Added fuzzing targets for capm3.

metal3-io · Jul 21, 2023 · 765acd5 · 765acd5
1 parent 053874a
commit 765acd5
Show file tree

Hide file tree

Showing 4 changed files with 221 additions and 2 deletions.
diff --git a/test/fuzz/README.md b/test/fuzz/README.md
@@ -0,0 +1,51 @@
+# Fuzzing
+
+ Fuzzing or fuzz testing is an automated software testing technique that
+ involves providing invalid, unexpected, or random data as inputs to a
+ computer program. A fuzzing target is defined for running the tests.
+ These targets are defined in the test/fuzz directory and run using
+ the instructions given below:
+
+- Install the package from <https://github.com/mdempsky/go114-fuzz-build>
+  using go get command. This is the link for the fuzzing tool that uses
+  libfuzzer for its implementation purposes. I set it up and made a sample
+  function to run the fuzzing tests. In these steps following are the important steps
+
+   a.  Run below command to build the file for the function by giving its location.
+
+    ```bash
+    mkdir output
+    cd output
+    go114-fuzz-build -o FuzzTestImageValidate.a
+    -func FuzzTestImageValidate ../test/fuzz/
+    ```
+
+    b. Run below command to make C binary files for the same function.
+
+    ```
+    clang -o FuzzTestImageValidate FuzzTestImageValidate.a
+    -fsanitize=fuzzer
+    ```
+
+    c. Run the fuzzer as below
+
+    ```
+    /FuzzTestImageValidate
+    ```
+
+- Execution: Here is an example for execution of some test outputs:
+
+    ```bash
+    ./FuzzTestImageValidate
+    INFO: Running with entropic power schedule (0xFF, 100).
+    INFO: Seed: 376384327
+    INFO: 267805 Extra Counters
+    INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
+    INFO: A corpus is not provided, starting from an empty corpus
+    #2      INITED ft: 35 corp: 1/1b exec/s: 0 rss: 51Mb
+    ```
+
+    Here first line contains the byte array provided by libfuzzer to the
+    function we then typecast it to our struct of IPPool using JSON.
+    Unmarshal and then run the function. It keeps on running
+    until it finds a bug.
diff --git a/test/fuzz/metal3cluster_manager_test_fuzzer.go b/test/fuzz/metal3cluster_manager_test_fuzzer.go
@@ -0,0 +1,31 @@
+package fuzz_test
+
+import (
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+	infrav1 "github.com/metal3-io/cluster-api-provider-metal3/api/v1beta1"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+)
+
+type ImageValidate struct {
+	Image         infrav1.Image
+	ErrorExpected bool
+	Name          string
+}
+
+func FuzzTestImageValidate(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	tc := &ImageValidate{}
+	err := f.GenerateStruct(tc)
+	if err != nil {
+		return 0
+	}
+	errs := tc.Image.Validate(*field.NewPath("Spec", "Image"))
+	if tc.ErrorExpected && errs == nil {
+		return 0
+	}
+	if !tc.ErrorExpected && errs != nil {
+		return 0
+	}
+
+	return 1
+}
diff --git a/test/go.mod b/test/go.mod
@@ -27,6 +27,7 @@ replace sigs.k8s.io/cluster-api/test => sigs.k8s.io/cluster-api/test v1.4.2
 replace github.com/metal3-io/cluster-api-provider-metal3/api => ./../api
 
 require (
+	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 // indirect
 	github.com/BurntSushi/toml v1.0.0 // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
@@ -42,6 +43,7 @@ require (
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/coredns/caddy v1.1.1 // indirect
 	github.com/coredns/corefile-migration v1.0.20 // indirect
+	github.com/cyphar/filepath-securejoin v0.2.3 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/docker/distribution v2.8.2+incompatible // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
@@ -66,7 +68,7 @@ require (
 	github.com/google/go-github/v48 v48.2.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect
+	github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
 	github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
@@ -80,6 +82,7 @@ require (
 	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/metal3-io/baremetal-operator/pkg/hardwareutils v0.3.0 // indirect
+	github.com/metal3-io/cluster-api-provider-metal3 v1.4.1
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
@@ -106,7 +109,8 @@ require (
 	github.com/subosito/gotenv v1.4.2 // indirect
 	github.com/valyala/fastjson v1.6.4 // indirect
 	golang.org/x/crypto v0.10.0 // indirect
-	golang.org/x/mod v0.10.0 // indirect
+	golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 // indirect
+	golang.org/x/mod v0.11.0 // indirect
 	golang.org/x/net v0.11.0 // indirect
 	golang.org/x/oauth2 v0.6.0 // indirect
 	golang.org/x/sys v0.9.0 // indirect