Closed uncomputable closed 4 weeks ago
diff --git a/src/compile.rs b/src/compile.rs
index c035918..6671fc9 100644
--- a/src/compile.rs
+++ b/src/compile.rs
@@ -434,3 +434,11 @@ impl Match {
ProgNode::comp(&input, &output).with_span(self)
}
}
+
+#[cfg(test)]
+mod tests {
+ #[test]
+ fn fuzz_regression_1() {
+ crate::compile("typef=f").unwrap_err();
+ }
+}
This crashes with an assertion failure
---- compile::tests::fuzz_regression_1 stdout ----
thread 'compile::tests::fuzz_regression_1' panicked at src/parse.rs:764:9:
assertion failed: matches!(pair.as_rule(), Self::RULE)
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
I found this using the following fuzz target
#![no_main]
use libfuzzer_sys::fuzz_target;
fuzz_target!(|data: &[u8]| {
let _ = core::str::from_utf8(data).map(simfony::compile);
});
Which I set up using the instructions for cargo fuzz.
We should check if the compiler can handle malicious inputs and present an error instead of crashing.