New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fuzz testing #2

Closed
mbrubeck opened this Issue Dec 1, 2016 · 2 comments

Comments

Projects
None yet
1 participant
@mbrubeck
Copy link
Owner

mbrubeck commented Dec 1, 2016

Because this crate includes unsafe code, it should be fuzzed to ensure that it is correct for any possible input. The fuzzing can be done with the help of afl.rs.

The fuzzing harness should test that reverse_grapheme_clusters_in_place(s) always produces valid UTF-8 (in debug mode it contains an assertion that will panic otherwise), and that the resulting string is equal to s.graphemes(true).rev().collect::<String>() (using the graphemes method from the unicode-segmentation crate).

@mbrubeck

This comment has been minimized.

Copy link
Owner

mbrubeck commented Dec 1, 2016

I did a small amount of fuzzing with the test program below. After fuzzing for about 7 minutes, it had finished 1M executions and found 126 code paths, with zero hangs or crashes so far.

extern crate afl;
extern crate unicode_segmentation;
extern crate unicode_reverse;

use unicode_segmentation::UnicodeSegmentation;
use unicode_reverse::reverse_grapheme_clusters_in_place;

fn main() {
    afl::handle_string(|mut a| {
        let b: String = a.graphemes(true).rev().collect();
        reverse_grapheme_clusters_in_place(&mut a);
        assert_eq!(a, b);
    });
}
@mbrubeck

This comment has been minimized.

Copy link
Owner

mbrubeck commented Dec 14, 2016

I've spent a couple hours fuzzing with the above harness now, and not found anything new. Closing this issue as resolved, though of course re-fuzzing may be needed if the code changes in the future.

@mbrubeck mbrubeck closed this Dec 14, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment