Closed cpuschma closed 1 year ago
Bug : v3/fuzz_test.go in this you need to change the names.
To: FuzzParseDNv3
, FuzzDecodeEscapedSymbolsv3
, FuzzEscapeDNv3
.
also in fuzz_test.go To: FuzzParseDNv0
, FuzzDecodeEscapedSymbolsv0
, FuzzEscapeDNv0
.
And then in build.sh need to be updated.
Oh you already opened the PR, alright. Thank you! I was about to remove the mirroring and separate this into a new PR, since the v3 and root directory are out of sync anyways.
Odd, so with the current code, the following works
go test -v -fuzz ^'FuzzParseDNv0$' .
But this returns testing: warning: no fuzz tests to fuzz
go test -v -fuzz '^FuzzParseDNv3$' .
Is this module related?
EDIT: Ah, so if I cd into v3
and run the fuzzer it works.
Note, after the changes the following had reasonable memory consumption (< 2 GB combined) when fuzzing across 10 cores.
go test -v -fuzz ^'FuzzParseDNv0$' .
(cd v3 && go test -v -fuzz '^FuzzParseDNv3$' .)
v3
was created back when Go Modules weren't a thing. Since then, both the root and v3 directory have been mostly in sync to not break any backwards compatibility. Imo, this is obsolete, since the oldest version we support is Go 1.14 anyways, which already had Go Module integrated.
To get things moving: I'll remove the part where I mirrored the fuzz_test.go
into v3 so that the CI runs successfully. As noted in another PR to John Weldon, both directories are out of sync and as mentioned, maybe it's time to remove this duplicate (version older than Go 1.14 won't compile anyway due to a missing dependency).
EDIT: Ah, so if I cd into
v3
and run the fuzzer it works.
v3
is a different module, so you have to pushd
and popd
.
See the discussion in #460. The fuzzing might crash in certain environments because of the high
ber.MaxPacketLengthBytes
size of 2147483647 bytes (2.1 GB).This change limits the maximum ASN1 BER packet size to 65KB, which should be sufficient for the fuzzer. We'll look into providing custom encoders/decoders to allow setting a limit without breaking things globally, as the configuration is package-wide.
Additionally, the fuzz_test.go file was missing in the v3 directory. This slipped through in the initial PR