Fuzz test ssz_encode and ssz_decode for usize

2019-02-20 16:43:30 +11:00 · 2019-02-20 16:43:30 +11:00 · 00e5b57166
commit 00e5b57166
parent b98db3773e
3 changed files with 80 additions and 0 deletions
--- a/eth2/utils/ssz/fuzz/Cargo.toml
+++ b/eth2/utils/ssz/fuzz/Cargo.toml
@ -48,3 +48,11 @@ path = "fuzz_targets/fuzz_target_u64_decode.rs"
 [[bin]]
 name = "fuzz_target_u64_encode"
 path = "fuzz_targets/fuzz_target_u64_encode.rs"
+
+[[bin]]
+name = "fuzz_target_usize_decode"
+path = "fuzz_targets/fuzz_target_usize_decode.rs"
+
+[[bin]]
+name = "fuzz_target_usize_encode"
+path = "fuzz_targets/fuzz_target_usize_encode.rs"
--- a/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_usize_decode.rs
+++ b/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_usize_decode.rs
@ -0,0 +1,32 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate ssz;
+
+use ssz::{DecodeError, Decodable};
+
+// Fuzz ssz_decode()
+fuzz_target!(|data: &[u8]| {
+    // Note: we assume architecture is 64 bit -> usize == 64 bits
+    let result: Result<(usize, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    if data.len() >= 8 {
+        // Valid result
+        let (number_usize, index) = result.unwrap();
+        assert_eq!(index, 8);
+        // TODO: change to little endian bytes
+        // https://github.com/sigp/lighthouse/issues/215
+        let val = u64::from_be_bytes([
+            data[0],
+            data[1],
+            data[2],
+            data[3],
+            data[4],
+            data[5],
+            data[6],
+            data[7],
+            ]);
+        assert_eq!(number_usize, val as usize);
+    } else {
+        // Length less then 8 should return error
+        assert_eq!(result, Err(DecodeError::TooShort));
+    }
+});
--- a/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_usize_encode.rs
+++ b/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_usize_encode.rs
@ -0,0 +1,40 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate ssz;
+
+use ssz::SszStream;
+
+// Fuzz ssz_encode (via ssz_append)
+fuzz_target!(|data: &[u8]| {
+    let mut ssz = SszStream::new();
+    let mut number_usize = 0;
+    if data.len() >= 8 {
+        number_usize = u64::from_be_bytes([
+            data[0],
+            data[1],
+            data[2],
+            data[3],
+            data[4],
+            data[5],
+            data[6],
+            data[7],
+            ]) as usize;
+    }
+
+    ssz.append(&number_usize);
+    let ssz = ssz.drain();
+
+    // TODO: change to little endian bytes
+    // https://github.com/sigp/lighthouse/issues/215
+    assert_eq!(ssz.len(), 8);
+    assert_eq!(number_usize, u64::from_be_bytes([
+        ssz[0],
+        ssz[1],
+        ssz[2],
+        ssz[3],
+        ssz[4],
+        ssz[5],
+        ssz[6],
+        ssz[7],
+        ]) as usize);
+});