From 681cc6e62c0347b7296fcf70b77613af7761dc2f Mon Sep 17 00:00:00 2001 From: Bracken Dawson Date: Sat, 27 Jan 2024 19:20:46 +0000 Subject: [PATCH 1/4] fix panic for missing property param operator --- calendar_test.go | 15 ++++++++++++++- property.go | 3 +++ testdata/fuzz/FuzzParseCalendar/5f69bd55acfce1af | 2 ++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 testdata/fuzz/FuzzParseCalendar/5f69bd55acfce1af diff --git a/calendar_test.go b/calendar_test.go index abbd39b..aca4cce 100644 --- a/calendar_test.go +++ b/calendar_test.go @@ -1,7 +1,7 @@ package ics import ( - "github.com/stretchr/testify/assert" + "bytes" "io" "io/ioutil" "os" @@ -11,6 +11,9 @@ import ( "testing" "time" "unicode/utf8" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) func TestTimeParsing(t *testing.T) { @@ -360,3 +363,13 @@ func TestIssue52(t *testing.T) { t.Fatalf("cannot read test directory: %v", err) } } + +func FuzzParseCalendar(f *testing.F) { + ics, err := os.ReadFile("testdata/timeparsing.ics") + require.NoError(f, err) + f.Add(ics) + f.Fuzz(func(t *testing.T, ics []byte) { + _, err := ParseCalendar(bytes.NewReader(ics)) + t.Log(err) + }) +} diff --git a/property.go b/property.go index 62418ad..da648f6 100644 --- a/property.go +++ b/property.go @@ -194,6 +194,9 @@ func parsePropertyParam(r *BaseProperty, contentLine string, p int) (*BaseProper k, v := "", "" k = string(contentLine[p : p+tokenPos[1]]) p += tokenPos[1] + if p >= len(contentLine) { + return nil, p, fmt.Errorf("missing property param operator for %s in %s", k, r.IANAToken) + } switch rune(contentLine[p]) { case '=': p += 1 diff --git a/testdata/fuzz/FuzzParseCalendar/5f69bd55acfce1af b/testdata/fuzz/FuzzParseCalendar/5f69bd55acfce1af new file mode 100644 index 0000000..4fbd2fc --- /dev/null +++ b/testdata/fuzz/FuzzParseCalendar/5f69bd55acfce1af @@ -0,0 +1,2 @@ +go test fuzz v1 +[]byte("0;0") From 3631125a31b5e5a706ba2d4845b5e9b2b5f6523f Mon Sep 17 00:00:00 2001 From: Bracken Dawson Date: Sat, 27 Jan 2024 19:35:37 +0000 Subject: [PATCH 2/4] fix panic when property ends without colon or value --- property.go | 3 +++ testdata/fuzz/FuzzParseCalendar/8856e23652c60ed6 | 2 ++ 2 files changed, 5 insertions(+) create mode 100644 testdata/fuzz/FuzzParseCalendar/8856e23652c60ed6 diff --git a/property.go b/property.go index da648f6..7a16203 100644 --- a/property.go +++ b/property.go @@ -213,6 +213,9 @@ func parsePropertyParam(r *BaseProperty, contentLine string, p int) (*BaseProper return nil, 0, fmt.Errorf("parse error: %w %s in %s", err, k, r.IANAToken) } r.ICalParameters[k] = append(r.ICalParameters[k], v) + if p >= len(contentLine) { + return nil, p, fmt.Errorf("unexpected end of property %s", r.IANAToken) + } switch rune(contentLine[p]) { case ',': p += 1 diff --git a/testdata/fuzz/FuzzParseCalendar/8856e23652c60ed6 b/testdata/fuzz/FuzzParseCalendar/8856e23652c60ed6 new file mode 100644 index 0000000..84d7974 --- /dev/null +++ b/testdata/fuzz/FuzzParseCalendar/8856e23652c60ed6 @@ -0,0 +1,2 @@ +go test fuzz v1 +[]byte("0;0=0") From a8f0586c9068f1577128e98214a7c9d359dfcdd9 Mon Sep 17 00:00:00 2001 From: Bracken Dawson Date: Sat, 27 Jan 2024 19:49:41 +0000 Subject: [PATCH 3/4] fix panic when param value has incomplete escape sequence --- property.go | 4 ++++ testdata/fuzz/FuzzParseCalendar/5940bf4f62ecac30 | 2 ++ 2 files changed, 6 insertions(+) create mode 100644 testdata/fuzz/FuzzParseCalendar/5940bf4f62ecac30 diff --git a/property.go b/property.go index 7a16203..5855896 100644 --- a/property.go +++ b/property.go @@ -2,6 +2,7 @@ package ics import ( "bytes" + "errors" "fmt" "io" "log" @@ -264,6 +265,9 @@ func parsePropertyParamValue(s string, p int) (string, int, error) { 0x1C, 0x1D, 0x1E, 0x1F: return "", 0, fmt.Errorf("unexpected char ascii:%d in property param value", s[p]) case '\\': + if p+2 >= len(s) { + return "", 0, errors.New("unexpected end of param value") + } r = append(r, []byte(FromText(string(s[p+1:p+2])))...) p++ continue diff --git a/testdata/fuzz/FuzzParseCalendar/5940bf4f62ecac30 b/testdata/fuzz/FuzzParseCalendar/5940bf4f62ecac30 new file mode 100644 index 0000000..9daedbd --- /dev/null +++ b/testdata/fuzz/FuzzParseCalendar/5940bf4f62ecac30 @@ -0,0 +1,2 @@ +go test fuzz v1 +[]byte("0;0=\\") From 46e2a5c0ed8c575780ff6f50bef9b7a8648f16e7 Mon Sep 17 00:00:00 2001 From: Bracken Dawson Date: Sun, 28 Jan 2024 12:58:24 +0000 Subject: [PATCH 4/4] Exclude fuzz testing from pre-1.18 toolchains --- calendar_fuzz_test.go | 22 ++++++++++++++++++++++ calendar_test.go | 15 +-------------- 2 files changed, 23 insertions(+), 14 deletions(-) create mode 100644 calendar_fuzz_test.go diff --git a/calendar_fuzz_test.go b/calendar_fuzz_test.go new file mode 100644 index 0000000..8d3f717 --- /dev/null +++ b/calendar_fuzz_test.go @@ -0,0 +1,22 @@ +//go:build go1.18 +// +build go1.18 + +package ics + +import ( + "bytes" + "os" + "testing" + + "github.com/stretchr/testify/require" +) + +func FuzzParseCalendar(f *testing.F) { + ics, err := os.ReadFile("testdata/timeparsing.ics") + require.NoError(f, err) + f.Add(ics) + f.Fuzz(func(t *testing.T, ics []byte) { + _, err := ParseCalendar(bytes.NewReader(ics)) + t.Log(err) + }) +} diff --git a/calendar_test.go b/calendar_test.go index aca4cce..abbd39b 100644 --- a/calendar_test.go +++ b/calendar_test.go @@ -1,7 +1,7 @@ package ics import ( - "bytes" + "github.com/stretchr/testify/assert" "io" "io/ioutil" "os" @@ -11,9 +11,6 @@ import ( "testing" "time" "unicode/utf8" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" ) func TestTimeParsing(t *testing.T) { @@ -363,13 +360,3 @@ func TestIssue52(t *testing.T) { t.Fatalf("cannot read test directory: %v", err) } } - -func FuzzParseCalendar(f *testing.F) { - ics, err := os.ReadFile("testdata/timeparsing.ics") - require.NoError(f, err) - f.Add(ics) - f.Fuzz(func(t *testing.T, ics []byte) { - _, err := ParseCalendar(bytes.NewReader(ics)) - t.Log(err) - }) -}