Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Unified Diff: net/data/fuzzer_dictionaries/net_http_stream_parser_fuzzer.dict

Issue 2128583006: [libfuzzer] Add or update dictionaries for //net fuzzers. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Update comments. Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/data/fuzzer_dictionaries/net_http_stream_parser_fuzzer.dict
diff --git a/net/data/fuzzer_dictionaries/net_http_stream_parser_fuzzer.dict b/net/data/fuzzer_dictionaries/net_http_stream_parser_fuzzer.dict
new file mode 100644
index 0000000000000000000000000000000000000000..cba14dc5ee95bbb54915d74ff9fea9ebfc1f1fbc
--- /dev/null
+++ b/net/data/fuzzer_dictionaries/net_http_stream_parser_fuzzer.dict
@@ -0,0 +1,1039 @@
+# Copyright 2016 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# Fuzzer dictionary targetting HTTP/1.x responses.
+
+# Entries that are generally useful in headers
+":"
+"\x0A"
+"\x0D"
+"0"
+"50"
+"500"
+# Horizontal whitespace. Matters mostly in status line.
+" "
+"\x09"
+# Header continuation
+"\x0D\x0A\x09"
+# Used in a lot of individual headers
+";"
+"="
+","
+"\""
+"-"
+
+# Status line components
+"HTTP"
+"/1.1"
+"/1.0"
+# More interesting status codes. Leading space so can be inserted into
+# other status lines.
+" 100"
+" 200"
+" 206"
+" 301"
+" 302"
+" 303"
+" 304"
+" 307"
+" 308"
+" 401"
+" 403"
+" 404"
+" 500"
+" 501"
+" 403"
+
+# Full status lines (Some with relevant following headers)
+"HTTP/1.1 200 OK\x0A\x0A"
+"HTTP/1.1 100 Continue\x0A\x0A"
+"HTTP/1.1 401 Unauthorized\x0AWWW-Authenticate: Basic realm=\"Middle-Earth\"\x0A\xA0"
+"HTTP/1.1 407 Proxy Authentication Required\x0AProxy-Authenticate: Digest realm=\"Middle-Earth\", nonce=\"aaaaaaaaaa\"\x0A\x0A"
+"HTTP/1.0 301 Moved Permanently\x0ALocation: /a\x0A\x0A"
+"HTTP/1.1 302 Found\x0ALocation: http://lost/\x0A\x0A"
+
+# Proxy authentication headers. Note that fuzzers don't support NTLM or
+# negotiate.
+"WWW-Authenticate:"
+"Proxy-Authenticate:"
+"Basic"
+"Digest"
+"realm"
+"nonce"
+
+"Connection:"
+"Proxy-Connection:"
+"Keep-Alive"
+"Close"
+"Upgrade"
+"\x0AConnection: Keep-Alive"
+"\x0AConnection: Close"
+"\x0AProxy-Connection: Keep-Alive"
+"\x0AProxy-Connection: Close"
+
+"Content-Length:"
+"Transfer-Encoding:"
+"chunked"
+"\x0AContent-Length: 0"
+"\x0AContent-Length: 500"
+"\x0ATransfer-Encoding: chunked\x0A\x0A5\x0A12345\x0A0\x0A\x0A"
+
+"Location:"
+"\x0ALocation: http://foo/"
+"\x0ALocation: http://bar/"
+"\x0ALocation: https://foo/"
+"\x0ALocation: https://bar/"
+
+"Accept-Ranges:"
+"bytes"
+"\x0AAccept-Ranges: bytes"
+
+"Content-Range:"
+
+"Age:"
+"\x0AAge: 0"
+"\x0AAge: 3153600000"
+
+"Cache-Control:"
+"max-age"
+"no-cache"
+"no-store"
+"must-revalidate"
+"\x0ACache-Control: max-age=3153600000"
