Closed m-esposito closed 3 months ago
https://rust-fuzz.github.io/book/cargo-fuzz/setup.html
Once you do:
rustup install nightly cargo install cargo-fuzz cargo +nightly fuzz run fuzz_target_1
You can see it will quickly create tons of inputs that will panic the library.
thread '<unnamed>' panicked at /home/matt/zero-packet/src/packet/parser.rs:100:54: range start index 52 out of range for slice of length 50
https://github.com/J-Schoepplenberg/zero-packet/blob/main/src/packet/parser.rs#L99-L104 Base64: CAAAAABuAABAQAAICABOADIAAAAAAAABLS8uLy8vLy8vfi8vLy8vLy8vLy8vLwAAAv7+/v7+/gAA/gBAAAAAABAAAAE=
CAAAAABuAABAQAAICABOADIAAAAAAAABLS8uLy8vLy8vfi8vLy8vLy8vLy8vLwAAAv7+/v7+/gAA/gBAAAAAABAAAAE=
This specific error is easily fixable with a well-placed
if header_len > data.len() { return Err("Invalid length!") }
but it's good practice to have a fuzzer nonetheless
Well spotted.
J-Schoepplenberg
commented
3 months ago J-Schoepplenberg
commented
3 months ago
https://rust-fuzz.github.io/book/cargo-fuzz/setup.html
Once you do:
You can see it will quickly create tons of inputs that will panic the library.
https://github.com/J-Schoepplenberg/zero-packet/blob/main/src/packet/parser.rs#L99-L104 Base64:
CAAAAABuAABAQAAICABOADIAAAAAAAABLS8uLy8vLy8vfi8vLy8vLy8vLy8vLwAAAv7+/v7+/gAA/gBAAAAAABAAAAE=This specific error is easily fixable with a well-placed
but it's good practice to have a fuzzer nonetheless