cbor: create simple fuzz tests and add intial corpus

Kubuxu · Kubuxu · commit 5706d9fdf988 · 2018-04-06T18:39:51.000+02:00
diff --git a/cbor/.gitignore b/cbor/.gitignore
@@ -0,0 +1 @@
+cbor-fuzz.zip
diff --git a/cbor/cborFixtures_test.go b/cbor/cborFixtures_test.go
@@ -4,6 +4,8 @@ import (
 	"bytes"
 	"encoding/base64"
 	"fmt"
+	"io/ioutil"
+	"testing"
 
 	. "github.com/polydawn/refmt/tok"
 	"github.com/polydawn/refmt/tok/fixtures"
@@ -31,6 +33,21 @@ func deB64(s string) []byte {
 	return bs
 }
 
+func TestExportFixtures(t *testing.T) {
+	t.SkipNow()
+	for i, fix := range cborFixtures {
+		if fix.encodeResult != nil || fix.decodeResult != nil {
+			continue
+		}
+
+		err := ioutil.WriteFile(fmt.Sprintf("fuzz-data/corpus/%d", i), fix.serial, 0666)
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+
+}
+
 var inapplicable = fmt.Errorf("skipme: inapplicable")
 
 var cborFixtures = []struct {
diff --git a/cbor/cbor_fuzz.go b/cbor/cbor_fuzz.go
@@ -0,0 +1,44 @@
+// +build gofuzz
+
+package cbor
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/polydawn/refmt/shared"
+)
+
+func Fuzz(data []byte) int {
+	dec := NewDecoder(bytes.NewReader(data))
+	buf := &bytes.Buffer{}
+
+	// Run it once to sanitize
+	pump := shared.TokenPump{dec, NewEncoder(buf)}
+	err := pump.Run()
+	if err != nil {
+		return 0
+	}
+
+	// Run second loop to check stability
+	sanitized := buf.Bytes()
+	dec = NewDecoder(bytes.NewReader(sanitized))
+	buf = &bytes.Buffer{}
+	pump = shared.TokenPump{dec, NewEncoder(buf)}
+	err = pump.Run()
+	if err != nil {
+		fmt.Printf("input: %v, sanitized: %v", data, sanitized)
+		panic("sanitised failed to prase: " + err.Error())
+	}
+
+	out := buf.Bytes()
+	if !bytes.Equal(out, sanitized) {
+		fmt.Printf("santized: %v, output: %v\n", sanitized, out)
+		panic("looping data failed")
+	}
+
+	if len(out) == len(data) {
+		return 2
+	}
+	return 1
+}
diff --git a/cbor/fuzz-data/.gitignore b/cbor/fuzz-data/.gitignore
@@ -0,0 +1,4 @@
+*
+!.gitignore
+!corpus
+!corpus/*
diff --git a/cbor/fuzz-data/corpus/0 b/cbor/fuzz-data/corpus/0
@@ -0,0 +1 @@
+evalue
diff --git a/cbor/fuzz-data/corpus/10 b/cbor/fuzz-data/corpus/10
@@ -0,0 +1 @@
+�
diff --git a/cbor/fuzz-data/corpus/11 b/cbor/fuzz-data/corpus/11
@@ -0,0 +1 @@
+��
diff --git a/cbor/fuzz-data/corpus/12 b/cbor/fuzz-data/corpus/12
@@ -0,0 +1 @@
+�evalue
diff --git a/cbor/fuzz-data/corpus/13 b/cbor/fuzz-data/corpus/13
@@ -0,0 +1 @@
+�evalue�
diff --git a/cbor/fuzz-data/corpus/15 b/cbor/fuzz-data/corpus/15
@@ -0,0 +1 @@
+�evaluebv2
diff --git a/cbor/fuzz-data/corpus/16 b/cbor/fuzz-data/corpus/16
@@ -0,0 +1 @@
+�evaluebv2�
diff --git a/cbor/fuzz-data/corpus/17 b/cbor/fuzz-data/corpus/17
@@ -0,0 +1 @@
+�bk1bv1bke�bohdwheecwow��
diff --git a/cbor/fuzz-data/corpus/18 b/cbor/fuzz-data/corpus/18
