From 665353dcb4a9d018f124127151b320632c177f26 Mon Sep 17 00:00:00 2001 From: Arjun Date: Wed, 12 Jun 2024 10:36:39 +0530 Subject: fuzzing: add a fuzzing seed corpus and dictionary Signed-off-by: Arjun Reviewed-by: Andrew Clayton Signed-off-by: Andrew Clayton --- fuzzing/fuzz_http_seed_corpus/nxt_http_test_bench.bin | 16 ++++++++++++++++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_0.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_1.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_10.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_11.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_12.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_13.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_14.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_15.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_16.bin | 4 ++++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_17.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_18.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_19.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_2.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_20.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_21.bin | 4 ++++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_22.bin | 3 +++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_23.bin | 5 +++++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_24.bin | 5 +++++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_3.bin | 1 + fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_4.bin | 1 + fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_5.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_6.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_7.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_8.bin | 2 ++ fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_9.bin | 2 ++ 26 files changed, 84 insertions(+) create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_bench.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_0.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_1.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_10.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_11.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_12.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_13.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_14.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_15.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_16.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_17.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_18.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_19.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_2.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_20.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_21.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_22.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_23.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_24.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_3.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_4.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_5.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_6.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_7.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_8.bin create mode 100644 fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_9.bin (limited to 'fuzzing/fuzz_http_seed_corpus') diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_bench.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_bench.bin new file mode 100644 index 00000000..64e2f7e8 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_bench.bin @@ -0,0 +1,16 @@ +POST /path/to/very/interesting/article/on.this.site?arg1=value&arg2=value2&very_big_arg=even_bigger_value HTTP/1.1 +Host: www.example.com +User-Agent: Mozilla/5.0 (X11; Gentoo Linux x86_64; rv:42.0) Firefox/42.0 +Accept: text/html,application/json,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4 +Accept-Encoding: gzip, deflate, br +If-Modified-Since: Wed, 31 Dec 1986 16:00:00 GMT +Referer: https://example.org/path/to/not-interesting/article.html +Cookie: name=value; name2=value2; some_big_cookie=Olr+/9hoA0og/dAcHH1p8sEFAHAAAAAElFTkSuQmCC +Connection: keep-alive +Content-Length: 0 +Upgrade-Insecure-Requests: 1 +Pragma: no-cache +Cache-Control: no-cache +X-Forwarded-For: 192.0.2.0, 198.51.100.0, 203.0.113.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_0.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_0.bin new file mode 100644 index 00000000..00ff084d --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_0.bin @@ -0,0 +1,2 @@ +XXX-METHOD /d.ir/fi+le.ext?key=val HTTP/1.2 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_1.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_1.bin new file mode 100644 index 00000000..2f6c6149 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_1.bin @@ -0,0 +1,2 @@ +GEt / HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_10.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_10.bin new file mode 100644 index 00000000..03337016 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_10.bin @@ -0,0 +1,2 @@ +GET /na %20me.ext?args HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_11.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_11.bin new file mode 100644 index 00000000..bac5bc27 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_11.bin @@ -0,0 +1,2 @@ +GET / HTTP/1.0 HTTP/1.1 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_12.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_12.bin new file mode 100644 index 00000000..75bd72e2 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_12.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Host:example.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_13.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_13.bin new file mode 100644 index 00000000..2216ec8d --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_13.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Host: + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_14.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_14.bin new file mode 100644 index 00000000..12435096 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_14.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +:Host: example.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_15.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_15.bin new file mode 100644 index 00000000..88bb36f4 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_15.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Ho_st: example.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_16.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_16.bin new file mode 100644 index 00000000..ce7453c2 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_16.bin @@ -0,0 +1,4 @@ +GET / HTTP/1.1 +Ho +st: example.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_17.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_17.bin new file mode 100644 index 00000000..5016e0df --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_17.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Host: exa mple.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_18.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_18.bin new file mode 100644 index 00000000..d2409a88 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_18.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Host: example.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_19.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_19.bin new file mode 100644 index 00000000..40e39921 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_19.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +!#$%&'*+.^_`|~: allowed + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_2.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_2.bin new file mode 100644 index 00000000..cfc0d81a --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_2.bin @@ -0,0 +1,3 @@ +GET / + HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_20.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_20.bin new file mode 100644 index 00000000..b1deb571 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_20.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Host: xn--e1afmkfd.xn--80akhbyknj4f + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_21.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_21.bin new file mode 100644 index 00000000..89565fd8 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_21.bin @@ -0,0 +1,4 @@ +GET / HTTP/1.1 +Host: exa +mple.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_22.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_22.bin new file mode 100644 index 00000000..3e0f8f6a --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_22.bin @@ -0,0 +1,3 @@ +GET / HTTP/1.1 +Host: exa mple.com + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_23.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_23.bin new file mode 100644 index 00000000..da0661e5 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_23.bin @@ -0,0 +1,5 @@ +GET / HTTP/1.1 +X-Unknown-Header: value +X-Good-Header: value +!#$%&'*+.^_`|~: skipped + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_24.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_24.bin new file mode 100644 index 00000000..6b5232e3 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_24.bin @@ -0,0 +1,5 @@ +GET / HTTP/1.1 +X-Good-Header: value +X-Unknown-Header: value +X-Bad-Header: value + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_3.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_3.bin new file mode 100644 index 00000000..20afdfb4 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_3.bin @@ -0,0 +1 @@ +GET / HTTP/1.0 diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_4.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_4.bin new file mode 100644 index 00000000..22b52346 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_4.bin @@ -0,0 +1 @@ +GET / HTTP/2.0 diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_5.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_5.bin new file mode 100644 index 00000000..2da59689 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_5.bin @@ -0,0 +1,2 @@ +GET /. HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_6.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_6.bin new file mode 100644 index 00000000..9cf4c094 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_6.bin @@ -0,0 +1,2 @@ +GET /# HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_7.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_7.bin new file mode 100644 index 00000000..d02576e0 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_7.bin @@ -0,0 +1,2 @@ +GET /?# HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_8.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_8.bin new file mode 100644 index 00000000..fa246dc4 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_8.bin @@ -0,0 +1,2 @@ +GET // HTTP/1.0 + diff --git a/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_9.bin b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_9.bin new file mode 100644 index 00000000..2668f283 --- /dev/null +++ b/fuzzing/fuzz_http_seed_corpus/nxt_http_test_run_9.bin @@ -0,0 +1,2 @@ +GET /%20 HTTP/1.0 + -- cgit