Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add rsass targets #119

Merged
merged 1 commit into from
May 12, 2018
Merged

Add rsass targets #119

merged 1 commit into from
May 12, 2018

Conversation

killercup
Copy link
Member

Currently finds >50 unique crashes (according to honggfuzz)!

@killercup killercup requested a review from frewsxcv May 4, 2018 13:18
@killercup
Copy link
Member Author

cc @kaj -- you can try this by checking out this PR's branch and running cargo run target rsass_sass or cargo run target rsass_value. Most crashes seem to be from unwraps around str::from_utf8 and I've also seen an underflow from this line.

@kaj
Copy link

kaj commented May 4, 2018

Cool, I'll look into this! Please don't hold your breath, though. I will look at it a little right now, but after that I won't have much time for about two weeks.

Thank you for considering rsass for fuss testing!

@kaj
Copy link

kaj commented May 4, 2018

Hmm ... I seem to be missing some kind of "obvious first step" ... I get error: no such subcommand: 'hfuzz', and cargo +nightly install hfuzz finds nothing to install. What do I need to install? I don't find any answer in the readme of this repo, but presumably there's a main fuzz repo somewhere?

Update: Answering my own question, cargo +nightly install honggfuzz seems to do the trick.

@killercup
Copy link
Member Author

killercup commented May 4, 2018 via email

@kaj
Copy link

kaj commented May 4, 2018

Hm. Still no go here. After happily compiling what seems to be most Rust code ever written :-) my command cargo +nightly run target rsass_value fails on:

   Compiling fuzz-targets-common v0.1.0 (file:///home/kaj/proj/rust/targets/common)
error[E0425]: cannot find function `parse_tree_from_data` in module `usvg`
   --> common/src/lib.rs:904:23
    |
904 |         let _ = usvg::parse_tree_from_data(text, &usvg::Options::default());
    |                       ^^^^^^^^^^^^^^^^^^^^ not found in `usvg`

error: aborting due to previous error

For more information about this error, try `rustc --explain E0425`.
error: Could not compile `fuzz-targets-common`.

I guess this project can also fuss usvg, except for a recent change in it. Is there a way to build only the particular fuzz target I want to run?

@killercup
Copy link
Member Author

I guess this project can also fuss usvg, except for a recent change in it. Is there a way to build only the particular fuzz target I want to run?

Yeah, that's sadly a current limitation. But it's already fixed on master, so I've rebased this branch. After git pull --rebase it should hopefully finally work for you :)

@killercup
Copy link
Member Author

Btw, here is a quick way to reproduce some of the crashes: https://gist.github.com/killercup/579e31cc6896dfe8222b86d94c5e7787

kaj added a commit to kaj/rsass that referenced this pull request May 4, 2018
Improve handling of some cases there a str::from_utf8 call might fail.
Thanks to @killercup and rust-fuzz/targets#119 for pointing out the
problem.
kaj added a commit to kaj/rsass that referenced this pull request May 4, 2018
Improve handling of some cases there a str::from_utf8 call might fail.
Thanks to @killercup and rust-fuzz/targets#119 for pointing out the
problem.
kaj added a commit to kaj/rsass that referenced this pull request May 4, 2018
Improve handling of some cases there a str::from_utf8 call might fail.
Thanks to @killercup and rust-fuzz/targets#119 for pointing out the
problem.
@kaj
Copy link

kaj commented May 5, 2018

I havn't tried all the inputs from your gist, @killercup , but most seems to be fixed now. I won't have much more time to try out fuzz-testing in the coming weeks, but if you can provide such examples that causes current rsass to crash, I hope to be able to take a look at them.

And thanks again for the initiative to fuzz-test rsass!

@killercup
Copy link
Member Author

Great that you could already fix some of this, @kaj! I might have a look at it myself when I have some time. Otherwise, feel free to ping me if you want to pick this up again!

bors r+

bors bot added a commit that referenced this pull request May 5, 2018
119: Add rsass targets r=killercup a=killercup

Currently finds >50 unique crashes (according to honggfuzz)!

Co-authored-by: Pascal Hertleif <killercup@gmail.com>
@bors
Copy link
Contributor

bors bot commented May 5, 2018

Build failed

@frewsxcv
Copy link
Member

frewsxcv commented May 5, 2018

Fixed the ring error in briansmith/ring#646. Wonder if we should add back that Cargo.lock file so we don't get blocked on these issues in the future.

@killercup
Copy link
Member Author

@frewsxcv yeah, go ahead and add that lock file. If we fuzz locally we'll detect breakages early enough,

@frewsxcv
Copy link
Member

frewsxcv commented May 7, 2018

bors r+

bors bot added a commit that referenced this pull request May 7, 2018
119: Add rsass targets r=frewsxcv a=killercup

Currently finds >50 unique crashes (according to honggfuzz)!

Co-authored-by: Pascal Hertleif <killercup@gmail.com>
frewsxcv added a commit that referenced this pull request May 7, 2018
@bors
Copy link
Contributor

bors bot commented May 7, 2018

Build failed

bors bot added a commit that referenced this pull request May 11, 2018
120: Add Cargo.lock to prevent compilation failures from upstream API changes. r=frewsxcv a=frewsxcv

See also:

- #119 (comment)
- #99

Co-authored-by: Corey Farwell <coreyf@rwell.org>
@frewsxcv
Copy link
Member

bors r+

bors bot added a commit that referenced this pull request May 12, 2018
119: Add rsass targets r=frewsxcv a=killercup

Currently finds >50 unique crashes (according to honggfuzz)!

Co-authored-by: Pascal Hertleif <killercup@gmail.com>
@bors
Copy link
Contributor

bors bot commented May 12, 2018

Build succeeded

@bors bors bot merged commit 6d78b1d into rust-fuzz:master May 12, 2018
kaj added a commit to kaj/rsass that referenced this pull request Aug 26, 2018
A default run of sass-spec found 1661 of 3482 tests passing.

Changes since version 0.8.0 includes:

* PR #24: Implement a Rgba type and use in css::Value and sass::Value.
* PR #22: Partial support for `@at-root`.  Supports `&` back-refs but
  not `with` and `without`.
* Add "foo/index.scss" and "foo/_index.scss" when attempting to find
  "foo" for import.
* The parser should fail rather than crash on some non-utf8 input.
* PR #21: Introduce a Number type, mainly for sharing some abstraction
  between css and sass values.
* Make the `rgba` function handle non-numeric inputs (e.g. calc(...)).
* Implement the `feature-exists` function.
* Make `!important` part of value rather than property, so it can be
  used in fuction / mixin arguments etc.
* A css3 pseudo-element selector may have arguments.
* Add support for unicode ranges.
* The `@each` construct can bind multipe values.
* PR #20: Division is now a BinOp rather than a special case.
* Minor improvement in parsing and formatting at-rules.
* Fix some clippy complaints.
* Minor documentation updates.
* Some updates to travis build script and test structure.
* Add appveyour (windows) continous integration testing.
* Depedency updates: num-rational 0.2.1, nom 4.0 (PR #23) and rand 0.5.

Thanks to @killercup and rust-fuzz/targets#119 for identifying some
parser crashes on non-utf8 input.
kaj added a commit to kaj/rsass that referenced this pull request Sep 2, 2018
* Fix #25; Avoid crashing on some non-utf8 input.

Thanks again to @killercup and rust-fuzz/targets#119 for identifying
more parser crashes on non-utf8 input.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants