lexer, ast, checksum and column specs fuzzers added

src/Compression/tests/CMakeLists.txt

@@ -5,6 +5,6 @@ add_executable (cached_compressed_read_buffer cached_compressed_read_buffer.cpp)
 target_link_libraries (cached_compressed_read_buffer PRIVATE dbms)
 
 if (ENABLE_FUZZING)
-    add_executable (compressed_buffer_fuzz compressed_buffer_fuzz.cpp)
-    target_link_libraries (compressed_buffer_fuzz PRIVATE dbms ${LIB_FUZZING_ENGINE})
+    add_executable (compressed_buffer_fuzzer compressed_buffer_fuzzer.cpp)
+    target_link_libraries (compressed_buffer_fuzzer PRIVATE dbms ${LIB_FUZZING_ENGINE})
 endif ()

src/Core/tests/CMakeLists.txt

@@ -10,3 +10,8 @@ target_link_libraries (move_field PRIVATE clickhouse_common_io)
 
 add_executable (string_ref_hash string_ref_hash.cpp)
 target_link_libraries (string_ref_hash PRIVATE clickhouse_common_io)
+
+if (ENABLE_FUZZING)
+    add_executable (names_and_types_fuzzer names_and_types_fuzzer.cpp)
+    target_link_libraries (names_and_types_fuzzer PRIVATE dbms ${LIB_FUZZING_ENGINE})
+endif ()

src/Core/tests/names_and_types_fuzzer.cpp

@@ -0,0 +1,17 @@
+#include <iostream>
+#include <Core/NamesAndTypes.h>
+#include <IO/ReadBufferFromMemory.h>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t * data, size_t size)
+try
+{
+    DB::ReadBufferFromMemory in(data, size);
+    DB::NamesAndTypesList res;
+    res.readText(in);
+
+    return 0;
+}
+catch (...)
+{
+    return 1;
+}

src/Parsers/tests/CMakeLists.txt

@@ -8,3 +8,14 @@ target_link_libraries(select_parser PRIVATE clickhouse_parsers)
 
 add_executable(create_parser create_parser.cpp ${SRCS})
 target_link_libraries(create_parser PRIVATE clickhouse_parsers)
+
+if (ENABLE_FUZZING)
+    add_executable(lexer_fuzzer lexer_fuzzer.cpp ${SRCS})
+    target_link_libraries(lexer_fuzzer PRIVATE clickhouse_parsers ${LIB_FUZZING_ENGINE})
+
+    add_executable(select_parser_fuzzer select_parser_fuzzer.cpp ${SRCS})
+    target_link_libraries(select_parser_fuzzer PRIVATE clickhouse_parsers ${LIB_FUZZING_ENGINE})
+
+    add_executable(create_parser_fuzzer create_parser_fuzzer.cpp ${SRCS})
+    target_link_libraries(create_parser_fuzzer PRIVATE clickhouse_parsers ${LIB_FUZZING_ENGINE})
+endif ()

src/Parsers/tests/create_parser_fuzzer.cpp

@@ -0,0 +1,25 @@
+#include <iostream>
+#include <string>
+
+#include <Parsers/ASTCreateQuery.h>
+#include <Parsers/ParserCreateQuery.h>
+#include <Parsers/formatAST.h>
+#include <Parsers/parseQuery.h>
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t * data, size_t size)
+try
+{
+    std::string input = std::string(reinterpret_cast<const char*>(data), size);
+
+    DB::ParserCreateQuery parser;
+    DB::ASTPtr ast = parseQuery(parser, input.data(), input.data() + input.size(), "", 0, 0);
+
+    DB::formatAST(*ast, std::cerr);
+
+    return 0;
+}
+catch (...)
+{
+    return 1;
+}

src/Parsers/tests/lexer_fuzzer.cpp

@@ -0,0 +1,30 @@
+#include <map>
+#include <Parsers/Lexer.h>
+#include <Parsers/TokenIterator.h>
+#include <Core/Types.h>
+
+#include <IO/ReadBufferFromMemory.h>
+#include <IO/ReadHelpers.h>
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t * data, size_t size)
+{
+    DB::String query;
+    DB::ReadBufferFromMemory in(data, size);
+    readStringUntilEOF(query, in);
+
+    DB::Lexer lexer(query.data(), query.data() + query.size());
+
+    while (true)
+    {
+        DB::Token token = lexer.nextToken();
+
+        if (token.isEnd())
+            break;
+
+        if (token.isError())
+            return 1;
+    }
+
+    return 0;
+}

