Fuzz local storage test

This commit is contained in:
Andrea Spacca 2019-08-31 11:41:34 +02:00
parent b40e9d1fb8
commit 8c5ef8f2e1
3 changed files with 69 additions and 109 deletions

View file

@ -29,7 +29,7 @@ jobs:
dist: bionic dist: bionic
script: ./fuzzit.sh local-regression script: ./fuzzit.sh local-regression
- stage: Fuzz - stage: Fuzz
if: branch = master AND type IN (push) if: branch = fuzz AND type IN (push)
go: 1.12.x go: 1.12.x
dist: bionic dist: bionic
script: ./fuzzit.sh fuzzing script: ./fuzzit.sh fuzzing
@ -53,5 +53,5 @@ deploy:
skip_cleanup: true skip_cleanup: true
on: on:
tags: true tags: true
go: tip go: 1.12.x
overwrite: true overwrite: true

View file

@ -30,6 +30,4 @@ function fuzz {
clang -fsanitize=fuzzer fuzzer.a -o fuzzer clang -fsanitize=fuzzer fuzzer.a -o fuzzer
./fuzzit create job --type $TYPE $NAME/$TARGET fuzzer ./fuzzit create job --type $TYPE $NAME/$TARGET fuzzer
} }
fuzz Profile profile fuzz LocalStorage local-storage
fuzz HTTP http
fuzz HTTPS https

View file

@ -3,126 +3,88 @@
package server package server
import ( import (
"crypto/tls" "bytes"
"io/ioutil" "io"
"net" "math/rand"
"strings" "reflect"
) )
// FuzzProfile tests the profile server. const applicationOctetStream = "application/octet-stream"
func FuzzProfile(fuzz []byte) int {
if len(fuzz) == 0 {
return -1
}
server, err := New(EnableProfiler())
if err != nil {
panic(err.Error())
}
server.Run()
defer server.profileListener.Close()
defer server.httpListener.Close()
address := server.profileListener.Addr
connection, err := net.Dial("tcp", address)
if err != nil {
panic(err.Error())
}
_, err = connection.Write(fuzz)
if err != nil {
return 0
}
response, err := ioutil.ReadAll(connection)
if err != nil {
return 0
}
err = connection.Close()
if err != nil {
return 0
}
fields := strings.Fields(string(response))
if len(fields) < 2 {
panic("invalid HTTP response")
}
code := fields[1]
if code == "500" {
panic("server panicked")
}
return 1
}
// FuzzHTTP tests the HTTP server. // FuzzLocalStorage tests the Local Storage.
func FuzzHTTP(fuzz []byte) int { func FuzzLocalStorage(fuzz []byte) int {
if len(fuzz) == 0 { var fuzzLength = uint64(len(fuzz))
if fuzzLength == 0 {
return -1 return -1
} }
server, err := New(Listener("localhost"))
if err != nil {
panic(err.Error())
}
server.Run()
defer server.httpListener.Close()
address := server.httpListener.Addr
connection, err := net.Dial("tcp", address)
if err != nil {
panic(err.Error())
}
_, err = connection.Write(fuzz)
if err != nil {
return 0
}
response, err := ioutil.ReadAll(connection)
if err != nil {
return 0
}
err = connection.Close()
if err != nil {
return 0
}
fields := strings.Fields(string(response))
if len(fields) < 2 {
panic("invalid HTTP response")
}
code := fields[1]
if code == "500" {
panic("server panicked")
}
return 1
}
// FuzzHTTPS tests the HTTPS server. storage, err := NewLocalStorage("/tmp", nil)
func FuzzHTTPS(fuzz []byte) int {
if len(fuzz) == 0 {
return -1
}
server, err := New(TLSListener("localhost", true))
if err != nil { if err != nil {
panic(err.Error()) panic("unable to create local storage")
} }
server.Run()
defer server.httpsListener.Close() token := Encode(10000000 + int64(rand.Intn(1000000000)))
address := server.httpsListener.Addr filename := Encode(10000000 + int64(rand.Intn(1000000000))) + ".bin"
connection, err := tls.Dial("tcp", address, nil)
input := bytes.NewReader(fuzz)
err = storage.Put(token, filename, input, applicationOctetStream, fuzzLength)
if err != nil { if err != nil {
panic(err.Error()) panic("unable to save file")
} }
_, err = connection.Write(fuzz)
contentType, contentLength, err := storage.Head(token, filename)
if err != nil { if err != nil {
return 0 panic("not visible through head")
} }
response, err := ioutil.ReadAll(connection)
if contentType != applicationOctetStream {
panic("incorrect content type")
}
if contentLength != fuzzLength {
panic("incorrect content length")
}
output, contentType, contentLength, err := storage.Get(token, filename)
if err != nil { if err != nil {
return 0 panic("not visible through get")
} }
err = connection.Close()
if contentType != applicationOctetStream {
panic("incorrect content type")
}
if contentLength != fuzzLength {
panic("incorrect content length")
}
var length uint64
b := make([]byte, len(fuzz))
for {
n, err := output.Read(b)
length += uint64(n)
if err == io.EOF {
break
}
}
if !reflect.DeepEqual(b, fuzz) {
panic("incorrect content body")
}
if length != fuzzLength {
panic("incorrect content length")
}
err = storage.Delete(token, filename)
if err != nil { if err != nil {
return 0 panic("unable to delete file")
} }
fields := strings.Fields(string(response))
if len(fields) < 2 { _, _, err = storage.Head(token, filename)
panic("invalid HTTP response") if !storage.IsNotExist(err) {
} panic("file not deleted")
code := fields[1]
if code == "500" {
panic("server panicked")
} }
return 1 return 1
} }