Add fuzzing with cargo-fuzz for security testing

[RAprogramm]

Add comprehensive fuzzing infrastructure to detect crashes, panics, and undefined behavior.

Objectives

• Add cargo-fuzz for automated security testing
• Create fuzz targets for all public API methods
• Integrate fuzzing into CI pipeline
• Critical for FFI library safety validation

Why Fuzzing is Critical

FFI libraries like cstring-array involve unsafe code and pointer operations. Fuzzing helps discover:

• Memory safety violations
• Panics in unexpected inputs
• Crashes and undefined behavior
• Integer overflows
• Edge cases not covered by unit tests

Fuzz Targets to Create

fuzz_target_1: new_from_strings

Test CStringArray::new(Vec<String>) with:

• Random string lengths (0-10000 chars)
• Random number of strings (0-10000)
• Random Unicode characters
• Interior null bytes
• Empty strings
• Very long strings

fuzz_target_2: from_cstrings

Test CStringArray::from_cstrings(Vec<CString>) with:

• Random CString vectors
• Empty vectors
• Large vectors (1M+ elements)

fuzz_target_3: pointer_operations

Test pointer access with:

• Random index access via get()
• Iterator operations
• Pointer arithmetic
• Concurrent access patterns

fuzz_target_4: try_from_conversions

Test all TryFrom implementations with:

• Vec<&str>
• Vec
• Arrays of various sizes

Implementation Plan

1. Add cargo-fuzz dependency

# Installed via: cargo install cargo-fuzz

2. Initialize fuzz targets

cargo fuzz init
cargo fuzz add fuzz_new_from_strings
cargo fuzz add fuzz_from_cstrings
cargo fuzz add fuzz_pointer_operations
cargo fuzz add fuzz_try_from

3. Create fuzz targets in fuzz/fuzz_targets/

Example target:

#\![no_main]
use libfuzzer_sys::fuzz_target;
use cstring_array::CStringArray;

fuzz_target\!(|data: &[u8]| {
    if let Ok(s) = std::str::from_utf8(data) {
        let strings = s.split('\n').map(String::from).collect();
        let _ = CStringArray::new(strings);
    }
});

4. Add CI workflow (.github/workflows/fuzz.yml)

name: Fuzzing

on:
  schedule:
    - cron: '0 2 * * *'
  workflow_dispatch:

permissions:
  contents: read

jobs:
  fuzz:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        target: [fuzz_new_from_strings, fuzz_from_cstrings, fuzz_pointer_operations, fuzz_try_from]
    steps:
      - uses: actions/checkout@v4
      - name: Install Rust nightly
        uses: dtolnay/rust-toolchain@nightly
      - name: Install cargo-fuzz
        run: cargo install cargo-fuzz
      - name: Run fuzzer
        run: cargo fuzz run ${{ matrix.target }} -- -max_total_time=300
      - name: Upload crash artifacts
        if: failure()
        uses: actions/upload-artifact@v4
        with:
          name: fuzz-artifacts-${{ matrix.target }}
          path: fuzz/artifacts/

Benefits

• Security: Discover memory safety issues before production
• Robustness: Find edge cases unit tests miss
• Confidence: Millions of random inputs validate correctness
• Industry Standard: Required for security-critical libraries
• FFI Safety: Critical for unsafe code validation
• Professional: Shows commitment to quality

Success Criteria

• All fuzz targets run without crashes for 5+ minutes
• CI runs fuzz tests daily
• Artifacts uploaded on crashes
• Documentation includes fuzzing instructions
• REUSE 3.3 compliant

References

• cargo-fuzz: https://rust-fuzz.github.io/book/cargo-fuzz.html
• libFuzzer: https://llvm.org/docs/LibFuzzer.html
• Rust Fuzz Book: https://rust-fuzz.github.io/book/