search

google / oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.
https://google.github.io/oss-fuzz
Apache License 2.0
10.13k stars 2.16k forks source link

[lxml] Update Known Exception Handling to Unblock Fuzzing #12012

Closed DaveLak closed 1 month ago

DaveLak commented 1 month ago

The changes here update the fuzz_sax test harness to gracefully handle a documented exception so the fuzzer will not exit when the exception is raised. This PR also removes the special case handling in fuzz_schematron.py for a bug in lxml.isoschematron.Schematron that has been fixed.

Changes to fuzz_sax.py

The IndexError raised in src/lxml/sax.py is a known bug with an issue marked as low priority in lxml's bug tracker since 2023-03-14: https://bugs.launchpad.net/lxml/+bug/2011542

Changes to fuzz_schematron.py

The unhandled KeyError bug in the lxml.isoschematron.Schematron class that was previously identified by fuzzing has been fixed upstream via: https://github.com/lxml/lxml/pull/423.

github-actions[bot] commented 1 month ago

DaveLak has previously contributed to projects/lxml. The previous PR was #11957