+"\x0ACache-Control: max-age=0"
+"\x0ACache-Control: no-cache"
+"\x0ACache-Control: no-store"
+"\x0ACache-Control: must-revalidate"
+
+"Content-Disposition:"
+"attachment"
+"filename"
+
+"Content-Encoding:"
+"gzip"
+"deflate"
+"sdch"
+"br"
+"\x0AContent-Encoding: gzip"
+"\x0AContent-Encoding: deflate"
+"\x0AContent-Encoding: sdch"
+"\x0AContent-Encoding: br"
+
+"Date:"
+"Fri, 01 Apr, 2050 14:14:14 GMT"
+"Mon, 28 Mar, 2016 04:04:04 GMT"
+"\x0ADate: Fri, 01 Apr, 2050 14:14:14 GMT"
+"\x0ADate: Mon, 28 Mar, 2016 04:04:04 GMT"
+
+"Last-Modified:"
+"\x0ALast-Modified: Fri, 01 Apr, 2050 14:14:14 GMT"
+"\x0ALast-Modified: Mon, 28 Mar, 2016 04:04:04 GMT"
+
+"Expires:"
+"\x0AExpires: Fri, 01 Apr, 2050 14:14:14 GMT"
+"\x0AExpires: Mon, 28 Mar, 2016 04:04:04 GMT"
+
+"Set-Cookie:"
+"Expires"
+"Max-Age"
+"Domain"
+"Path"
+"Secure"
+"HttpOnly"
+"Priority"
+"Low"
+"Medium"
+"High"
+"SameSite"
+"Strict"
+"Lax"
+"\x0ASet-Cookie: foo=bar"
+"\x0ASet-Cookie: foo2=bar2;HttpOnly;Priority=Low;SameSite=Strict;Path=/"
+"\x0ASet-Cookie: foo=chicken;SameSite=Lax"
+
+"Strict-Transport-Security:"
+"includeSubDomains"
+
+"Vary:"
+"\x0AVary: Cookie"
+"\x0AVary: Age"
+
+"ETag:"
+"\x0AETag: jumboshrimp"
+
+
+# This part has been generated with testing/libfuzzer/dictionary_generator.py
+# using net_http_stream_parser_fuzzer binary and RFC 2616.
+"all"
+"code"
+"maximum"
+"Transfer-Encoding"
+"D.,"
+"results"
+"follow"
+"(LZW)."
+"provided."
+"(which"
+"ISDN"
+"\"TE\""
+"LF>"
+"FORCE"
+"calculate"
+"\"IETF"
+"UNIX,"
+"ARPA"
+"\"OPTIONAL\""
+"environment"
+"ENGINEERING"
+"program"
+"USENET"
+"TEXT"
+"Not"
+"Nov"
+"include"
+"resources"
+"(STD"
+"labels"
+"string"
+"returning"
+"HTTP/1.1;"
+"SP,"
+"SP."
+"entries"
+"HTTP/1.1,"
+"HTTP/1.1."
+"difference"
+"(URI):"
+"did"
+"[CRLF]"
+"EXPRESS"
+"list"
+"HTTP/1.0\","
+"(RFC"
+"large"
+"ONLY"
+"Tag"
+"(LWS"
+"(URL)\","
+"\"A\"..\"Z\">"
+"unexpected"
+"GET)"
+"direct"
+"Failed"
+"second"
+"Version"
+"\"A\""
+"allowed."
+"GET,"
+"tag."
+"implemented"
+"\"HTTP/1.0\""
+"errors"
+"ISO-8859-4,"
+"appear"
+"incompatible"
+"section"
+"CPU"
+"current"
+"waiting"
+"version"
+"above"
+"TTL"
+"new"
+"CRLF)"
+"public"
+"FTP"
+"NNTP."
+"WWW-"
+"never"
+"equals"
+"\"HTTP/1.1"
+"reported"
+"objects"
+"address"
+"active"
+"\"HEAD\""
+"["
+"\"POST\""
+"HTTP."
+"change"
+"MA"
+"\"AS"
+"last-modified"
+"BACK)"
+"NOT"
+"NNTP"
+"named"
+"useful"
+"secure"
+"case."
+"detected."
+"\"HTTP\""
+"private"
+"CERN/3.0"
+"CTE"
+"(CTE)"
+"Too"
+"CTL"
+"PUT,"
+"user-agent"
+"PUT)"
+"POST"
+"select"
+"use"
+"TASK"
+"from"
+"exception."
+"working"
+"to"
+"positive"
+"two"
+"URI;"
+"properties"
+"few"
+"--THIS_STRING_SEPARATES"
+"POST,"
+"call"
+"memory"
+"MUST,"
+"scope"
+"type"
+"authorization"
+"more"
+"ISO-8859-9,"
+"(GMT),"
+"(TE)"
+"name."
