Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create simple fuzz tests for CBOR #24

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Create simple fuzz tests for CBOR #24

wants to merge 3 commits into from

Conversation

Kubuxu
Copy link
Contributor

@Kubuxu Kubuxu commented Apr 6, 2018
edited
Loading

To run them:

go get -u github.com/dvyukov/go-fuzz/go-fuzz
go get -u github.com/dvyukov/go-fuzz/go-fuzz-build
# in cbor directory
go-fuzz-build github.com/polydawn/refmt/cbor
go-fuzz -bin=./cbor-fuzz.zip -workdir=fuzz-data # this runs until stopped by Ctrl-C

I have fuzzed it for a bit (and nudged go-fuzz to export valid coverage report).
You can see the results here: https://ipfs.io/ipfs/QmaN4dfViSRD4HYX6KZ7yJfwCNtX1hahtS9C9inMgA3oED/coverage.html#file7

@Kubuxu Kubuxu changed the title Create simple fuzz tests Create simple fuzz tests for CBOR Apr 6, 2018
@Kubuxu
Copy link
Contributor Author

Kubuxu commented Apr 6, 2018
edited
Loading

I've fixed a TODO that was causing the fuzzer to fail most frequently (no range checks for int conversion) but I am unsure how to add tests for it.

Example crashing input "\xc0{\xb30000000"

@Kubuxu
additional corpus
099accc 
created in about 10 min of fuzzing
Coverage of this corpus can be seen here:
https://ipfs.io/ipfs/QmaN4dfViSRD4HYX6KZ7yJfwCNtX1hahtS9C9inMgA3oED/coverage.html#file7
@Kubuxu
Copy link
Contributor Author

Kubuxu commented Apr 6, 2018

WIth the 2e9ba99 fuzzer could not find any more crashers.

@warpfork
Copy link
Member

This is super awesome. I can't wait to merge these fixes as well as the fuzzing!

I'm a doof for not seeing this in the PR queue earlier, and now I've concurrently forged ahead on... big testing refactors, coincidentally :) And that's now made merge conflicts. But I made 'em; so, I'll try to resolve 'em myself too. Hopefully I'll try to get to this this weekend! Thanks for the PR!

@Kubuxu
Copy link
Contributor Author

Kubuxu commented Sep 7, 2018

@warpfork any progress on this?
2e9ba99 is quite critical. The rest can wait.

warpfork pushed a commit that referenced this pull request Sep 9, 2018
@Kubuxu @warpfork
cbor: add range checks for ints
f5ce9bb 
Cherry-picking out of #24
because I still haven't figured out how to integrate those fuzz test
corpuses, but this patch certainly shouldn't wait :)
@warpfork
Copy link
Member

warpfork commented Sep 9, 2018

I cherry-picked 2e9ba99 and it is now f5ce9bb and on master. 🌮

@warpfork warpfork mentioned this pull request Sep 9, 2018
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Kubuxu @warpfork