Added fuzzing targets for capm3.

metal3-io · Aug 10, 2023 · 295ab97 · 295ab97
1 parent 095daea
commit 295ab97
Show file tree

Hide file tree

Showing 4 changed files with 91 additions and 3 deletions.
diff --git a/test/fuzz/README.md b/test/fuzz/README.md
@@ -0,0 +1,51 @@
+# Fuzzing
+
+ Fuzzing or fuzz testing is an automated software testing technique that
+ involves providing invalid, unexpected, or random data as inputs to a
+ computer program. A fuzzing target is defined for running the tests.
+ These targets are defined in the test/fuzz directory and run using
+ the instructions given below:
+
+- Install the package from <https://github.com/mdempsky/go114-fuzz-build>
+  using go get command. This is the link for the fuzzing tool that uses
+  libfuzzer for its implementation purposes. I set it up and made a sample
+  function to run the fuzzing tests. In these steps following are the important steps
+
+   a.  Run below command to build the file for the function by giving its location.
+
+    ```bash
+    mkdir output
+    cd output
+    go114-fuzz-build -o FuzzTestImageValidate.a
+    -func FuzzTestImageValidate ../test/fuzz/
+    ```
+
+    b. Run below command to make C binary files for the same function.
+
+    ```
+    clang -o FuzzTestImageValidate FuzzTestImageValidate.a
+    -fsanitize=fuzzer
+    ```
+
+    c. Run the fuzzer as below
+
+    ```
+    /FuzzTestImageValidate
+    ```
+
+- Execution: Here is an example for execution of some test outputs:
+
+    ```bash
+    ./FuzzTestImageValidate
+    INFO: Running with entropic power schedule (0xFF, 100).
+    INFO: Seed: 376384327
+    INFO: 267805 Extra Counters
+    INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
+    INFO: A corpus is not provided, starting from an empty corpus
+    #2      INITED ft: 35 corp: 1/1b exec/s: 0 rss: 51Mb
+    ```
+
+    Here first line contains the byte array provided by libfuzzer to the
+    function we then typecast it to our struct of IPPool using JSON.
+    Unmarshal and then run the function. It keeps on running
+    until it finds a bug.
diff --git a/test/fuzz/metal3cluster_manager_test_fuzzer.go b/test/fuzz/metal3cluster_manager_test_fuzzer.go
@@ -0,0 +1,31 @@
+package fuzz_test
+
+import (
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+	infrav1 "github.com/metal3-io/cluster-api-provider-metal3/api/v1beta1"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+)
+
+type ImageValidate struct {
+	Image         infrav1.Image
+	ErrorExpected bool
+	Name          string
+}
+
+func FuzzTestImageValidate(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	tc := &ImageValidate{}
+	err := f.GenerateStruct(tc)
+	if err != nil {
+		return 0
+	}
+	errs := tc.Image.Validate(*field.NewPath("Spec", "Image"))
+	if tc.ErrorExpected && errs == nil {
+		return 0
+	}
+	if !tc.ErrorExpected && errs != nil {
+		return 0
+	}
+
+	return 1
+}
diff --git a/test/go.mod b/test/go.mod
@@ -28,6 +28,7 @@ replace sigs.k8s.io/cluster-api/test => sigs.k8s.io/cluster-api/test v1.4.2
 replace github.com/metal3-io/cluster-api-provider-metal3/api => ./../api
 
 require (
+	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1
 	github.com/BurntSushi/toml v1.0.0 // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
@@ -43,6 +44,7 @@ require (
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/coredns/caddy v1.1.1 // indirect
 	github.com/coredns/corefile-migration v1.0.20 // indirect
+	github.com/cyphar/filepath-securejoin v0.2.3 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/docker/distribution v2.8.2+incompatible // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
@@ -67,7 +69,7 @@ require (
 	github.com/google/go-github/v48 v48.2.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect
+	github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
 	github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect

diff --git a/test/go.sum b/test/go.sum
@@ -37,6 +37,8 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 h1:EKPd1INOIyr5hWOWhvpmQpY6tKjeG0hT1s3AMC/9fic=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/toml v1.0.0 h1:dtDWrepsVPfW9H/4y7dDgFc2MBUSeJhlaDtK13CxFlU=
@@ -106,6 +108,8 @@ github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfc
 github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI=
+github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -246,8 +250,8 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf
 github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE=
-github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
+github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
+github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 h1:SJ+NtwL6QaZ21U+IrK7d0gGgpjGGvd2kz+FzTHVzdqI=
 github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2/go.mod h1:Tv1PlzqC9t8wNnpPdctvtSUOPUUg4SHeE6vR1Ir2hmg=