Add fuzzing setup for Message::decode
#38
Conversation
wiktor-k
force-pushed
the
add-fuzzing
branch
2 times, most recently
from
00ffbd7 to
52769cb
Compare
|
@kpcyrd Sorry for disturbing you but if you don't mind could you look at this fuzzer setup and see if anything is obviously broken? Thanks in advance! 🙇 and have a nice day! 👋 |
Using unsafe blocks makes the fuzzer use more resources. See: #38 Signed-off-by: Wiktor Kwapisiewicz <[email protected]>
|
Thank you very much for your suggestions @kpcyrd 🙏 |
|
You're welcome :) The way the data-slice-magic works - a slice looks like this in memory: but since the slice itself is also immutable, you can only read from both fields. However, you can create a new slice with identical pointer and length like so (this is a very cheap operation): This slice you then "own" (kinda), you still can't change the data it points to, but you can change the pointer and length. So if you read 5 bytes from your slice, the pointer would be incremented by 5, and the length decremented by 5. The slice acts as a read cursor essentially. :) The The patch looks good to me now. 👍 |
Ha, right. I was aware of the in-memory layout of fat pointers but didn't connect that
Alright. (Un)fortunately I don't control the Decode trait (since it comes from the RustCrypto's crate) and I've come with at different design for my other SSH crate that uses look-ahead parser (similar to programming languages).
Thanks a lot for your time and explanations. I really appreciate them! 🙇 I'll let the PR sit for a couple of days in case the other maintainers feel like commenting and if not merge it. 👋 |
|
Sure, you're welcome! :) |
Co-authored-by: kpcyrd <[email protected]> Signed-off-by: Wiktor Kwapisiewicz <[email protected]>
Using unsafe blocks makes the fuzzer use more resources. See: wiktor-k/ssh-agent-lib#38 Signed-off-by: Wiktor Kwapisiewicz <[email protected]>
See
fuzz/README.mdfor details on how to run it.