Skip to content

Add prism to OSS-Fuzz#15339

Open
tranquac wants to merge 1 commit intogoogle:masterfrom
tranquac:add-prism-fuzzing
Open

Add prism to OSS-Fuzz#15339
tranquac wants to merge 1 commit intogoogle:masterfrom
tranquac:add-prism-fuzzing

Conversation

@tranquac
Copy link
Copy Markdown

@tranquac tranquac commented Apr 11, 2026
edited
Loading

New Project: prism (C library)

Adds continuous fuzzing for https://github.com/ruby/prism by fuzzing libprism directly as a standalone C library, not through the Ruby extension.

This revision addresses feedback from @Earlopain in ruby/prism#4073 who correctly pointed out that prism is also a C library and should be fuzzed at that level.

Fuzz targets

Target Entry point Coverage
fuzz_parse pm_serialize_parse() Full AST parse path — uses upstream fuzz/parse.c
fuzz_lex pm_serialize_lex() Lexer-only path — fuzz_lex.c

Build

ruby templates/template.rb   # generate templated C sources
make static CC=$CC CFLAGS=$CFLAGS   # build libprism.a with sanitizer flags
$CC/$CXX + $LIB_FUZZING_ENGINE      # link harnesses against library

Sanitizers

address, memory (msan — not possible with Ruby extension), undefined

Corpus & dictionary

  • Seed corpus: ~986 Ruby fixture files from test/prism/fixtures/ (all subdirs)
  • Dictionary: fuzz/dict from the project (Ruby keywords, operators, magic tokens)

Build verification

  • build_image
  • build_fuzzers --sanitizer address
  • check_build --sanitizer address
  • Smoke tests: both targets run clean, no crashes

Project maintainer: @kddnewton (Kevin Newton, kddnewton@gmail.com)

@tranquac tranquac mentioned this pull request Apr 11, 2026
Open
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 11, 2026

tranquac is integrating a new project:
- Main repo: https://github.com/ruby/prism
- Criticality score: 0.58048

@tranquac
Add OSS-Fuzz integration for prism (C library)
135f2d5 
Fuzz libprism directly as a standalone C library instead of through
the Ruby extension, enabling memory sanitizer and removing Ruby VM
overhead and workarounds.

Fuzz targets:
- fuzz_parse: pm_serialize_parse() — full AST parse path (uses
  existing fuzz/parse.c from the project)
- fuzz_lex: pm_serialize_lex() — lexer-only path (fuzz_lex.c)

Build: ruby templates/template.rb + make static CC=$CC CFLAGS=$CFLAGS,
then link fuzz/fuzz.c + harness against build/libprism.a.

Sanitizers: address, memory (msan), undefined — all supported since
there is no Ruby VM in the binary.

Seed corpus: ~986 Ruby fixture files from test/prism/fixtures/.
Dictionary: fuzz/dict from the project (Ruby keywords, operators).
@tranquac tranquac force-pushed the add-prism-fuzzing branch from a7da9ac to 135f2d5 Compare April 11, 2026 23:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tranquac