From ea84275008f13fbfb968bb0fb7da23ebcccaffb5 Mon Sep 17 00:00:00 2001 From: "Tobin C. Harding" Date: Wed, 22 Mar 2023 10:55:15 +1100 Subject: [PATCH] Run fuzzer in CI As we do for `rust-bitcoin` run the fuzzer on each push and pull request. Requires: - Minor changes to fuzz target `encode_decode` to use current API - Installing hongfuzz without default dependencies (`arbitrary`) --- .github/workflows/fuzz.yml | 47 ++++++++++++++++++++++++++++++ fuzz/Cargo.toml | 2 +- fuzz/fuzz.sh | 2 +- fuzz/fuzz_targets/encode_decode.rs | 4 +-- 4 files changed, 51 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/fuzz.yml diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml new file mode 100644 index 00000000..0ba71612 --- /dev/null +++ b/.github/workflows/fuzz.yml @@ -0,0 +1,47 @@ +name: Fuzz + +on: [push, pull_request] + +jobs: + + fuzz: + if: ${{ !github.event.act }} + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + fuzz_target: [decode_rnd, encode_decode] + steps: + - name: Install test dependencies + run: sudo apt-get update -y && sudo apt-get install -y binutils-dev libunwind8-dev libcurl4-openssl-dev libelf-dev libdw-dev cmake gcc libiberty-dev + - uses: actions/checkout@v2 + - uses: actions/cache@v2 + id: cache-fuzz + with: + path: | + ~/.cargo/bin + fuzz/target + target + key: cache-${{ matrix.target }}-${{ hashFiles('**/Cargo.toml','**/Cargo.lock') }} + - name: Checkout Toolchain + uses: dtolnay/rust-toolchain@stable + - name: fuzz + run: cd fuzz && ./fuzz.sh "${{ matrix.fuzz_target }}" + - run: echo "${{ matrix.fuzz_target }}.rs" >executed_${{ matrix.fuzz_target }} + - uses: actions/upload-artifact@v2 + with: + name: executed_${{ matrix.fuzz_target }} + path: executed_${{ matrix.fuzz_target }} + + verify-execution: + if: ${{ !github.event.act }} + needs: fuzz + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/download-artifact@v2 + - name: Display structure of downloaded files + run: ls -R + - run: find executed_* -type f -exec cat {} + | sort > executed + - run: ls bitcoin/fuzz/fuzz_targets | sort > expected + - run: diff expected executed diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml index c661ef6e..785ee6b7 100644 --- a/fuzz/Cargo.toml +++ b/fuzz/Cargo.toml @@ -12,7 +12,7 @@ afl_fuzz = ["afl"] honggfuzz_fuzz = ["honggfuzz"] [dependencies] -honggfuzz = { version = "0.5", optional = true } +honggfuzz = { version = "0.5", default-features = false, optional = true } afl = { version = "0.3", optional = true } libc = "0.2" bech32 = { path = ".." } diff --git a/fuzz/fuzz.sh b/fuzz/fuzz.sh index ae85ea91..db1b9eb3 100755 --- a/fuzz/fuzz.sh +++ b/fuzz/fuzz.sh @@ -1,6 +1,6 @@ #!/bin/bash set -e -cargo install --force honggfuzz +cargo install --force honggfuzz --no-default-features for TARGET in fuzz_targets/*; do FILENAME=$(basename $TARGET) FILE="${FILENAME%.*}" diff --git a/fuzz/fuzz_targets/encode_decode.rs b/fuzz/fuzz_targets/encode_decode.rs index bcc587db..c5f1875e 100644 --- a/fuzz/fuzz_targets/encode_decode.rs +++ b/fuzz/fuzz_targets/encode_decode.rs @@ -1,6 +1,6 @@ extern crate bech32; -use std::str::FromStr; +use std::convert::TryFrom; fn do_test(data: &[u8]) { if data.len() < 1 { @@ -19,7 +19,7 @@ fn do_test(data: &[u8]) { let dp = data[hrp_end..] .iter() - .map(|b| bech32::u5::try_from_u8(b % 32).unwrap()) + .map(|b| bech32::u5::try_from(b % 32).unwrap()) .collect::>(); let variant = if data[0] > 0x0f {