fuzz: improve header/data stop/continue modeling in HCM fuzzer. #10931
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Previously we weren't tracking the status returned from the mock decodeData(), leading to incorrect invocation of continueDecoding(). This resulted in the underlying fuzz bug that this patch fixes. In addition to improve status state tracking, this PR also adds to the mock codec's ability to return stop/continue from decodeHeaders() and the full range of stop/continue values for decodeData(). Risk level: Low Testing: Corpus entry added. Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18378. Signed-off-by: Harvey Tuch <htuch@google.com>
|
Need #10929 to land first to avoid tripping over that issue in the added corpus entry. |
Signed-off-by: Harvey Tuch <htuch@google.com>
|
Should pass CI now that #10929 has merged. |
asraa
approved these changes
Apr 27, 2020
spenceral
added a commit
to spenceral/envoy
that referenced
this pull request
Apr 27, 2020
Signed-off-by: Spencer Lewis <slewis@squareup.com> * master: fault injection: add support for setting gRPC status (envoyproxy#10841) tests: tag tests that fail on Windows with fails_on_windows (envoyproxy#10940) Fix typo on Postgres Proxy documentation. (envoyproxy#10930) fuzz: improve header/data stop/continue modeling in HCM fuzzer. (envoyproxy#10931) gzip filter: allow setting zlib compressor's chunk size (envoyproxy#10508) http: replace vector/reserve with InlinedVector in codec helper (envoyproxy#10941) stats: add utilities to create stats from a vector of tokens, mixing dynamic and symbolic elements. (envoyproxy#10735) hcm: avoid invoking 100-continue handling on decode filter. (envoyproxy#10929) prometheus stats: Correctly group lines of the same metric name. (envoyproxy#10833) status: Fix ASAN error in Status payload handling (envoyproxy#10906) path: Fix merge slash for paths ending with slash and present query args (envoyproxy#10922) compressor filter: add benchmark (envoyproxy#10464) xray: expected_span_name is not captured by the lambda with MSVC (envoyproxy#10934) ci: update before purge in cleanup (envoyproxy#10938) tracer: Improve test coverage for x-ray (envoyproxy#10890) Revert "init: order dynamic resource initialization to make RTDS always be first (envoyproxy#10362)" (envoyproxy#10919)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously we weren't tracking the status returned from the mock
decodeData(), leading to incorrect invocation of continueDecoding().
This resulted in the underlying fuzz bug that this patch fixes.
In addition to improve status state tracking, this PR also adds to the
mock codec's ability to return stop/continue from decodeHeaders() and
the full range of stop/continue values for decodeData().
Risk level: Low
Testing: Corpus entry added.
Fixes oss-fuzz issue
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18378.
Signed-off-by: Harvey Tuch htuch@google.com