From 9f78c64628235c02e99b2d59867ef4daeadc5e89 Mon Sep 17 00:00:00 2001 From: bstrie <865233+bstrie@users.noreply.github.com> Date: Thu, 24 Feb 2022 09:44:38 -0500 Subject: [PATCH] ci(x509): smoke test x509 via fuzzing This adds fuzzing targets to the x509 crate that make use of libfuzzer (via cargo-fuzz) to fuzz types whose parsers are expected to be exposed to untrusted inputs: x509::request::{CertReq, CertReqInfo}. On their own, the fuzzing targets can be run manually via `cargo fuzz run `. Anyone hunting for parser bugs in this crate needs only to fire up the fuzzer and let it run for as long as they like. This commit also adds a CI action that runs each fuzzer for 30 seconds. This action serves as a smoke test to provide a basic degree of confidence in the quality of any PR that touches this crate. --- .github/workflows/x509.yml | 14 ++++++++++++++ x509/fuzz/.gitignore | 4 ++++ x509/fuzz/Cargo.toml | 17 +++++++++++++++++ x509/fuzz/inputs/rsa2048-csr.der | Bin 0 -> 781 bytes x509/fuzz/src/bin/certreq.rs | 8 ++++++++ x509/fuzz/src/bin/certreqinfo.rs | 8 ++++++++ 6 files changed, 51 insertions(+) create mode 100644 x509/fuzz/.gitignore create mode 100644 x509/fuzz/Cargo.toml create mode 100644 x509/fuzz/inputs/rsa2048-csr.der create mode 100644 x509/fuzz/src/bin/certreq.rs create mode 100644 x509/fuzz/src/bin/certreqinfo.rs diff --git a/.github/workflows/x509.yml b/.github/workflows/x509.yml index 7a24fbfc4..f818d1a72 100644 --- a/.github/workflows/x509.yml +++ b/.github/workflows/x509.yml @@ -64,3 +64,17 @@ jobs: override: true - uses: RustCrypto/actions/cargo-hack-install@master - run: cargo hack test --feature-powerset + + fuzz: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: RustCrypto/actions/cargo-cache@master + - uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: nightly + override: true + - run: cargo install cargo-fuzz + - run: cargo fuzz run certreq -- -max_total_time=30 -seed_inputs="fuzz/inputs/rsa2048-csr.der" + - run: cargo fuzz run certreqinfo -- -max_total_time=30 diff --git a/x509/fuzz/.gitignore b/x509/fuzz/.gitignore new file mode 100644 index 000000000..b9659e613 --- /dev/null +++ b/x509/fuzz/.gitignore @@ -0,0 +1,4 @@ +target +corpus +artifacts +Cargo.lock diff --git a/x509/fuzz/Cargo.toml b/x509/fuzz/Cargo.toml new file mode 100644 index 000000000..2bea670ce --- /dev/null +++ b/x509/fuzz/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "x509-fuzz" +version = "0.0.0" +authors = ["RustCrypto Developers"] +publish = false +edition = "2021" + +[package.metadata] +cargo-fuzz = true + +[dependencies] +libfuzzer-sys = "0.4" +x509 = { path = ".." } + +# Prevents this crate from interfering with the workspace +[workspace] +members = ["."] diff --git a/x509/fuzz/inputs/rsa2048-csr.der b/x509/fuzz/inputs/rsa2048-csr.der new file mode 100644 index 0000000000000000000000000000000000000000..31c9e225abb712069cf0a8525d770af9da45397e GIT binary patch literal 781 zcmXqLV&*hxV*JR&$Y79SC}JSQ#vIDR%)^~pk(gVMld6}Tp9>RZ=i&CrFII5OOHa*7 zEjAQ35Co~^;Nfyk%*jm4FUreIgem3X;dX@>px~L8Y{+fE2~x@?%oG|7v`oo>myJ`a z&7OBoQtW6k&$74M&sa8PctxH1G&Mp1c4Lxz<*7NO-FxZBF zENtogdVGPCjN9+4>Pxt`?8=_IF)Jii?tGqBnDO3*NWWcP|DMYyKfD}%%x{+cw;kqg zD_Rd1e-5f_e{yKc`uZnVUWqxx#ffUf-n3}4TG*#%vg=<n* z^oHYwVQ2oC3Cphic#!i@lV#C|^@@w*P5UaESq>cUo+@s6Q-1aT3so!5`e&A8+wyIR zD9QYJdA|SN*$_!#C-o?_ZjK%kI<_eEXxd?|%B4Q!fjolw9_mYAA@UIW%e4%?%2SPr~({ zOxn;=e06=~ndZ9-@5N|;DfnCAGL@ZcPSlTAvm6o*-adLHljp?!+@PM&8+s=X+&6IB zed>9Lg6j2m;_MwK519z7Gi!1gu2E-r8f+QKq;~ab)0@P$8A)aHZ$!I(YX5&XcdNn7 zSi_&bwK{6=?L8JY9cIcoHsf>Ca(yYm$HzLS8id|DaR2qovm297S$($u