src/Parsers/tests/select_parser_fuzzer.cpp

@@ -0,0 +1,23 @@
+#include <iostream>
+#include <string>
+
+#include <Parsers/ParserQueryWithOutput.h>
+#include <Parsers/parseQuery.h>
+#include <Parsers/formatAST.h>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t * data, size_t size)
+try
+{
+    std::string input = std::string(reinterpret_cast<const char*>(data), size);
+
+    DB::ParserQueryWithOutput parser;
+    DB::ASTPtr ast = parseQuery(parser, input.data(), input.data() + input.size(), "", 0, 0);
+
+    DB::formatAST(*ast, std::cerr);
+
+    return 0;
+}
+catch (...)
+{
+    return 1;
+}

src/Storages/tests/CMakeLists.txt

@@ -24,3 +24,8 @@ target_link_libraries (get_abandonable_lock_in_all_partitions PRIVATE dbms click
 
 add_executable (transform_part_zk_nodes transform_part_zk_nodes.cpp)
 target_link_libraries (transform_part_zk_nodes PRIVATE dbms clickhouse_common_config clickhouse_common_zookeeper string_utils ${Boost_PROGRAM_OPTIONS_LIBRARY})
+
+if (ENABLE_FUZZING)
+    add_executable (mergetree_checksum_fuzzer mergetree_checksum_fuzzer.cpp)
+    target_link_libraries (mergetree_checksum_fuzzer PRIVATE dbms ${LIB_FUZZING_ENGINE})
+endif ()

src/Storages/tests/mergetree_checksum_fuzzer.cpp

@@ -0,0 +1,24 @@
+#include <iostream>
+
+#include <IO/ReadBufferFromMemory.h>
+#include <IO/WriteBufferFromFileDescriptor.h>
+#include <Storages/MergeTree/MergeTreeDataPartChecksum.h>
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t * data, size_t size)
+try
+{
+    DB::ReadBufferFromMemory in(data, size);
+    DB::MergeTreeDataPartChecksums res;
+    DB::WriteBufferFromFileDescriptor out(STDOUT_FILENO);
+
+    if (!res.read(in))
+        return 1;
+    res.write(out);
+
+    return 0;
+}
+catch (...)
+{
+    return 1;
+}

