test/fuzz: add grammar-based LuaJIT fuzzer
Patch adds a LuaJIT fuzzer based on libprotobuf-mutator and LibFuzzer. Grammar is described via messages in protobuf format, serializer is applied to convert .proto format to string. For displaying generated code on the screen during fuzzing set the environment variable 'LPM_DUMP_NATIVE_INPUT'. For displaying error messages from lua functions set the environment variable 'LUA_FUZZER_VERBOSE'. Note: UndefinedBehaviourSanitizer is unsupported by LuaJIT (see #8473), so fuzzing test is disabled when CMake option ENABLE_UB_SANITIZER is passed. Closes #4823 NO_DOC=<fuzzing testing of LuaJIT> NO_TEST=<fuzzing testing of LuaJIT> (cherry picked from commit a287c853)
Showing
- changelogs/unreleased/luajit-grammar-fuzzer.md 3 additions, 0 deletionschangelogs/unreleased/luajit-grammar-fuzzer.md
- test/fuzz/CMakeLists.txt 8 additions, 0 deletionstest/fuzz/CMakeLists.txt
- test/fuzz/luaL_loadbuffer/CMakeLists.txt 32 additions, 0 deletionstest/fuzz/luaL_loadbuffer/CMakeLists.txt
- test/fuzz/luaL_loadbuffer/luaL_loadbuffer_fuzzer.cc 72 additions, 0 deletionstest/fuzz/luaL_loadbuffer/luaL_loadbuffer_fuzzer.cc
- test/fuzz/luaL_loadbuffer/lua_grammar.proto 402 additions, 0 deletionstest/fuzz/luaL_loadbuffer/lua_grammar.proto
- test/fuzz/luaL_loadbuffer/serializer.cc 700 additions, 0 deletionstest/fuzz/luaL_loadbuffer/serializer.cc
- test/fuzz/luaL_loadbuffer/serializer.h 123 additions, 0 deletionstest/fuzz/luaL_loadbuffer/serializer.h
Loading