+"LF,"
+"RFC-850"
+"warn"
+"bytes,"
+"Found"
+"cases"
+"MHTML"
+"name:"
+"must"
+"Content"
+"ALL"
+"MHTML,"
+"RIGHTS"
+"this"
+"NTP"
+"work"
+"--THIS_STRING_SEPARATES--"
+"Syntax"
+"can"
+"of"
+"following"
+"\"I"
+"closing"
+"root"
+"example"
+"requested,"
+"J.,"
+"type."
+"reserved"
+"stream"
+"process"
+"attribute"
+"allowed"
+"high"
+"currency"
+"numbers"
+"want"
+"type:"
+"native"
+"LF"
+"class,"
+"end"
+"Missing"
+"HTTP-"
+"HTTP,"
+"links"
+"1"
+"line."
+"2*N"
+"H."
+"1XX"
+"WARRANTIES,"
+"HTTP:"
+"A"
+"badly"
+"HEAD"
+"may"
+"insecure"
+"after"
+"containing"
+"tracking"
+"wrong"
+"[SP"
+"ANSI,"
+"date"
+"such"
+"data"
+"parallel"
+"repeat"
+"a"
+"FTP,"
+"All"
+"short"
+"Y."
+"UA"
+"(2**N),"
+"element"
+"so"
+"cases."
+"File"
+"(LWS)"
+"\"DEFLATE"
+"order"
+"charset"
+"\"SHOULD"
+"don't"
+"MIC"
+"move"
+"vary"
+"satisfied"
+"CD-ROM,"
+"HTTP-WG."
+"LINK,"
+"pointer"
+"its"
+"digest"
+"before"
+"HTML"
+"(OK)"
+"Rules"
+"MAY,"
+"fix"
+"ISO-3166"
+"actually"
+"407"
+"(GNU"
+"\"HTTP/1.1\","
+"P.,"
+"401"
+"MERCHANTABILITY"
+"DNS."
+"into"
+"\"HTTP"
+"it."
+"it,"
+"return"
+"URL"
+"URI"
+"number"
+"Bad"
+"not"
+"However,"
+"SSL"
+"name"
+"always"
+"expectation."
+"--"
+"ISO-639"
+"]URI,"
+"found"
+"trailer"
+"mean"
+"breakdown"
+"From"
+"UTC"
+"(via"
+"(URI)"
+"UNLINK"
+"expect"
+"exceeded"
+"(MIC)"
+"event"
+"out"
+"is:"
+"E."
+"space"
+"\"MUST/MAY/SHOULD\""
+"REQUIRED"
+"ALPHA"
+"HTTP/2.4"
+"4DIGIT"
+"increase"
+"L."
+"time."
+"PATCH,"
+"supports"
+"2DIGIT"
+"K.,"
+"(A,"
+"This"
+"free"
+"\"B\""
+"RFC"
+"base"
+"IMPLIED,"
+"byte"
+"received."
+"generate"
+"text/plain"
+"ISO-8859-7,"
+"\"HTTP/1.1\""
+"Partial"
+"could"
+"transition"
+"DISCLAIMS"
+"times"
+"filter"
+"HTML\","
+"length"
+"HEAD."
+"HEAD,"
+"S.,"
+"first"
+"origin"
+"\"E\""
+"already"
+"UPALPHA"
+"3DIGIT"
+"Cache"
+"Please"
+"token."
+"one"
+"CHAR"
+"ISI"
+"another"
+"FITNESS"
+"message"
+"CSS1,"
+"open"
+"size"
+"doesn't"
+"\""
+"script"
+"unknown"
+"top"
+"header)"
+"system"
+"construct"
+"image/gif"
+"2"
+"ignored."
+"listed"
+"Date"
+"LOALPHA"
+"scheme"
+"store"
+"too"
+"M."
+"Success"
+"that"
+"completed"
+"OPTIONAL;"
+"R"
+"pragma"
+"(IANA"
+"WAIS"
+"F.,"
+"than"
+"K."
+"target"
+"Content-Type:"
+"require"
+"Only"
+"HTTP/2.13,"
+"headers"
+"See"
+"GMT."
+"HTTP/2.0,"
+"were"
+"1)"
+"IS\""
+"1*8ALPHA"
+"are"
+"and"
+"IRC/6.9,"
+"false"
+"turned"
+"ANSI"
+"B"
+"(IANA)"
+"tables"
+"have"
+"MIME,"
+"need"
+"HTTP/1.1.)"
