search

c0dearm / sharks

Fast, small and secure Shamir's Secret Sharing library crate
https://crates.io/crates/sharks
Other
59 stars 12 forks source link

Add Fuzzers #14

Closed zer0x64 closed 4 years ago

zer0x64 commented 4 years ago

I added some fuzzers to the repo, with the general rule that it should not panic or have a memory corruption(this is unlikely, since you don't use any C code or unsafe blocks).

I also made a little change so that the no_std directive is only active when the std feature is not present, as the arbitrary crate used for fuzzing structures needed std. I also believe that makes sense on it's own.

This PR does not fix the bugs right now, but here are the methods that causes a crash right now:

  1. Share::from panics if the input is empty. I should've used a TryFrom instead, but at the same time it might be better to do structured exception before that.
  2. Sharks::recover() panics on some inputs. I haven't took the time to check what causes it.
c0dearm commented 4 years ago

Hi! Thanks for the contribution!

Before merging I would like to test it locally and fix the bugs, and possible include this in the CI pipeline too, so I will push a new commit some day this week :heavy_check_mark:

I am a bit busy these days, so I hope you are not in a hurry!

c0dearm commented 4 years ago

Hey! I found some spare time to fix the issues. If you are fine with them we can merge!

zer0x64 commented 4 years ago

Hey! I just checked the fixes and now none of the fuzzer detects any crashes if I leave them running for a while. That's great!

I think it's ready to merge!