Add dictionary files for fuzzers where possible.

2025-08-22 09:57:41 +00:00 · 2021-02-23 11:28:47 -07:00 · 2021-02-23 11:28:47 -07:00 · 081e219e23
commit 081e219e23
parent e0761b9e3b
9 changed files with 304 additions and 0 deletions
--- a/5
+++ b/5
@ -137,6 +137,7 @@ lib/iolog/regress/corpus/timing/timing.2
 lib/iolog/regress/corpus/timing/timing.3
 lib/iolog/regress/corpus/timing/timing.4
 lib/iolog/regress/fuzz/fuzz_iolog_json.c
+lib/iolog/regress/fuzz/fuzz_iolog_json.dict
 lib/iolog/regress/fuzz/fuzz_iolog_legacy.c
 lib/iolog/regress/fuzz/fuzz_iolog_timing.c
 lib/iolog/regress/host_port/host_port_test.c  
@ -217,6 +218,7 @@ lib/util/regress/corpus/sudo_conf/sudo.conf.3
 lib/util/regress/fnmatch/fnm_test.c
 lib/util/regress/fnmatch/fnm_test.in
 lib/util/regress/fuzz/fuzz_sudo_conf.c
+lib/util/regress/fuzz/fuzz_sudo_conf.dict
 lib/util/regress/getdelim/getdelim_test.c
 lib/util/regress/getgrouplist/getgrouplist_test.c
 lib/util/regress/glob/files
@ -715,9 +717,12 @@ plugins/sudoers/regress/env_match/check_env_pattern.c
 plugins/sudoers/regress/env_match/data
 plugins/sudoers/regress/exptilde/check_exptilde.c
 plugins/sudoers/regress/fuzz/fuzz_policy.c
+plugins/sudoers/regress/fuzz/fuzz_policy.dict
 plugins/sudoers/regress/fuzz/fuzz_sudoers.c
+plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
 plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok
 plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c
+plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
 plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
 plugins/sudoers/regress/parser/check_addr.c
 plugins/sudoers/regress/parser/check_addr.in
--- a/lib/iolog/Makefile.in
+++ b/lib/iolog/Makefile.in
@ -221,6 +221,7 @@ install-fuzzer: $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS)
 	    echo "must set FUZZ_DESTDIR for install-fuzzer target"; \
 	else \
 	    cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \
+	    cp $(srcdir)/regress/fuzz/*.dict $(FUZZ_DESTDIR); \
 	fi

 uninstall:
--- a/lib/iolog/regress/fuzz/fuzz_iolog_json.dict
+++ b/lib/iolog/regress/fuzz/fuzz_iolog_json.dict
@ -0,0 +1,17 @@
+# I/O log JSON keywords
+\"columns\"
+\"command\"
+\"lines\"
+\"runargv\"
+\"runenv\"
+\"rungid\"
+\"rungroup\"
+\"runuid\"
+\"runuser\"
+\"runchroot\"
+\"runcwd\"
+\"submitcwd\"
+\"submithost\"
+\"submituser\"
+\"timestamp\"
+\"ttyname\"
--- a/lib/util/Makefile.in
+++ b/lib/util/Makefile.in
@ -329,6 +329,7 @@ install-fuzzer: $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS)
 	    echo "must set FUZZ_DESTDIR for install-fuzzer target"; \
 	else \
 	    cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \
+	    cp $(srcdir)/regress/fuzz/*.dict $(FUZZ_DESTDIR); \
 	fi

 uninstall:
--- a/lib/util/regress/fuzz/fuzz_sudo_conf.dict
+++ b/lib/util/regress/fuzz/fuzz_sudo_conf.dict
@ -0,0 +1,19 @@
+# sudo.conf keywords
+Debug
+Path
+Plugin
+Set
+
+# Paths
+askpass
+sesh
+noexec
+plugin_dir
+devsearch
+
+# Variables
+developer_mode
+disable_coredump
+group_source
+max_groups
+probe_interfaces
--- a/plugins/sudoers/Makefile.in
+++ b/plugins/sudoers/Makefile.in
@ -521,6 +521,7 @@ install-fuzzer: $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS)
 	    echo "must set FUZZ_DESTDIR for install-fuzzer target"; \
 	else \
 	    cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \
+	    cp $(srcdir)/regress/fuzz/*.dict $(FUZZ_DESTDIR); \
 	fi

