mirrors/age
1
0
Fork 0
mirror of https://github.com/FiloSottile/age.git synced 2026-01-07 12:35:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

internal/format: update fuzzing target

Browse Source 
Fixes #96
This commit is contained in:
Filippo Valsorda
2020-03-25 02:15:30 -04:00
parent f28f85d87b
commit f0f8092d60
5 changed files with 79 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
internal/format/Dockerfile.go-fuzz Normal file
View File

@@ -0,0 +1,21 @@
# Copyright 2019 Google LLC
#
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file or at
# https://developers.google.com/open-source/licenses/bsd
# docker run --rm -v $PWD/workdir:/workdir $(docker build -q -f internal/format/Dockerfile.go-fuzz .)
FROM golang:1.14-alpine3.11
RUN apk add --no-cache git
RUN go get github.com/dvyukov/go-fuzz/...
ADD . $GOPATH/src/filippo.io/age/
WORKDIR $GOPATH/src/filippo.io/age
RUN go-fuzz-build ./internal/format
VOLUME /workdir
ENTRYPOINT ["go-fuzz", "-workdir", "/workdir", "-bin", "format-fuzz.zip"]

2
internal/format/armor.go
View File

@@ -148,7 +148,7 @@ func (r *armoredReader) Read(p []byte) (int, error) {
r.unread = r.buf[:]
n, err := base64.StdEncoding.Strict().Decode(r.unread, line)
if err != nil {
return 0, r.setErr(err)
return 0, r.setErr(errors.New("invalid armor: " + err.Error()))
}
r.unread = r.unread[:n]

39
internal/format/format_gofuzz.go
View File

@@ -1,3 +1,9 @@
// Copyright 2019 Google LLC
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file or at
// https://developers.google.com/open-source/licenses/bsd
// +build gofuzz
package format
@@ -6,10 +12,13 @@ import (
"bytes"
"fmt"
"io"
"os"
"strings"
"github.com/sergi/go-diff/diffmatchpatch"
)
func Fuzz(data []byte) int {
isArmored := bytes.HasPrefix(data, []byte("-----BEGIN AGE ENCRYPTED FILE-----"))
h, payload, err := Parse(bytes.NewReader(data))
if err != nil {
if h != nil {
@@ -21,14 +30,30 @@ func Fuzz(data []byte) int {
return 0
}
w := &bytes.Buffer{}
if err := h.Marshal(w); err != nil {
panic(err)
}
if _, err := io.Copy(w, payload); err != nil {
panic(err)
if isArmored {
w := ArmoredWriter(w)
if err := h.Marshal(w); err != nil {
panic(err)
}
if _, err := io.Copy(w, payload); err != nil {
if strings.Contains(err.Error(), "invalid armor") {
return 0
}
panic(err)
}
w.Close()
} else {
if err := h.Marshal(w); err != nil {
panic(err)
}
if _, err := io.Copy(w, payload); err != nil {
panic(err)
}
}
if !bytes.Equal(w.Bytes(), data) {
fmt.Fprintf(os.Stderr, "%s\n%q\n%q\n\n", w, data, w)
dmp := diffmatchpatch.New()
diffs := dmp.DiffMain(string(data), string(w.Bytes()), false)
fmt.Println(dmp.DiffToDelta(diffs))
panic("Marshal output different from input")
}
return 1