Run fuzzer in CI

As we do for `rust-bitcoin` run the fuzzer on each push and pull request. Requires: - Minor changes to fuzz target `encode_decode` to use current API - Installing hongfuzz without default dependencies (`arbitrary`)
rust-bitcoin · Mar 22, 2023 · ea84275 · ea84275
1 parent bd4e8e2
commit ea84275
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 4 deletions.
diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml
@@ -0,0 +1,47 @@
+name: Fuzz
+
+on: [push, pull_request]
+
+jobs:
+
+  fuzz:
+    if: ${{ !github.event.act }}
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        fuzz_target: [decode_rnd, encode_decode]
+    steps:
+      - name: Install test dependencies
+        run: sudo apt-get update -y && sudo apt-get install -y binutils-dev libunwind8-dev libcurl4-openssl-dev libelf-dev libdw-dev cmake gcc libiberty-dev
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        id: cache-fuzz
+        with:
+          path: |
+            ~/.cargo/bin
+            fuzz/target
+            target
+          key: cache-${{ matrix.target }}-${{ hashFiles('**/Cargo.toml','**/Cargo.lock') }}
+      - name: Checkout Toolchain
+        uses: dtolnay/rust-toolchain@stable
+      - name: fuzz
+        run: cd fuzz && ./fuzz.sh "${{ matrix.fuzz_target }}"
+      - run: echo "${{ matrix.fuzz_target }}.rs" >executed_${{ matrix.fuzz_target }}
+      - uses: actions/upload-artifact@v2
+        with:
+          name: executed_${{ matrix.fuzz_target }}
+          path: executed_${{ matrix.fuzz_target }}
+
+  verify-execution:
+    if: ${{ !github.event.act }}
+    needs: fuzz
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/download-artifact@v2
+      - name: Display structure of downloaded files
+        run: ls -R
+      - run: find executed_* -type f -exec cat {} + | sort > executed
+      - run: ls bitcoin/fuzz/fuzz_targets | sort > expected
+      - run: diff expected executed
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -12,7 +12,7 @@ afl_fuzz = ["afl"]
 honggfuzz_fuzz = ["honggfuzz"]
 
 [dependencies]
-honggfuzz = { version = "0.5", optional = true }
+honggfuzz = { version = "0.5", default-features = false, optional = true }
 afl = { version = "0.3", optional = true }
 libc = "0.2"
 bech32 = { path = ".." }

diff --git a/fuzz/fuzz.sh b/fuzz/fuzz.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 set -e
-cargo install --force honggfuzz
+cargo install --force honggfuzz --no-default-features
 for TARGET in fuzz_targets/*; do
     FILENAME=$(basename $TARGET)
 	FILE="${FILENAME%.*}"

diff --git a/fuzz/fuzz_targets/encode_decode.rs b/fuzz/fuzz_targets/encode_decode.rs
@@ -1,6 +1,6 @@
 extern crate bech32;
 
-use std::str::FromStr;
+use std::convert::TryFrom;
 
 fn do_test(data: &[u8]) {
     if data.len() < 1 {
@@ -19,7 +19,7 @@ fn do_test(data: &[u8]) {
 
     let dp = data[hrp_end..]
         .iter()
-        .map(|b| bech32::u5::try_from_u8(b % 32).unwrap())
+        .map(|b| bech32::u5::try_from(b % 32).unwrap())
         .collect::<Vec<_>>();
 
     let variant = if data[0] > 0x0f {