@@ -0,0 +1 @@
+�bke�bohdwheecwow�bk1bv1�
diff --git a/cbor/fuzz-data/corpus/19 b/cbor/fuzz-data/corpus/19
@@ -0,0 +1 @@
+��akavdwhee�bk1bv1
diff --git a/cbor/fuzz-data/corpus/20 b/cbor/fuzz-data/corpus/20
@@ -0,0 +1 @@
+��akav�dwhee�bk1bv1��
diff --git a/cbor/fuzz-data/corpus/21 b/cbor/fuzz-data/corpus/21
@@ -0,0 +1 @@
+���
diff --git a/cbor/fuzz-data/corpus/22 b/cbor/fuzz-data/corpus/22
@@ -0,0 +1 @@
+������
diff --git a/cbor/fuzz-data/corpus/23 b/cbor/fuzz-data/corpus/23
@@ -0,0 +1 @@
+�ak�bk2bv2
diff --git a/cbor/fuzz-data/corpus/24 b/cbor/fuzz-data/corpus/24
@@ -0,0 +1 @@
+�ak�bk2bv2��
diff --git a/cbor/fuzz-data/corpus/25 b/cbor/fuzz-data/corpus/25
@@ -0,0 +1 @@
+�
diff --git a/cbor/fuzz-data/corpus/26 b/cbor/fuzz-data/corpus/26
@@ -0,0 +1 @@
+��
diff --git a/cbor/fuzz-data/corpus/28 b/cbor/fuzz-data/corpus/28
@@ -0,0 +1 @@
+�ak�
diff --git a/cbor/fuzz-data/corpus/29 b/cbor/fuzz-data/corpus/29
@@ -0,0 +1 @@
+�ak��
diff --git a/cbor/fuzz-data/corpus/3 b/cbor/fuzz-data/corpus/3
@@ -0,0 +1,2 @@
+qstr
+broken	tabbed
diff --git a/cbor/fuzz-data/corpus/30 b/cbor/fuzz-data/corpus/30
@@ -0,0 +1 @@
+���
diff --git a/cbor/fuzz-data/corpus/33 b/cbor/fuzz-data/corpus/33
diff --git a/cbor/fuzz-data/corpus/35 b/cbor/fuzz-data/corpus/35
@@ -0,0 +1 @@
+
diff --git a/cbor/fuzz-data/corpus/36 b/cbor/fuzz-data/corpus/36
@@ -0,0 +1 @@
+ 
diff --git a/cbor/fuzz-data/corpus/37 b/cbor/fuzz-data/corpus/37
@@ -0,0 +1 @@
+8c
diff --git a/cbor/fuzz-data/corpus/39 b/cbor/fuzz-data/corpus/39
diff --git a/cbor/fuzz-data/corpus/4 b/cbor/fuzz-data/corpus/4
@@ -0,0 +1 @@
+�
diff --git a/cbor/fuzz-data/corpus/40 b/cbor/fuzz-data/corpus/40
diff --git a/cbor/fuzz-data/corpus/41 b/cbor/fuzz-data/corpus/41
@@ -0,0 +1 @@
+Evalue
diff --git a/cbor/fuzz-data/corpus/44 b/cbor/fuzz-data/corpus/44
diff --git a/cbor/fuzz-data/corpus/45 b/cbor/fuzz-data/corpus/45
@@ -0,0 +1 @@
+�2�akav
diff --git a/cbor/fuzz-data/corpus/46 b/cbor/fuzz-data/corpus/46
@@ -0,0 +1 @@
+�2ewahoo
diff --git a/cbor/fuzz-data/corpus/47 b/cbor/fuzz-data/corpus/47
@@ -0,0 +1 @@
+��(��2c500
diff --git a/cbor/fuzz-data/corpus/48 b/cbor/fuzz-data/corpus/48
@@ -0,0 +1 @@
+�bk1�2c500bk2huntaggedbk3�<c600bk4��2dasdf�2dqwerbk5�2c505
diff --git a/cbor/fuzz-data/corpus/5 b/cbor/fuzz-data/corpus/5
@@ -0,0 +1 @@
+��
diff --git a/cbor/fuzz-data/corpus/6 b/cbor/fuzz-data/corpus/6
@@ -0,0 +1 @@
+�ckeyevalue
diff --git a/cbor/fuzz-data/corpus/7 b/cbor/fuzz-data/corpus/7
@@ -0,0 +1 @@
+�ckeyevalue�
diff --git a/cbor/fuzz-data/corpus/8 b/cbor/fuzz-data/corpus/8
@@ -0,0 +1 @@
+�ckeyevaluebk2bv2
diff --git a/cbor/fuzz-data/corpus/9 b/cbor/fuzz-data/corpus/9
@@ -0,0 +1 @@
+�ckeyevaluebk2bv2�

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +*
 +!.gitignore
 +!corpus
 +!corpus/*