+"null"
+"any"
+"contents"
+"data)"
+"(LZ77)"
+"(MIME"
+"mechanism"
+"internal"
+"(C)"
+"take"
+"which"
+"With"
+"UCI"
+"HTTP/0.9,"
+"content-"
+"200"
+"begin"
+"multiple"
+"TCP/IP"
+"Content-Disposition"
+"206"
+"buffer"
+"object"
+"\"MUST\","
+"regular"
+"entry"
+"The"
+"]"
+"model"
+"D."
+"US-ASCII"
+"L.,"
+"(URL)"
+"If"
+"+"
+"\"MIME"
+"Note:"
+"particularly"
+"WA"
+"text"
+"supported"
+"\"C\""
+"Unrecognized"
+"CRLF."
+"CRLF,"
+"SP"
+"find"
+"MUST"
+"true,"
+"cache."
+"upgrade"
+"cache)"
+"implementation"
+"("
+"[RFC"
+"cache"
+"outside"
+"should"
+"failed"
+"only"
+"URL)."
+"LDAP)"
+"USA"
+"WARRANTIES"
+"(UA)"
+"get"
+"there"
+"HEREIN"
+"\"HTTP\"."
+"cannot"
+"shared"
+"THE"
+"BNF"
+"DIGIT,"
+"closure"
+"PUT"
+"reading"
+"resource"
+"A.,"
+"W."
+"16"
+"ISO-8859."
+"calling"
+"J."
+"INCLUDING"
+"common"
+"INTERNET"
+"release"
+"ISI/RR-98-463,"
+"\"CONNECT\""
+"where"
+"set"
+"IANA"
+"For"
+"\"F\""
+"configured"
+"C"
+"this,"
+"multipart"
+"close"
+"E.,"
+"end."
+"detect"
+"GET"
+"WWW\","
+"1*DIGIT"
+"BUT"
+"MIT"
+"3"
+"unable"
+"between"
+"probably"
+"boundary"
+"0)"
+"\"SHALL"
+"\"RECOMMENDED\","
+"available"
+"we"
+"FOR"
+"missing"
+"importance"
+"screen"
+"connection."
+"PARTICULAR"
+"UNIX"
+"STD"
+"ISO-8859-1"
+"key"
+"(MIME)"
+"P."
+"\"HTTP/1.1\"."
+"HTTP/1.0),"
+"AND"
+"received"
+"WWW"
+"TRACE"
+"\"MAY\","
+"many"
+"*TEXT"
+"Unsupported"
+"using:"
+"connection"
+"Unicode"
+"*OCTET"
+"exceeds"
+"(URN)"
+"safely"
+"ANY"
+"can't"
+"WARRANTY"
+"ISO-8859-8,"
+"Content-Length"
+"consume"
+"simple"
+"header"
+"DNS)"
+"colon"
+"\"GET\""
+"spans"
+"1*HEX"
+"table"
+"allocated"
+"BCP"
+"application/pdf"
+"LWS:"
+"save"
+"\"REQUIRED\","
+"Wed,"
+"C."
+"C,"
+"encryption"
+"create"
+"(MHTML)\","
+"been"
+"."
+"HTTP/12.3."
+"\"PUT\""
+"context."
+"LWS,"
+"basic"
+"expected"
+"prototype"
+"GMT,"
+"empty"
+"define"
+"PNG,\""
+"\"D\""
+"with"
+"CA"
+"HEX"
+"N"
+"0*3DIGIT"
+"\"W/\""
+"CR"
+"\"DELETE\""
+"unnecessarily"
+"case"
+"exception"
+"(A"
+"(HTTP)"
+"value"
+"INFRINGE"
+"while"
+"\"GZIP"
+"\"SHALL\","
+"error"
+"\"GMT\""
+"(LWS)."
+"resident"
+"is"
+"thus"
+"it"
+"encountered"
+"parse"
+"MIME"
+"in"
+"SIGCOMM"
+"You"
+"if"
+"result"
+"binary"
+"different"
+"\"A"
+")"
+"CREATE"
+"expired"
+"1DIGIT"
+"same"
+"OPTIONS"
+"transfer-encoding"
+"BNF,"
+"unrecognized"
+"units"
+"UST"
+"status"
+"\"%"
+"used"
+"http"
+"context"
+"I"
+"IP"
+"(O)."
