Skip to content

Commit

Permalink
types: refactor multiple fuzzers
Browse files Browse the repository at this point in the history
Signed-off-by: AdamKorcz <adam@adalogics.com>
  • Loading branch information
AdamKorcz committed Dec 29, 2022
1 parent 26f44cd commit 792dfa6
Show file tree
Hide file tree
Showing 10 changed files with 249 additions and 36 deletions.
74 changes: 74 additions & 0 deletions pkg/fuzz/fuzz_utils.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
//
// Copyright 2022 The Sigstore Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package fuzz

import (
"net/url"
"os"
"path/filepath"

"go.uber.org/zap"
"go.uber.org/zap/zapcore"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/log"
"github.com/sigstore/rekor/pkg/types"
)

func CreateProps(ff *fuzz.ConsumeFuzzer) (types.ArtifactProperties, func(), error) {
props := types.ArtifactProperties{}
ff.GenerateStruct(&props) //nolint:all

if props.ArtifactBytes == nil {
artifactBytes, err := ff.GetBytes()
if err != nil {
return props, nil, err
}
artifactFile, err := os.Create("ArtifactFile")
if err != nil {
return props, nil, err
}
defer artifactFile.Close()

artifactPath, err := filepath.Abs("ArtifactFile")
if err != nil {
return props, nil, err
}
artifactURL, err := url.Parse(artifactPath)
if err != nil {
return props, nil, err
}
props.ArtifactPath = artifactURL

_, err = artifactFile.Write(artifactBytes)
return props, func() {
os.Remove("ArtifactFile")
}, err

}
return props, func() {}, nil
}

func SetFuzzLogger() {
config := zap.NewProductionConfig()
config.Level = zap.NewAtomicLevelAt(zapcore.FatalLevel)
logger, err := config.Build()
if err != nil {
panic(err)
}
log.Logger = logger.Named("rekor-fuzz-logger").Sugar()
}
5 changes: 5 additions & 0 deletions pkg/types/cose/fuzz_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,18 @@ package cose

import (
"context"
"sync"
"testing"

fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types"
)

var initter sync.Once

func FuzzCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string) {
initter.Do(fuzzUtils.SetFuzzLogger)
ctx := context.Background()
brt := New()
props := types.ArtifactProperties{}
Expand Down
23 changes: 18 additions & 5 deletions pkg/types/helm/fuzz_test.go → pkg/types/helm/v0.0.1/fuzz_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,32 @@ package helm

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/types"
fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/helm"
)

var initter sync.Once

func FuzzHelmCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string, propsData []byte) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.1"

ff := fuzz.NewConsumer(propsData)
props := types.ArtifactProperties{}
ff.GenerateStruct(&props)
it := New()

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := helm.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,32 @@ package intoto

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/types"
fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/intoto"
)

var initter sync.Once

func FuzzIntotoCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string, propsData []byte) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.1"

ff := fuzz.NewConsumer(propsData)
props := types.ArtifactProperties{}
ff.GenerateStruct(&props)
it := New()

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := intoto.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
Expand Down
55 changes: 55 additions & 0 deletions pkg/types/intoto/v0.0.2/fuzz_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
//
// Copyright 2022 The Sigstore Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package intoto

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/intoto"
)

var initter sync.Once

func FuzzIntotoCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.2"

ff := fuzz.NewConsumer(propsData)

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := intoto.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
}
_, err = it.UnmarshalEntry(entry)
if err != nil {
t.Skip()
}
})
}
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,32 @@ package rekord

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/types"
fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/rekord"
)

var initter sync.Once

func FuzzRekordCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string, propsData []byte) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.1"

ff := fuzz.NewConsumer(propsData)
props := types.ArtifactProperties{}
ff.GenerateStruct(&props)
it := New()

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := rekord.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,32 @@ package rfc3161

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/types"
fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/rfc3161"
)

var initter sync.Once

func FuzzRfc3161CreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string, propsData []byte) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.1"

ff := fuzz.NewConsumer(propsData)
props := types.ArtifactProperties{}
ff.GenerateStruct(&props)
it := New()

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := rfc3161.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
Expand Down
23 changes: 18 additions & 5 deletions pkg/types/rpm/fuzz_test.go → pkg/types/rpm/v0.0.1/fuzz_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,32 @@ package rpm

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/types"
fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/rpm"
)

var initter sync.Once

func FuzzRpmCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string, propsData []byte) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.1"

ff := fuzz.NewConsumer(propsData)
props := types.ArtifactProperties{}
ff.GenerateStruct(&props)
it := New()

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := rpm.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
Expand Down
23 changes: 18 additions & 5 deletions pkg/types/tuf/fuzz_test.go → pkg/types/tuf/v0.0.1/fuzz_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,32 @@ package tuf

import (
"context"
"sync"
"testing"

fuzz "github.com/AdaLogics/go-fuzz-headers"

"github.com/sigstore/rekor/pkg/types"
fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
"github.com/sigstore/rekor/pkg/types/tuf"
)

var initter sync.Once

func FuzzTufCreateProposedEntry(f *testing.F) {
f.Fuzz(func(t *testing.T, version string, propsData []byte) {
f.Fuzz(func(t *testing.T, propsData []byte) {
initter.Do(fuzzUtils.SetFuzzLogger)

version := "0.0.1"

ff := fuzz.NewConsumer(propsData)
props := types.ArtifactProperties{}
ff.GenerateStruct(&props)
it := New()

props, cleanup, err := fuzzUtils.CreateProps(ff)
if err != nil {
t.Skip()
}
defer cleanup()

it := tuf.New()
entry, err := it.CreateProposedEntry(context.Background(), version, props)
if err != nil {
t.Skip()
Expand Down
13 changes: 7 additions & 6 deletions tests/oss_fuzz.sh
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,10 @@ compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/cose FuzzCreateProp
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/alpine FuzzPackageUnmarshal FuzzPackageUnmarshal
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/jar FuzzJarUnmarshal FuzzJarUnmarshal
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/hashedrekord FuzzHashedRekord FuzzHashedRekord
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/intoto FuzzIntotoCreateProposedEntry FuzzIntotoCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/tuf FuzzTufCreateProposedEntry FuzzTufCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rfc3161 FuzzRfc3161CreateProposedEntry FuzzRfc3161CreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rpm FuzzRpmCreateProposedEntry FuzzRpmCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/helm FuzzHelmCreateProposedEntry FuzzHelmCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rekord FuzzRekordCreateProposedEntry FuzzRekordCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/intoto/v0.0.1 FuzzIntotoCreateProposedEntry FuzzIntotoCreateProposedEntry_v001
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/intoto/v0.0.2 FuzzIntotoCreateProposedEntry FuzzIntotoCreateProposedEntry_v002
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/tuf/v0.0.1 FuzzTufCreateProposedEntry FuzzTufCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rfc3161/v0.0.1 FuzzRfc3161CreateProposedEntry FuzzRfc3161CreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rpm/v0.0.1 FuzzRpmCreateProposedEntry FuzzRpmCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/helm/v0.0.1 FuzzHelmCreateProposedEntry FuzzHelmCreateProposedEntry
compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rekord/v0.0.1 FuzzRekordCreateProposedEntry FuzzRekordCreateProposedEntry

0 comments on commit 792dfa6

Please sign in to comment.