Impl hfuzz
This commit is contained in:
Sergey Pepyakin
parent
fa7564692e
commit
7b4bc1c9e8
|
|
@ -6,4 +6,5 @@ authors = ["Sergey Pepyakin <s.pepyakin@gmail.com>"]
|
||||||
[dependencies]
|
[dependencies]
|
||||||
honggfuzz = "0.5"
|
honggfuzz = "0.5"
|
||||||
wasmi = { path = ".." }
|
wasmi = { path = ".." }
|
||||||
|
tempdir = "0.3.6"
|
||||||
|
wabt = "0.2.0"
|
||||||
|
|
|
||||||
|
|
@ -1,7 +0,0 @@
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
#[test]
|
|
||||||
fn it_works() {
|
|
||||||
assert_eq!(2 + 2, 4);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,21 +1,56 @@
|
||||||
#[macro_use] extern crate honggfuzz;
|
#[macro_use] extern crate honggfuzz;
|
||||||
|
|
||||||
fn main() {
|
extern crate wabt;
|
||||||
// Here you can parse `std::env::args and
|
extern crate wasmi;
|
||||||
// setup / initialize your project
|
extern crate tempdir;
|
||||||
|
|
||||||
// You have full control over the loop but
|
use std::fs::File;
|
||||||
// you're supposed to call `fuzz` ad vitam aeternam
|
use std::io::Write;
|
||||||
loop {
|
use std::process::{Command, Stdio};
|
||||||
// The fuzz macro gives an arbitrary object (see `arbitrary crate`)
|
|
||||||
// to a closure-like block of code.
|
fn run_spec(data: &[u8]) -> Result<(), ()> {
|
||||||
// For performance reasons, it is recommended that you use the native type
|
let temp_dir = tempdir::TempDir::new("spec").unwrap();
|
||||||
// `&[u8]` when possible.
|
let mut seed_path = temp_dir.path().to_path_buf();
|
||||||
// Here, this slice will contain a "random" quantity of "random" data.
|
seed_path.push("test.wasm");
|
||||||
fuzz!(|data: &[u8]| {
|
|
||||||
});
|
{
|
||||||
|
let mut seedfile =
|
||||||
|
File::create(&seed_path).expect("open temporary file for writing to store fuzzer input");
|
||||||
|
seedfile.write_all(data).expect(
|
||||||
|
"write fuzzer input to temporary file",
|
||||||
|
);
|
||||||
|
seedfile.flush().expect(
|
||||||
|
"flush fuzzer input to temporary file before starting wasm-opt",
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let exit_status = Command::new("wasm")
|
||||||
|
.arg("-d")
|
||||||
|
.arg(&seed_path)
|
||||||
|
.stdout(Stdio::null())
|
||||||
|
.stderr(Stdio::null())
|
||||||
|
.status()
|
||||||
|
.expect("failed to execute `wasm`");
|
||||||
|
|
||||||
|
if exit_status.success() {
|
||||||
|
Ok(())
|
||||||
|
} else {
|
||||||
|
Err(())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn run_wasmi(data: &[u8]) -> Result<(), ()> {
|
||||||
|
let _ = wasmi::Module::from_buffer(data).map_err(|_| ())?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
fn main() {
|
||||||
|
loop {
|
||||||
|
fuzz!(|data: &[u8]| {
|
||||||
|
let wasmi_result = run_wasmi(data);
|
||||||
|
let wasm_result = run_spec(data);
|
||||||
|
|
||||||
|
assert_eq!(wasmi_result.is_ok(), wasm_result.is_ok());
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
export HFUZZ_RUN_ARGS="--max_file_size 2048"
|
||||||
|
|
||||||
|
rustup run nightly cargo hfuzz run hfuzz
|
||||||
Loading…
Reference in New Issue