[turborepo] Fuzzing Glob::parse results in panic

[manunio]

What version of Turborepo are you using?

1.10.16

What package manager are you using / does the bug impact?

npm

What operating system are you using?

Linux

Describe the Bug

While Fuzzing Glob::parse locally using cargo-fuzz.

Glob::parse panicked with byte index 1 is not a char boundary; it is inside 'ǚ' (bytes 0..2) of `ǚ`.

Glob::parse: https://github.com/vercel/turbo/blob/a70385bef939fec501071a76d60d2c88f78b4069/crates/turbo-tasks-fs/src/glob.rs#L72

Panicked at: https://github.com/vercel/turbo/blob/a70385bef939fec501071a76d60d2c88f78b4069/crates/turbo-tasks-fs/src/glob.rs#L234

Expected Behavior

Should not panic.

To Reproduce

    #[rstest]
    #[case("ǚ")]
    fn fuzz_glob(#[case] glob: &str) {
        let _ = Glob::parse(glob).unwrap();
    }

❯ cargo test  glob::tests::fuzz_glob::case_1
    Blocking waiting for file lock on build directory
   Compiling turbo-tasks-fs v0.1.0 (/home/maxx/dev/security/oss-fuzz-projects/turbo/crates/turbo-tasks-fs)
    Finished test [unoptimized + debuginfo] target(s) in 7.47s
     Running unittests src/lib.rs (/home/maxx/dev/security/oss-fuzz-projects/turbo/target/debug/deps/turbo_tasks_fs-fc60abfd9b5199c9)

running 1 test
test glob::tests::fuzz_glob::case_1 ... FAILED

failures:

---- glob::tests::fuzz_glob::case_1 stdout ----
thread 'glob::tests::fuzz_glob::case_1' panicked at crates/turbo-tasks-fs/src/glob.rs:234:52:
byte index 1 is not a char boundary; it is inside 'ǚ' (bytes 0..2) of `ǚ`
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

failures:
    glob::tests::fuzz_glob::case_1

test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 55 filtered out; finished in 0.00s

error: test failed, to rerun pass `--lib`

Reproduction Repo

No response

_PACK-2506

[manunio]

Hi @gsoltis would you be interested in Fuzzing turbo at oss-fuzz