From 04776e9522821b64b9b07a10439e120407711c7e Mon Sep 17 00:00:00 2001 From: DavidKorczynski Date: Sat, 10 Apr 2021 16:43:59 +0100 Subject: [PATCH] Initial fuzzer set up. (#478) --- fuzz/Cargo.toml | 22 ++++++++++++++++++++++ fuzz/src/fuzz_http.rs | 27 +++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 fuzz/Cargo.toml create mode 100644 fuzz/src/fuzz_http.rs diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml new file mode 100644 index 0000000..b49af1b --- /dev/null +++ b/fuzz/Cargo.toml @@ -0,0 +1,22 @@ +[package] +name = "http-fuzz" +version = "0.0.0" +authors = ["David Korczynski "] +publish = false +edition = "2018" + +[package.metadata] +cargo-fuzz = true + +[dependencies] +arbitrary = { version = "1", features = ["derive"] } +libfuzzer-sys = { version = "0.4.0", features = ["arbitrary-derive"] } + +[dependencies.http] +path = ".." + +[[bin]] +name = "fuzz_http" +path = "src/fuzz_http.rs" + +[workspace] diff --git a/fuzz/src/fuzz_http.rs b/fuzz/src/fuzz_http.rs new file mode 100644 index 0000000..49994db --- /dev/null +++ b/fuzz/src/fuzz_http.rs @@ -0,0 +1,27 @@ +#![no_main] + +use http::Request; +use http::Response; +use http::StatusCode; +use libfuzzer_sys::arbitrary::Arbitrary; +use libfuzzer_sys::fuzz_target; + +#[derive(Debug, Arbitrary)] +struct HttpSpec { + uri: Vec, + header_name: Vec, + header_value: Vec, + status_codes: Vec, +} + +fuzz_target!(|inp: HttpSpec| { + let _ = Request::builder() + .uri(&inp.uri[..]) + .header(&inp.header_name[..], &inp.header_value[..]) + .body(()); + + let _ = Response::builder() + .header(&inp.header_name[..], &inp.header_value[..]) + .body(()); + let _ = StatusCode::from_bytes(&inp.status_codes[..]); +});