+"allocation"
+"running"
+"*LWS"
+"user"
+"SMTP"
+"\"SHOULD\","
+"stack"
+"task"
+"CR."
+"failing"
+"IETF"
+"M.,"
+"Names"
+"In"
+"position"
+"the"
+"audio"
+"left"
+"US-ASCII."
+"MAY"
+"THAT"
+"being"
+"(OK)."
+"actions"
+"invalid"
+"HTTP/1.0)"
+"CRC."
+"previous"
+"adding"
+"TO"
+"<US-ASCII"
+"source"
+"ISO-8859-2,"
+"\"OPTIONS\""
+"location"
+"HTTP/1.0"
+"HTTP/1.1"
+"size,"
+"has"
+"match"
+"build"
+"URI."
+"tests"
+"format"
+"read"
+"H.,"
+"T"
+"using"
+"LIMITED"
+"OK"
+"text/html"
+"success"
+"ISO-8859-5,"
+"B,"
+"signal"
+"MIME:"
+"(HTCPCP/1.0)\","
+"server"
+"ignore"
+"OF"
+"output"
+"page"
+"S."
+"because"
+"old"
+"sequence"
+"HT."
+"B.,"
+"some"
+"back"
+"HT"
+"Last-Modified"
+"growth"
+"DEL"
+"specified"
+"unless"
+"H.F.,"
+"HTTP/1.0."
+"(BNF)"
+"happens"
+"discarded"
+"PUT."
+"INDEX."
+"trace"
+"for"
+"avoid"
+"CR,"
+"does"
+"CONNECT"
+"assuming"
+"be"
+"run"
+"GET."
+"deleted"
+"equivalent"
+"X3.4-1986"
+"<URL:"
+"O"
+"ISO-8859-1."
+"broken"
+"host"
+"HTTP/1.0,"
+"LWS>"
+"INFORMATION"
+"X3.4-1986,"
+"by"
+"ALPHA,"
+"Location"
+"on"
+"DIGIT"
+"actual"
+"extension"
+"tracing"
+"R.,"
+"\"UTF-8,"
+"*<TEXT,"
+"OR"
+"range"
+"3ALPHA"
+"URI,"
+"value."
+"Message"
+"DELETE"
+"content-type"
+"or"
+"UC"
+"No"
+"ISO-"
+"image"
+"ACM"
+"HEX\""
+"URL,"
+"ISO-8859-6,"
+"T.,"
+"operator"
+"T/TCP"
+"file."
+"GET\""
+"transfer"
+"support"
+"*"
+"long"
+"class"
+"start"
+"forward"
+"was"
+"function"
+"HT,"
+"N."
+"HTTP/1.1\","
+"OCTET"
+"but"
+"failure"
+"TE:"
+"IMPLIED"
+"CRLF"
+"DNS"
+"Error"
+"\"ZLIB"
+"line"
+"trying"
+"true"
+"GMT"
+"count"
+"default"
+"B."
+"ISO-8859-1,"
+"up"
+"ISO-8859-1)"
+"SHOULD"
+"PURPOSE."
+"used."
+"WILL"
+">"
+"called"
+"delete"
+"DELETE,"
+"storing"
+"USE"
+"image/jpeg"
+"defined"
+"LWS"
+"URL."
+"unsafe"
+"an"
+"To"
+"as"
+"warning"
+"exist"
+"at"
+"file"
+"NOT\""
+"NOT,"
+"W3C/MIT"
+"ISO-8859-1:1987."
+"SHTTP/1.3,"
+"no"
+"when"
+"A,"
+"virtual"
+"A."
+"details."
+"application"
+"valid"
+"OPTIONAL"
+"\"TRACE\""
+"test"
+"MD5"
+"you"
+"TE"
+"ISO-8859-3,"
+"requested"
+"elements"
+"C)"
+"symbol"
+"T."
+"code)"
+"variable"
+"SOCIETY"
+"\"MUST"
+"TCP"
+"ISO-10646\","
+"NOT\","
+"R."
+"audio/basic"
+"IANA."
+"\"WAIS"
+"persistent"
+"Its"
+"As"
+"time"
+"failures"
+"\"ISO-8859-1\""
+"once"
+

Powered by Google App Engine
This is Rietveld 408576698