Open junr03 opened 3 years ago
Thanks for all your time @asraa. I captured here my initial thoughts and all the notes (both yours and mine) from our offline meeting earlier today. Thanks again for your time, it was super helpful.
I will discuss internally with my team. But my initial thought on project ordering is as listed above.
Let me know what you think.
@junr03 I think targeting a simply initial use case is definitely the way to go. You mention inputs to utility classes as a possibility, and I'd propose we just pick one and go with that, both to start getting infrastructure in place and learn whatever else we don't know along the way.
Filter fuzzing also sounds compelling, and the PBF especially seems like a prime target for it.
We should hold off on dispatcher/client fuzzing work until https://github.com/envoyproxy/envoy-mobile/pull/1272 lands, but I actually think it will probably make it easier to fuzz this area once the split is in place, since dispatch won't necessarily need to be part of the mix.
We should hold off on dispatcher/client fuzzing work until #1272 lands, but I actually think it will probably make it easier to fuzz this area once the split is in place, since dispatch won't necessarily need to be part of the mix.
Agreed. I mostly used the historical name here just for ordering consistency. I totally agree that once the event concerns are out of the new Http::Client, it will be easier/cleaner to fuzz.
All sounds good to me!
BTW it looks like you are pulling in Envoy's bazel macros, so that will make things pretty easy! We pull in this dependency https://github.com/bazelbuild/rules_fuzzing. As long as you use envoy_cc_fuzz_macro
, then the configs in .bazelrc added in this PR https://github.com/envoyproxy/envoy/pull/14834/files will enable a pretty seamless build for locally running fuzzers and building for OSS-Fuzz.
This issue discusses avenues for leveraging fuzz testing in Envoy Mobile.
Potential Areas for Fuzzing:
sendXXX
on the request path, andonXXX
on the response path. Structure Aware fuzzing could help with detecting potential edge cases in API ordering, much like the Codec Fuzzer in upstream envoy. Some things to consider:test/common/integration/dispatcher_integration_test.cc
test cases.Project Ordering
Long term
Additional Information
The following examples were generously provided by @asraa. Any mistakes are mine.
False positives issues (beware these, or be prepared to handle these sorts of issues):