CBOR fuzzing#7839
Merged
achamayou merged 7 commits intomicrosoft:mainfrom Apr 28, 2026
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a libFuzzer target for the CBOR parser/serializer, plus a seed corpus and CI execution to continuously exercise CBOR decoding/encoding paths in src/crypto/.
Changes:
- Introduce
cbor_fuzz_testfuzz target (LLVMFuzzerTestOneInput) which parses CBOR then round-trips serialize/parse/serialize. - Add a set of seed CBOR corpus inputs under
src/crypto/test/cbor_fuzz_corpus/. - Add CMake/CI plumbing to build and run the fuzz target when
-DFUZZING=ON.
Reviewed changes
Copilot reviewed 41 out of 48 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/crypto/test/cbor_fuzz.cpp | New libFuzzer harness for CBOR parse/serialize/to_string round-trips. |
| cmake/preproject.cmake | Adds FUZZING option and blocks FUZZING+TSAN. |
| cmake/common.cmake | Adds add_fuzz_test() wrapper to build fuzz executables with libFuzzer flags. |
| CMakeLists.txt | Adds cbor_fuzz_test target under BUILD_TESTS when FUZZING is enabled. |
| .github/workflows/long-test.yml | Builds and runs cbor_fuzz_test for a short time in CI, seeded from corpus dir. |
| src/crypto/test/cbor_fuzz_corpus/array123 | Seed CBOR corpus entry (array sample). |
| src/crypto/test/cbor_fuzz_corpus/array_of_maps | Seed CBOR corpus entry (array-of-maps sample). |
| src/crypto/test/cbor_fuzz_corpus/array_with_map | Seed CBOR corpus entry (array-with-map sample). |
| src/crypto/test/cbor_fuzz_corpus/bstr_hello | Seed CBOR corpus entry (byte-string “hello”). |
| src/crypto/test/cbor_fuzz_corpus/complex_array_map | Seed CBOR corpus entry (mixed complex structure). |
| src/crypto/test/cbor_fuzz_corpus/cose_receipt | Seed CBOR corpus entry (COSE receipt-shaped CBOR). |
| src/crypto/test/cbor_fuzz_corpus/cose_sign1_detached | Seed CBOR corpus entry (COSE_Sign1 detached payload shape). |
| src/crypto/test/cbor_fuzz_corpus/cose_sign1_flat | Seed CBOR corpus entry (COSE_Sign1 flat shape). |
| src/crypto/test/cbor_fuzz_corpus/cose_sign1_nested | Seed CBOR corpus entry (COSE_Sign1 nested shape). |
| src/crypto/test/cbor_fuzz_corpus/deeply_nested_array | Seed CBOR corpus entry (nested arrays). |
| src/crypto/test/cbor_fuzz_corpus/empty | Seed CBOR corpus entry (empty input). |
| src/crypto/test/cbor_fuzz_corpus/empty_array | Seed CBOR corpus entry (empty array). |
| src/crypto/test/cbor_fuzz_corpus/empty_bytes | Seed CBOR corpus entry (empty byte string). |
| src/crypto/test/cbor_fuzz_corpus/empty_map | Seed CBOR corpus entry (empty map). |
| src/crypto/test/cbor_fuzz_corpus/empty_string | Seed CBOR corpus entry (empty text string). |
| src/crypto/test/cbor_fuzz_corpus/header_map_footer | Seed CBOR corpus entry (map with header/footer-like fields). |
| src/crypto/test/cbor_fuzz_corpus/int64_max | Seed CBOR corpus entry (int64 max boundary). |
| src/crypto/test/cbor_fuzz_corpus/int64_min | Seed CBOR corpus entry (int64 min boundary). |
| src/crypto/test/cbor_fuzz_corpus/int64_overflow | Seed CBOR corpus entry (oversized integer encoding). |
| src/crypto/test/cbor_fuzz_corpus/int_widths | Seed CBOR corpus entry (various integer widths). |
| src/crypto/test/cbor_fuzz_corpus/map1234 | Seed CBOR corpus entry (simple map sample). |
| src/crypto/test/cbor_fuzz_corpus/map_bool_vals | Seed CBOR corpus entry (map with boolean/simple values). |
| src/crypto/test/cbor_fuzz_corpus/map_multi_arrays | Seed CBOR corpus entry (map containing multiple arrays). |
| src/crypto/test/cbor_fuzz_corpus/map_neg_keys | Seed CBOR corpus entry (map with negative integer keys). |
| src/crypto/test/cbor_fuzz_corpus/map_str_str | Seed CBOR corpus entry (map of string->string). |
| src/crypto/test/cbor_fuzz_corpus/map_with_array | Seed CBOR corpus entry (map containing an array). |
| src/crypto/test/cbor_fuzz_corpus/mixed_array | Seed CBOR corpus entry (array with mixed types). |
| src/crypto/test/cbor_fuzz_corpus/negint1 | Seed CBOR corpus entry (negative integer sample). |
| src/crypto/test/cbor_fuzz_corpus/nested_arrays | Seed CBOR corpus entry (nested arrays variant). |
| src/crypto/test/cbor_fuzz_corpus/nested_tags | Seed CBOR corpus entry (nested tags). |
| src/crypto/test/cbor_fuzz_corpus/simple_false | Seed CBOR corpus entry (simple value false). |
| src/crypto/test/cbor_fuzz_corpus/simple_null | Seed CBOR corpus entry (simple value null). |
| src/crypto/test/cbor_fuzz_corpus/simple_true | Seed CBOR corpus entry (simple value true). |
| src/crypto/test/cbor_fuzz_corpus/simple_undefined | Seed CBOR corpus entry (simple value undefined). |
| src/crypto/test/cbor_fuzz_corpus/tagged_array | Seed CBOR corpus entry (tagged array). |
| src/crypto/test/cbor_fuzz_corpus/tagged_bool | Seed CBOR corpus entry (tagged boolean/simple). |
| src/crypto/test/cbor_fuzz_corpus/tagged_bytes | Seed CBOR corpus entry (tagged byte string). |
| src/crypto/test/cbor_fuzz_corpus/tagged_empty_array | Seed CBOR corpus entry (tagged empty array). |
| src/crypto/test/cbor_fuzz_corpus/tagged_int | Seed CBOR corpus entry (tagged integer). |
| src/crypto/test/cbor_fuzz_corpus/tagged_map | Seed CBOR corpus entry (tagged map). |
| src/crypto/test/cbor_fuzz_corpus/tagged_string | Seed CBOR corpus entry (tagged text string). |
| src/crypto/test/cbor_fuzz_corpus/tstr_hello | Seed CBOR corpus entry (text-string “hello”). |
| src/crypto/test/cbor_fuzz_corpus/uint42 | Seed CBOR corpus entry (unsigned int 42). |
maxtropets
commented
Apr 27, 2026
cjen1-msft
reviewed
Apr 27, 2026
cjen1-msft
approved these changes
Apr 27, 2026
achamayou
approved these changes
Apr 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.