1#!/usr/bin/python3 2 3# Copyright 2021 Google LLC 4# 5# Licensed under the Apache License, Version 2.0 (the "License"); 6# you may not use this file except in compliance with the License. 7# You may obtain a copy of the License at 8# 9# http://www.apache.org/licenses/LICENSE-2.0 10# 11# Unless required by applicable law or agreed to in writing, software 12# distributed under the License is distributed on an "AS IS" BASIS, 13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14# See the License for the specific language governing permissions and 15# limitations under the License. 16 17import sys 18import atheris 19 20with atheris.instrument_imports(): 21 import sqlalchemy 22 from sqlalchemy import create_engine 23 from sqlalchemy import Table, Column, Integer, String, MetaData 24 from sqlalchemy.sql import text 25 26@atheris.instrument_func 27def TestOneInput(input_bytes): 28 try: 29 sql_string = input_bytes.decode("utf-8") 30 metadata = MetaData() 31 fuzz_table = Table('fuzz_table', metadata, 32 Column('id', Integer, primary_key=True), 33 Column('column1', String), 34 Column('column2', String), 35 ) 36 37 engine = create_engine('sqlite:///fuzz.db') 38 metadata.create_all(engine) 39 statement = text(sql_string) 40 with engine.connect() as conn: 41 conn.execute(statement) 42 except Exception as e: 43 pass 44 45 46def main(): 47 atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) 48 atheris.Fuzz() 49 50 51if __name__ == "__main__": 52 main() 53