Open koivunej opened 3 years ago
interledger_packet::packet::fuzzed::fuzzed_0_trailing_bytes
Just realized that there are existing test cases in crates/interledger-packet/src/packet.rs
which would suggest that supporting additional trailer bytes is a feature. The tests are inside multiple aspect testing test_try_from
named #[test]
fns. If this is per the RFCs then the fuzzing target should be fixed and the test removed. I can't really see why this should be supported however and there are no comments on the topic either.
Removed the security
label because the above linked PRs haven't contained any security fixes, or even large mallocs, only strictness, or roundtrippability changes.
Strictness: #707, #710, #715, #716 Roundtrippability: #719, #720
The #720 highlights a possible correctness issue with the parsing of leap seconds on every date which should be further investigated.
The corpus files after minimization in interledger-packet
:
$ du -h fuzz/corpus/
492K fuzz/corpus/packet
436K fuzz/corpus/address
932K fuzz/corpus/
btp is around 820K, stream is 724K, ccp is 828K in total. Would probably be great to push them into the repo, have the CI run 100_000 runs of each for good measure or -max_total_time=1s
which must be the cputime of the fuzz_target.
693 introduced fuzzing targets to some crates and in the interest of avoiding forever lasting PRs, I didn't fix all of the found issues. Current status at the end of the PR is:
Other crates have not been fuzzed.
~One obvious fix which isn't implemented yet is matching the
interledger-packet
datetime string against a regex before askingchrono
to parse it incrates/interledger-packet/src/packet.rs
. This fix would be similar to what was done for the variable length btp timestamp in e6f21c9b486b8397e0d0a961a2148646ff1f987b.~ Done in #707.#[ignore]
'd test cases:interledger_packet::packet::fuzzed::fuzzed_0_trailing_bytes
(see https://github.com/interledger-rs/interledger-rs/issues/705#issuecomment-814876557)interledger_stream::packet::fuzzed
two casesMarking this as good-first-issue as with any hand-written parsing code, there are most likely issues still to be discovered even after fixing the
#[ignore]
test cases. Mentoring is available by pinging me or anyone who recently contributed to the repository. As there are many things to do, it might be best to avoid huge PRs like I ended up doing and tackling one issue at a time.