_src}" "${tmp_obj}" + return 1 +} + +ensure_libstdcxx_flag() +{ + local var_name=$1 + + if _stdlib_compiler_supports_libstdcxx + then + if [[ ${!var_name:-} != *"-stdlib=libstdc++"* ]] + then + export "${var_name}"="${!var_name:-} -stdlib=libstdc++" + fi + else + strip_flag "${var_name}" "-stdlib=libstdc++" + fi +} \ No newline at end of file From 673925bae77d03ed38c25ab307772b08d3f9ed87 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 23:05:21 +0000 Subject: [PATCH 07/10] Install 32-bit dependencies in the 32-bit build environment. --- scripts/32bitdeps.sh | 26 ++++++++++++++++++++++++++ scripts/compile_target.sh | 6 ++++++ 2 files changed, 32 insertions(+) create mode 100755 scripts/32bitdeps.sh diff --git a/scripts/32bitdeps.sh b/scripts/32bitdeps.sh new file mode 100755 index 00000000..699abecc --- /dev/null +++ b/scripts/32bitdeps.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash +# +# This script is called in a 32-bit build environment to install necessary +# dependencies. + +set -ex + +# Work out if we need to install with sudo or not. +if [[ $(id -u) -eq 0 ]] +then + # We are root, so we can install without sudo. + echo "Running as root, no sudo required." + export SUDO="" +else + # We are not root, so we need to use sudo. + echo "Running as non-root, using sudo." + export SUDO="sudo" +fi + +# Download dependencies for oss-fuzz +$SUDO dpkg --add-architecture i386 +$SUDO apt-get -o Dpkg::Use-Pty=0 update +$SUDO apt-get -o Dpkg::Use-Pty=0 install -y \ + protobuf-compiler:i386 \ + libprotobuf-dev:i386 \ + libstdc++-9-dev:i386 diff --git a/scripts/compile_target.sh b/scripts/compile_target.sh index 76bde8d5..a36a6641 100755 --- a/scripts/compile_target.sh +++ b/scripts/compile_target.sh @@ -31,6 +31,12 @@ export BUILD_ROOT; BUILD_ROOT=$(readlink -f "${SCRIPTDIR}/..") # shellcheck source=stdlib_flag_utils.sh source "${SCRIPTDIR}/stdlib_flag_utils.sh" +# Install any 32-bit dependencies if building for 32-bit. +if [[ "${ARCHITECTURE:-}" == "i386" ]] +then + "${SCRIPTDIR}/32bitdeps.sh" +fi + # Check for GDB-specific behaviour by checking for the GDBMODE flag. # - Compile with -O0 so that DEBUGASSERTs can be debugged in gdb. if [[ -n ${GDBMODE:-} ]] From 1272ccc276f523f84732d4084f95cf62f2deafb1 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 23:24:55 +0000 Subject: [PATCH 08/10] Force static use of protobuf --- CMakeLists.txt | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 76be33bf..aec60790 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,6 +1,8 @@ cmake_minimum_required(VERSION 3.11) project(curl_fuzzer_deps) +set(Protobuf_USE_STATIC_LIBS ON CACHE BOOL "Link against static protobuf" FORCE) + if(NOT "$ENV{MAKE}" STREQUAL "") set(MAKE "$ENV{MAKE}") else() @@ -23,7 +25,7 @@ target_link_libraries(curl_fuzzer_proto PUBLIC ${PROTOBUF_LIBRARIES}) # Install libprotobuf-mutator # # renovate: datasource=github-tags depName=google/libprotobuf-mutator -set(LIB_PROTO_MUTATOR_TAG master) +set(LIB_PROTO_MUTATOR_TAG v1.5) set(LIB_PROTO_MUTATOR_INSTALL_DIR ${CMAKE_BINARY_DIR}/libprotobuf-mutator-install) set(LIB_PROTO_MUTATOR_INCLUDE_DIR ${LIB_PROTO_MUTATOR_INSTALL_DIR}/include) set(LIB_PROTO_MUTATOR_STATIC_LIB ${LIB_PROTO_MUTATOR_INSTALL_DIR}/lib/libprotobuf-mutator.a) @@ -40,6 +42,7 @@ ExternalProject_Add(libprotobuf_mutator_external -DLIB_PROTO_MUTATOR_WITH_LIBFUZZER=ON -DLIB_PROTO_MUTATOR_EXAMPLES=OFF -DLIB_PROTO_MUTATOR_TESTING=OFF + -DProtobuf_USE_STATIC_LIBS=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON BUILD_BYPRODUCTS ${LIB_PROTO_MUTATOR_STATIC_LIB} ${LIB_PROTO_MUTATOR_FUZZER_LIB} INSTALL_COMMAND ${CMAKE_COMMAND} --build . --target install @@ -397,6 +400,7 @@ set(COMMON_LINK_LIBS pthread m ) +list(APPEND COMMON_LINK_LIBS ${PROTOBUF_LIBRARIES}) set(COMMON_LINK_OPTIONS ${LIB_FUZZING_ENGINE_FLAG}) # Ensure that curl and its dependencies are built before the fuzzers From 228c8b4527c84033de78f32adca7e7199fbc0870 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Fri, 31 Oct 2025 23:55:34 +0000 Subject: [PATCH 09/10] Reduce warnings from utf-8 string parsing --- schemas/curl_fuzzer.proto | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/schemas/curl_fuzzer.proto b/schemas/curl_fuzzer.proto index 55e09ee8..748f7b99 100644 --- a/schemas/curl_fuzzer.proto +++ b/schemas/curl_fuzzer.proto @@ -15,7 +15,7 @@ message SetOption { CurlOptionId option_id = 1; OptionScope scope = 2; oneof value { - string string_value = 10; + bytes string_value = 10; bytes bytes_value = 11; int32 int32_value = 12; uint32 uint32_value = 13; @@ -94,30 +94,30 @@ message OptionalDelay { message HeaderValue { oneof value { - string text = 1; + bytes text = 1; bytes binary = 2; } } message MimePart { - string name = 1; + bytes name = 1; oneof body { bytes bytes_value = 2; - string inline_data = 3; + bytes inline_data = 3; } - string filename = 4; - string content_type = 5; + bytes filename = 4; + bytes content_type = 5; repeated HeaderValue headers = 6; } message FormField { - string name = 1; + bytes name = 1; oneof body { bytes bytes_value = 2; - string inline_data = 3; + bytes inline_data = 3; } - string filename = 4; - string content_type = 5; + bytes filename = 4; + bytes content_type = 5; } // Scope for options that support multiple namespaces (e.g. proxy vs easy). From 54422f1697f239f07429e9958359734778643a98 Mon Sep 17 00:00:00 2001 From: Max Dymond Date: Sat, 1 Nov 2025 00:01:32 +0000 Subject: [PATCH 10/10] Force static libc --- CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index aec60790..dff042f1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -402,6 +402,7 @@ set(COMMON_LINK_LIBS ) list(APPEND COMMON_LINK_LIBS ${PROTOBUF_LIBRARIES}) set(COMMON_LINK_OPTIONS ${LIB_FUZZING_ENGINE_FLAG}) +list(APPEND COMMON_LINK_OPTIONS -static-libstdc++ -static-libgcc) # Ensure that curl and its dependencies are built before the fuzzers set(FUZZ_DEPS curl_external ${CURL_DEPS} ${LIB_FUZZING_ENGINE_DEP} curl_fuzzer_proto libprotobuf_mutator_external)