Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fuzz: server config validation fuzz test. #3770

Merged
merged 5 commits into from Jul 15, 2018
Merged

fuzz: server config validation fuzz test. #3770

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
43f8819
fuzz: server config validation fuzz test.
anirudhmurali Jun 25, 2018
d63ea00
addressed failing tests
anirudhmurali Jul 9, 2018
1582e87
cleaned up headers and deps
anirudhmurali Jul 10, 2018
37de6b2
fixed tsan failures + added envoy_all_extensions()
anirudhmurali Jul 12, 2018
39b6234
addressed comments
anirudhmurali Jul 12, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
30 changes: 29 additions & 1 deletion test/server/config_validation/BUILD
View file
Open in desktop
@@ -1,6 +1,17 @@
licenses(["notice"]) # Apache 2

load("//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package")
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_fuzz_test",
"envoy_cc_test",
"envoy_cc_test_library",
"envoy_package",
"envoy_select_hot_restart",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A number of these are unnecessary; you only added a envoy_cc_fuzz_test target, so this should be the only new one needed.

)
load(
"//source/extensions:all_extensions.bzl",
"envoy_all_extensions",
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unused.


envoy_package()

Expand Down Expand Up @@ -71,3 +82,20 @@ envoy_cc_test(
"//test/test_common:network_utility_lib",
],
)

envoy_cc_fuzz_test(
name = "config_fuzz_test",
srcs = ["config_fuzz_test.cc"],
corpus = "config_corpus",
deps = [
"//source/common/thread_local:thread_local_lib",
"//source/server:server_lib",
"//test/integration:integration_lib",
"//test/mocks/server:server_mocks",
"//test/mocks/stats:stats_mocks",
"//source/server:configuration_lib",
"//source/server/config_validation:server_lib",
"//source/server:options_lib",
"//test/test_common:environment_lib",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general, these deps should reflect the headers in config_fuzz_test.cc; can you clean this up?

] + envoy_all_extensions(),
)
150 changes: 150 additions & 0 deletions test/server/config_validation/config_corpus/google_com_proxy.v2.pb_text
View file
Open in desktop
@@ -0,0 +1,150 @@
static_resources {
listeners {
name: "listener_0"
address {
socket_address {
address: "0.0.0.0"
port_value: 0
}
}
filter_chains {
filters {
name: "envoy.http_connection_manager"
config {
fields {
key: "http_filters"
value {
list_value {
values {
struct_value {
fields {
key: "name"
value {
string_value: "envoy.router"
}
}
}
}
}
}
}
fields {
key: "route_config"
value {
struct_value {
fields {
key: "name"
value {
string_value: "local_route"
}
}
fields {
key: "virtual_hosts"
value {
list_value {
values {
struct_value {
fields {
key: "domains"
value {
list_value {
values {
string_value: "*"
}
}
}
}
fields {
key: "name"
value {
string_value: "local_service"
}
}
fields {
key: "routes"
value {
list_value {
values {
struct_value {
fields {
key: "match"
value {
struct_value {
fields {
key: "prefix"
value {
string_value: "/"
}
}
}
}
}
fields {
key: "route"
value {
struct_value {
fields {
key: "cluster"
value {
string_value: "service_google"
}
}
fields {
key: "host_rewrite"
value {
string_value: "www.google.com"
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
fields {
key: "stat_prefix"
value {
string_value: "ingress_http"
}
}
}
}
}
}
clusters {
name: "service_google"
type: LOGICAL_DNS
connect_timeout {
nanos: 250000000
}
hosts {
socket_address {
address: "google.com"
port_value: 0
}
}
tls_context {
sni: "www.google.com"
}
dns_lookup_family: V4_ONLY
}
}
admin {
access_log_path: "/tmp/admin_access.log"
address {
socket_address {
address: "127.0.0.1"
port_value: 0
}
}
}
46 changes: 46 additions & 0 deletions test/server/config_validation/config_fuzz_test.cc
View file
Open in desktop
@@ -0,0 +1,46 @@
#include <fstream>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a comment to this file explaining that it is derived from //test/server:server_fuzz_test.cc and the substantive difference.


#include "envoy/config/bootstrap/v2/bootstrap.pb.h"
#include "envoy/config/bootstrap/v2/bootstrap.pb.validate.h"

#include "common/network/address_impl.h"
#include "common/thread_local/thread_local_impl.h"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this needed below?


#include "server/config_validation/server.h"
#include "server/drain_manager_impl.h"
#include "server/hot_restart_nop_impl.h"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think a bunch of these headers aren't needed either; they are vestigial from parts that were removed in server_fuzz_test.

#include "server/options_impl.h"
#include "server/server.h"
#include "server/test_hooks.h"

#include "test/fuzz/fuzz_runner.h"
#include "test/integration/server.h"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this needed below?

#include "test/mocks/server/mocks.h"
#include "test/mocks/stats/mocks.h"
#include "test/test_common/environment.h"

namespace Envoy {
namespace Server {

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Remove this empty line.

DEFINE_PROTO_FUZZER(const envoy::config::bootstrap::v2::Bootstrap& input) {
testing::NiceMock<MockOptions> options;
TestComponentFactory component_factory;
Thread::MutexBasicLockable access_log_lock;
Stats::IsolatedStoreImpl stats_store;

const std::string bootstrap_path = TestEnvironment::temporaryPath("bootstrap.pb_text");
std::ofstream bootstrap_file(bootstrap_path);
bootstrap_file << input.DebugString();
options.config_path_ = bootstrap_path;
options.v2_config_only_ = true;
try {
ValidationInstance server(options,
std::make_shared<Network::Address::Ipv4Instance>("127.0.0.1"),
stats_store, access_log_lock, component_factory);
} catch (const EnvoyException& ex) {
ENVOY_LOG_MISC(debug, "Controlled EnvoyException exit: {}", ex.what());
}
}

} // namespace Server
} // namespace Envoy