Skip to content

[libarchive] Expand fuzzing from 1 to 25 targets #14678

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
skypher wants to merge 2 commits into
base: master
Choose a base branch
from
Open

[libarchive] Expand fuzzing from 1 to 25 targets #14678

skypher wants to merge 2 commits into from
+125 −103

Conversation

@skypher
Copy link

@skypher skypher commented Dec 28, 2025

Summary

Update libarchive build configuration to use all 25 fuzz targets now available in upstream libarchive (merged in libarchive/libarchive#2820).

Changes

  • Update build.sh to compile all 25 fuzzers from contrib/oss-fuzz/
  • Copy dictionaries and options files for guided fuzzing
  • Generate seed corpora from libarchive's test files
  • Remove local libarchive_fuzzer.cc (now in upstream repo)

New Fuzzers (24 new, 25 total)

Format-specific (13):

  • tar, zip, 7zip, rar, rar5, xar, cab, lha, iso9660, cpio, warc, mtree, ar

Security-critical (4):

  • encryption, write_disk (path traversal), read_disk (symlinks), entry (ACL)

API coverage (7):

  • write, linkify, match, string, seek, roundtrip, filter

Coverage Targets

Previously uncovered functions now targeted:

Function Complexity Coverage Before
archive_entry_linkify 775 0%
ACL functions (7 total) 705-713 0%
xar_read_header 1,416 10.11%

Expected coverage improvement: 74% → 85-95%

Testing

@skypher
[libarchive] Expand fuzzing from 1 to 25 targets
40d9736 
Update build configuration to use all 25 fuzz targets now available
in upstream libarchive (merged in libarchive/libarchive#2820).

Changes:
- Update build.sh to compile all 25 fuzzers from contrib/oss-fuzz/
- Copy dictionaries and options files for guided fuzzing
- Generate seed corpora from libarchive's test files
- Remove local libarchive_fuzzer.cc (now in upstream repo)

New fuzzers include:
- 13 format-specific: tar, zip, 7zip, rar, rar5, xar, cab, lha,
  iso9660, cpio, warc, mtree, ar
- 4 security-critical: encryption, write_disk, read_disk, entry (ACL)
- 7 API coverage: write, linkify, match, string, seek, roundtrip, filter

Expected coverage improvement: 74% → 85-95%
@skypher
libarchive: Expand corpus patterns for TAR and CPIO fuzzers
f5a18e8 
- TAR: Change pattern from "test_compat_*tar*.uu" to "*tar*.uu"
  Increases coverage from 30 to 70 test files, including:
  - test_read_format_tar_*.uu
  - test_read_format_gtar_*.uu
  - test_pax_*.tar.uu
  - test_acl_pax_*.tar.uu

- CPIO: Change pattern from "test_compat_cpio*.uu" to "*cpio*.uu"
  Increases coverage from 1 to 11 test files, including:
  - test_read_format_cpio_*.uu
@google-cla
Copy link

google-cla bot commented Dec 28, 2025

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@github-actions
Copy link

github-actions bot commented Dec 28, 2025

skypher is a new contributor to projects/libarchive. The PR must be approved by known contributors before it can be merged. The past contributors are: Mrmaxmeier, DonggeLiu, jvoisin, cvediver, Dor1s, mmatuska (unverified)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@skypher