search

rust-fuzz / targets

🎯 A collection of fuzzing targets written in Rust.
Creative Commons Zero v1.0 Universal
104 stars 21 forks source link

fuzz minidump crate #94

Closed frewsxcv closed 6 years ago

frewsxcv commented 6 years ago

https://twitter.com/TedMielczarek/status/943922075428941830

I saw the word 'parser' and the fuzzing portion of my brain lit up

Manishearth commented 6 years ago

cc @luser

luser commented 6 years ago

A solid plan. :) The parser itself is probably not the best code, I was pretty new at Rust when I wrote most of it.

luser commented 6 years ago

There's a Minidump::read method that takes anything that implements Read + Seek, so it's pretty easy to stick bytes in a Cursor and parse it. Note that it doesn't parse the whole file with that, just the header and the stream directory. You can call Minidump::get_stream with individual stream types to get them to parse.

frewsxcv commented 6 years ago

i threw together a fuzz target:

#![no_main]

#[macro_use] extern crate libfuzzer_sys;
extern crate minidump;

use minidump::Minidump;
use std::io::Cursor;

fuzz_target!(|data: &[u8]| {
    let cursor = Cursor::new(data);
    minidump::Minidump::read(cursor);
});

though it currently doesn't compile because Minidump::read requires 'static on the single argument. any reason why this needs a static lifetime?

frewsxcv commented 6 years ago

opened a github issue with a couple associated pull requests: https://github.com/luser/rust-minidump/issues/6