search

mindeng / nom-exif

Exif/metadata parsing library written in pure Rust, both image (jpeg/heif/heic/jpg/tiff etc.) and video/audio (mov/mp4/3gp/webm/mkv/mka, etc.) files are supported.
https://crates.io/crates/nom-exif
MIT License
43 stars 6 forks source link

feat(fuzz): add afl-based fuzzing #5

Closed sigaloid closed 2 months ago

sigaloid commented 2 months ago

Fuzzing is important for any parser that strives to be panic-free!

sigaloid commented 2 months ago

image

In just 10 seconds it found a ton of crashes! I won't file an issue for these as you, the maintainer, knows best what's truly an issue. But here's how to reproduce this:

cargo install cargo-afl
cd afl-fuzz/
cargo afl build --release
cargo afl fuzz -i ../testdata/ -o out target/release/afl-fuzz

(Your testdata directory is really great for seeding the fuzzer - initial states drastically improve the odds of the fuzzer finding a crash!)

Then as it finds more crashes, they will appear in out/default/crashes/*. You can reproduce an individual one and find the exact panic message like so:

cargo afl run ./target/release/afl-fuzz < out/default/crashes/[CRASH_INPUT]
mindeng commented 2 months ago

Great! I will run the fuzzing test and fix the crash issues.

Thank you very much!