tests/fuzz/ast.dict

@@ -0,0 +1,405 @@
+"ADD"
+"ADD COLUMN"
+"ADD CONSTRAINT"
+"ADD INDEX"
+"AFTER"
+"AggregateFunction"
+"aggThrow"
+"ALL"
+"ALTER LIVE VIEW"
+"ALTER TABLE"
+"ANALYZE"
+"and"
+"ANTI"
+"any"
+"anyHeavy"
+"anyLast"
+"argMax"
+"argMin"
+"array"
+"Array"
+"arrayAll"
+"arrayAUC"
+"arrayCompact"
+"arrayConcat"
+"arrayCount"
+"arrayCumSum"
+"arrayCumSumNonNegative"
+"arrayDifference"
+"arrayDistinct"
+"arrayElement"
+"arrayEnumerate"
+"arrayEnumerateDense"
+"arrayEnumerateDenseRanked"
+"arrayEnumerateUniq"
+"arrayEnumerateUniqRanked"
+"arrayExists"
+"arrayFill"
+"arrayFilter"
+"arrayFirst"
+"arrayFirstIndex"
+"arrayFlatten"
+"arrayIntersect"
+"arrayJoin"
+"ARRAY JOIN"
+"arrayMap"
+"arrayPopBack"
+"arrayPopFront"
+"arrayPushBack"
+"arrayPushFront"
+"arrayReduce"
+"arrayReduceInRanges"
+"arrayResize"
+"arrayReverse"
+"arrayReverseFill"
+"arrayReverseSort"
+"arrayReverseSplit"
+"arraySlice"
+"arraySort"
+"arraySplit"
+"arraySum"
+"arrayUniq"
+"arrayWithConstant"
+"arrayZip"
+"AS"
+"ASC"
+"ASCENDING"
+"ASOF"
+"AST"
+"ATTACH"
+"ATTACH PART"
+"ATTACH PARTITION"
+"avg"
+"avgWeighted"
+"basename"
+"BETWEEN"
+"BOTH"
+"boundingRatio"
+"BY"
+"CAST"
+"categoricalInformationValue"
+"CHECK"
+"CHECK TABLE"
+"CLEAR COLUMN"
+"CLEAR INDEX"
+"COLLATE"
+"COLUMNS"
+"COMMENT COLUMN"
+"CONSTRAINT"
+"corr"
+"corrStable"
+"count"
+"countEqual"
+"covarPop"
+"covarPopStable"
+"covarSamp"
+"covarSampStable"
+"CREATE"
+"CROSS"
+"CUBE"
+"cutFragment"
+"cutQueryString"
+"cutQueryStringAndFragment"
+"cutToFirstSignificantSubdomain"
+"cutURLParameter"
+"cutWWW"
+"D"
+"DATABASE"
+"DATABASES"
+"Date"
+"DATE"
+"DATE_ADD"
+"DATEADD"
+"DATE_DIFF"
+"DATEDIFF"
+"DATE_SUB"
+"DATESUB"
+"DateTime"
+"DateTime64"
+"DAY"
+"DD"
+"Decimal"
+"Decimal128"
+"Decimal32"
+"Decimal64"
+"decodeURLComponent"
+"DEDUPLICATE"
+"DELETE"
+"DELETE WHERE"
+"DESC"
+"DESCENDING"
+"DESCRIBE"
+"DETACH"
+"DETACH PARTITION"
+"DICTIONARIES"
+"DICTIONARY"
+"DISTINCT"
+"domain"
+"domainWithoutWWW"
+"DROP"
+"DROP COLUMN"
+"DROP CONSTRAINT"
+"DROP DETACHED PART"
+"DROP DETACHED PARTITION"
+"DROP INDEX"
+"DROP PARTITION"
+"emptyArrayToSingle"
+"ENGINE"
+"entropy"
+"Enum"
+"Enum16"
+"Enum8"
+"EVENTS"
+"EXCHANGE TABLES"
+"EXISTS"
+"EXTRACT"
+"extractURLParameter"
+"extractURLParameterNames"
+"extractURLParameters"
+"FETCH PARTITION"
+"FINAL"
+"FIRST"
+"firstSignificantSubdomain"
+"FixedString"
+"Float32"
+"Float64"
+"FOR"
+"ForEach"
+"FORMAT"
+"fragment"
+"FREEZE"
+"FROM"
+"FULL"
+"FUNCTION"
+"__getScalar"
+"GLOBAL"
+"GRANULARITY"
+"groupArray"
+"groupArrayInsertAt"
+"groupArrayMovingAvg"
+"groupArrayMovingSum"
+"groupArraySample"
+"groupBitAnd"
+"groupBitmap"
+"groupBitmapAnd"
+"groupBitmapOr"
+"groupBitmapXor"
+"groupBitOr"
+"groupBitXor"
+"GROUP BY"
+"groupUniqArray"
+"has"
+"hasAll"
+"hasAny"
+"HAVING"
+"HH"
+"histogram"
+"HOUR"
+"ID"
+"if"
+"IF EXISTS"
+"IF NOT EXISTS"
+"IN"
+"INDEX"
+"indexOf"
+"INNER"
+"IN PARTITION"
+"INSERT INTO"
+"Int16"
+"Int32"
+"Int64"
+"Int8"
+"INTERVAL"
+"IntervalDay"
+"IntervalHour"
+"IntervalMinute"
+"IntervalMonth"
+"IntervalQuarter"
+"IntervalSecond"
+"IntervalWeek"
+"IntervalYear"
+"INTO OUTFILE"
+"JOIN"
+"kurtPop"
+"kurtSamp"
+"LAST"
+"LAYOUT"
+"LEADING"
+"LEFT"
+"LEFT ARRAY JOIN"
+"length"
+"LIFETIME"
+"LIKE"
+"LIMIT"
+"LIVE"
+"LOCAL"
+"LowCardinality"
+"LTRIM"
+"M"
+"MATERIALIZED"
+"MATERIALIZE INDEX"
+"MATERIALIZE TTL"
+"max"
+"maxIntersections"
+"maxIntersectionsPosition"
+"Merge"
+"MI"
+"min"
+"MINUTE"
+"MM"
+"MODIFY"
+"MODIFY COLUMN"
+"MODIFY ORDER BY"
+"MODIFY QUERY"
+"MODIFY SETTING"
+"MODIFY TTL"
+"MONTH"
+"MOVE PART"
+"MOVE PARTITION"
+"movingXXX"
+"N"
+"NAME"
+"Nested"
+"NO DELAY"
+"NONE"
+"not"
+"nothing"
+"Nothing"
+"Null"
+"Nullable"
+"NULLS"
+"OFFSET"
+"ON"
+"ONLY"
+"OPTIMIZE TABLE"
+"ORDER BY"
+"OR REPLACE"
+"OUTER"
+"PARTITION"
+"PARTITION BY"
+"path"
+"pathFull"
+"POPULATE"
+"PREWHERE"
+"PRIMARY KEY"
+"protocol"
+"Q"
+"QQ"
+"QUARTER"
+"queryString"
+"queryStringAndFragment"
+"range"
+"REFRESH"
+"RENAME COLUMN"
+"RENAME TABLE"
+"REPLACE PARTITION"
+"Resample"
+"RESUME"
+"retention"
+"RIGHT"
+"ROLLUP"
+"RTRIM"
+"S"
+"SAMPLE"
+"SAMPLE BY"
+"SECOND"
+"SELECT"
+"SEMI"
+"sequenceCount"
+"sequenceMatch"
+"SET"
+"SETTINGS"
+"SHOW"
+"SHOW PROCESSLIST"
+"simpleLinearRegression"
+"skewPop"
+"skewSamp"
+"SOURCE"
+"SQL_TSI_DAY"
+"SQL_TSI_HOUR"
+"SQL_TSI_MINUTE"
+"SQL_TSI_MONTH"
+"SQL_TSI_QUARTER"
+"SQL_TSI_SECOND"
+"SQL_TSI_WEEK"
+"SQL_TSI_YEAR"
+"SS"
+"State"
+"stddevPop"
+"stddevPopStable"
+"stddevSamp"
+"stddevSampStable"
+"STEP"
+"stochasticLinearRegression"
+"stochasticLogisticRegression"
+"String"
+"SUBSTRING"
+"sum"
+"sumKahan"
+"sumMap"
+"sumMapFiltered"
+"sumMapFilteredWithOverflow"
+"sumMapWithOverflow"
+"sumWithOverflow"
+"SUSPEND"
+"TABLE"
+"TABLES"
+"TEMPORARY"
+"timeSeriesGroupRateSum"
+"timeSeriesGroupSum"
+"TIMESTAMP"
+"TIMESTAMP_ADD"
+"TIMESTAMPADD"
+"TIMESTAMP_DIFF"
+"TIMESTAMPDIFF"
+"TIMESTAMP_SUB"
+"TIMESTAMPSUB"
+"TO"
+"TO DISK"
+"TOP"
+"topK"
+"topKWeighted"
+"topLevelDomain"
+"TO TABLE"
+"TOTALS"
+"TO VOLUME"
+"TRAILING"
+"TRIM"
+"TRUNCATE"
+"TTL"
+"Tuple"
+"TYPE"
+"UInt16"
+"UInt32"
+"UInt64"
+"UInt8"
+"uniq"
+"uniqCombined"
+"uniqCombined64"
+"uniqExact"
+"uniqHLL12"
+"uniqUpTo"
+"UPDATE"
+"URLHierarchy"
+"URLPathHierarchy"
+"USE"
+"USING"
+"UUID"
+"VALUES"
+"varPop"
+"varPopStable"
+"varSamp"
+"varSampStable"
+"VIEW"
+"WATCH"
+"WEEK"
+"WHERE"
+"windowFunnel"
+"WITH"
+"WITH FILL"
+"WITH TIES"
+"WK"
+"WW"
+"YEAR"
+"YY"
+"YYYY"

