Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I've been experimenting with testing Fleece with fuzzed Fleece data.
In the process, I had to expand the validation of untrusted Fleece data. It seems to be quite complete now. Fuzzing for an extended amount of time does not produce new assert failures or crashes.
I found and fixed the following issues:
nan
floats.ValueSlot::copyValue
does not handle integers and binary data.undefined
value in aDict
causes an incorrect count in deep mutable copies.The problem is that in this line
_source->get(key)
returnsnullptr
for aundefined
value, soValueSlot::setting
is not able to distinguish between a new key and a key with anundefined
value.I'm not sure if my fix is the right approach, though.
The fuzzing function I used is relatively simple. With a more advanced function (e.g. also handling shared keys) it might be possible to discover more issues.
Fuzzing with LLVM's libFuzzer is quite straightforward and could be automated in CI.