 uninstall:
--- a/plugins/sudoers/regress/fuzz/fuzz_policy.dict
+++ b/plugins/sudoers/regress/fuzz/fuzz_policy.dict
@ -0,0 +1,51 @@
+# Policy plugin keywords (all are keyword = value)
+
+# sudoers plugin options from sudo.conf
+error_recovery
+sudoers_file
+sudoers_uid
+sudoers_gid
+sudoers_mode
+ldap_conf
+ldap_secret
+
+# command line settings from front-end
+closefrom
+cmnd_chroot
+cmnd_cwd
+runas_user
+runas_group
+prompt
+set_home
+preserve_environment
+run_shell
+login_shell
+implied_shell
+preserve_groups
+ignore_ticket
+noninteractive
+sudoedit
+login_class
+runas_privs
+runas_limitprivs
+selinux_role
+selinux_type
+bsdauth_type
+network_addrs
+max_groups
+remote_host
+timeout
+plugin_dir
+
+# user information from front-end
+user
+uid
+gid
+groups
+cwd
+tty
+host
+lines
+cols
+sid
+umask
--- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
+++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
@ -0,0 +1,195 @@
+# Sudoers policy keywords (all are keyword = value)
+
+# Aliases
+Cmnd_Alias
+Cmd_Alias
+Host_Alias
+Runas_Alias
+User_Alias
+
+# Special keywords
+ALL
+(ALL:ALL)
+sudoedit
+
+# Date_Spec
+20170214083000Z
+2017021408Z
+20160315220000-0500
+20151201235900
+
+# Timeout_Spec
+7d8h30m10s
+14d
+8h30m
+600s
+3600
+
+# Command digests
+sha224:
+sha256:
+sha384:
+sha512:
+
+# Command tags
+NOPASSWD
+PASSWD
+NOEXEC
+EXEC
+SETENV
+NOSETENV
+LOG_INPUT
+NOLOG_INPUT
+LOG_OUTPUT
+NOLOG_OUTPUT
+FOLLOWLNK
+NOFOLLOWLNK
+MAIL
+NOMAIL
+
+# Command options
+CHROOT
+CWD
+CMND_TIMEOUT
+NOTBEFORE
+NOTAFTER
+ROLE
+TYPE
+PRIVS
+LIMITPRIVS
+
+# Defaults settings
+Defaults
+syslog
+syslog_goodpri
+syslog_badpri
+long_otp_prompt
+ignore_dot
+mail_always
+mail_badpass
+mail_no_user
+mail_no_host
+mail_no_perms
+mail_all_cmnds
+tty_tickets
+lecture
+lecture_file
+authenticate
+root_sudo
+log_host
+log_year
+shell_noargs
+set_home
+always_set_home
+path_info
+fqdn
+insults
+requiretty
+env_editor
+rootpw
+runaspw
+targetpw
+use_loginclass
+set_logname
+stay_setuid
+preserve_groups
+loglinelen
+timestamp_timeout
+passwd_timeout
+passwd_tries
+umask
+logfile
+mailerpath
+mailerflags
+mailto
+mailfrom
+mailsub
+badpass_message
+lecture_status_dir
+timestampdir
+timestampowner
+exempt_group
+passprompt
+passprompt_override
+runas_default
+secure_path
+editor
+listpw
+verifypw
+noexec
+ignore_local_sudoers
+closefrom
+closefrom_override
+setenv
+env_reset
+env_check
+env_delete
+env_keep
+role
+type
+env_file
+restricted_env_file
+sudoers_locale
+visiblepw
+pwfeedback
+fast_glob
+umask_override
+log_input
+log_output
+compress_io
+use_pty
+group_plugin
+iolog_dir
+iolog_file
+set_utmp
+utmp_runas
+privs
+limitprivs
+exec_background
+pam_service
+pam_login_service
+pam_setcred
+pam_session
+pam_acct_mgmt
+maxseq
+use_netgroups
+sudoedit_checkdir
+sudoedit_follow
+always_query_group_plugin
+netgroup_tuple
+ignore_audit_errors
+ignore_iolog_errors
+ignore_logfile_errors
+match_group_by_gid
+syslog_maxlen
+iolog_user
+iolog_group
+iolog_mode
+fdexec
+ignore_unknown_defaults
+command_timeout
+user_command_timeouts
+iolog_flush
+syslog_pid
+timestamp_type
+authfail_message
+case_insensitive_user
+case_insensitive_group
+log_allowed
+log_denied
+log_servers
+log_server_timeout
+log_server_keepalive
+log_server_cabundle
+log_server_peer_cert
+log_server_peer_key
+log_server_verify
+runas_allow_unknown_id
+runas_check_shell
+pam_ruser
+pam_rhost
+runcwd
+runchroot
+log_format
+selinux
+admin_flag
--- a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
+++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
@ -0,0 +1,14 @@
+# Sudoers LDIF attributes
+
+description
+objectClass
+organizationalRole
+sudoCommand
+sudoHost
+sudoOption
+sudoOption
+sudoOrder
+sudoRunAs
+sudoRunAsGroup
+sudoRunAsUser
+sudoUser