tests/fuzz/create_parser_fuzzer.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+dict = ast.dict

tests/fuzz/datatypes.dict

@@ -0,0 +1,38 @@
+"Nothing"
+"UUID"
+"Enum8"
+"Enum16"
+"Enum"
+"Date"
+"IntervalSecond"
+"IntervalMinute"
+"IntervalHour"
+"IntervalDay"
+"IntervalWeek"
+"IntervalMonth"
+"IntervalQuarter"
+"IntervalYear"
+"AggregateFunction"
+"FixedString"
+"LowCardinality"
+"DateTime"
+"Nullable"
+"String"
+"UInt8"
+"UInt16"
+"UInt32"
+"UInt64"
+"Int8"
+"Int16"
+"Int32"
+"Int64"
+"Float32"
+"Float64"
+"DateTime64"
+"Decimal32"
+"Decimal64"
+"Decimal128"
+"Decimal"
+"Tuple"
+"Nested"
+"Array"

tests/fuzz/lexer_fuzzer.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+dict = ast.dict

tests/fuzz/names_and_types_fuzzer.in/columns.txt

@@ -0,0 +1,4 @@
+columns format version: 1
+2 columns:
+`action_id` UInt32
+`status` String

tests/fuzz/names_and_types_fuzzer.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+dict = datatypes.dict

tests/fuzz/select_parser_fuzzer.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+dict = ast.dict