Add fuzzing against spec interpreter.

2018-02-16 01:57:40 +03:00 · 2018-02-16 01:57:40 +03:00 · 6c40a5b0b6
parent a2aa3ddb25
commit 6c40a5b0b6
2 changed files with 42 additions and 0 deletions
--- a/fuzz/Cargo.toml
+++ b/fuzz/Cargo.toml
@ -12,6 +12,7 @@ cargo-fuzz = true
 wasmi = { path = ".." }
 wabt = "0.2.0"
 wasmparser = "0.14.1"
+tempdir = "0.3.6"

 [dependencies.libfuzzer-sys]
 git = "https://github.com/rust-fuzz/libfuzzer-sys.git"
@ -31,3 +32,7 @@ path = "fuzz_targets/load_wabt.rs"
 [[bin]]
 name = "load_wasmparser"
 path = "fuzz_targets/load_wasmparser.rs"
+
+[[bin]]
+name = "load_spec"
+path = "fuzz_targets/load_spec.rs"
--- a/fuzz/fuzz_targets/load_spec.rs
+++ b/fuzz/fuzz_targets/load_spec.rs
@ -0,0 +1,37 @@
+#![no_main]
+#[macro_use]
+extern crate libfuzzer_sys;
+extern crate wabt;
+extern crate wasmi;
+extern crate tempdir;
+
+use std::fs::File;
+use std::io::Write;
+use std::process::Command;
+
+fuzz_target!(|data: &[u8]| {
+	let wasmi_result = wasmi::Module::from_buffer(data);
+
+	let temp_dir = tempdir::TempDir::new("spec").unwrap();
+
+	let mut seed_path = temp_dir.path().to_path_buf();
+	seed_path.push("test.wasm");
+
+	{
+		let mut seedfile =
+			File::create(&seed_path).expect("open temporary file for writing to store fuzzer input");
+		seedfile.write_all(data).expect(
+			"write fuzzer input to temporary file",
+		);
+		seedfile.flush().expect(
+			"flush fuzzer input to temporary file before starting wasm-opt",
+		);
+	}
+
+    let wasm_result = Command::new("wasm")
+        .arg(seed_path)
+        .status()
+        .expect("failed to execute `wasm`");
+
+	assert_eq!(wasmi_result.is_ok(), wasm_result.success());
+});