-
Notifications
You must be signed in to change notification settings - Fork 42
/
fuzz_test.go
147 lines (145 loc) · 6.09 KB
/
fuzz_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
package fit
import (
"bytes"
"fmt"
rdebug "runtime/debug"
"testing"
)
func TestFuzzCrasherInputs(t *testing.T) {
// Previous go-fuzz crasher inputs. Verify that they stay fixed by
// decoding them.
inputs := [...]struct{ desc, p string }{
{
"GpsMetaData is a known message number but there was no GpsMetaData message definition",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\x04A0\x00\xa0\x00\x02" +
"0\x02\x840\x02\x84\x01",
},
{
"Field definition had different base type from the one listed in the profile",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\x04C0\x00\x14\x00\x12" +
"0\x04\x86\r\x04\x880\x04\x850\x04\x860\x04\x860\x04\x860\x02" +
"\x840\x02\x840\x02\x840\x02\x840\x02\x840\x02\x840\x01\x020" +
"\x01\x020\x01\x020\x01\x010\x01\xea0\x01\x02\x0300000" +
"000",
},
{
"Did not check for unknown message number during definition message validation. Caused index out of range on profile lookup",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\x01C0\x000\x00\x12" +
"00\x8600\x8500\x8500\x8600\x8600\x00\xff0" +
"\x040000000000000000000" +
"00000000000000",
},
{
"// Lookup in profile table for fieldNumInvalid (255) caused index out of range",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@\x00\x00\x00\x00\x00" +
"\x00@\x00\x00\x00\x00\x04\x8c\x04\x00\xff\x01\x02\x84\x02\x02\x84\x05\x02\x84" +
"\x00\x01\f\x00\xcf\xd9b\xef\x99\x0f\xff438512483" +
"556860\x00\x06\x03\x04\x01\x00",
},
{
"Padding in parseDataFields was not reset on each iteration. No moved inside loop and not possible",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x00\x01\x00\x000\x02\xa300@00\x8400\x0000" +
"00000",
},
{
"Field definition size was less than field definition base type size",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x00\x00\x01\x02\x8900\x8400@00\x8400\x0000" +
"00",
},
{
"Field definition type was sint32 and profile was uint32. Only allow compatible types that will not panic when setting using reflection",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"\x03\x04\x8500\x8600\x8400\x8400\x8400\x0000" +
"000",
},
{
"Field definition type in profile was string, but field definition type was enum. Both are unsigned, but not compatible",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\b\x01\x0000" +
"00000000000000",
},
{
"Definition message field was string, but profile was not. Not compatible types",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\x04A0\x001\x00\x02" +
"\x00\x02\a00\x00\x010\x00",
},
{
"Array profile field, but definition base type size was greater than profile base type size",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\x04A0\x00\x01\x00\x02" +
"\x00\x02\x8400\x02\x0100",
},
{
"Require exact correct base type if profile array field",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\x04B0\x00\xb2\x00\a" +
"0\x04\x860\x04\x8c0\x02\x840\x02\x840\x02\x840\x01\x02\x01\x01" +
"\x02\x020000000000000000",
},
{
"Allow only compatible types if definition base type size is less the profile base type size",
"\x0e\x10W\x04\xdf\xdb\x01\x00.FIT\xc4\x1e@0\x00\x00\x00\x06" +
"0\x04\x8c0\x04\x860\x02\x840\x02\x840\x02\x84\x00\x01\x0000" +
"0000000000000\tA0\x003\x00\x02" +
"0\x02\x84\x01\x01\x01\xb8000",
},
{
"We should not do any padding when the profile field is an array",
"\f\x10000000.FIT@0\x01\x00\x00\x050\x04" +
"\x8c0\x04\x860\x02\x840\x02\x84\x00\x01\x000000000" +
"000000\x02@0\x01\x00\x13\x14\xfd\x04\x86;\f\x86\x03" +
"\x04\x85\x04\x04\x85\x05\x04\x85\x06\x04\x85\a\x03\x04\x850\x04\x850\x04" +
"\x860\x04\x860\x04\x860\x02\x840\x02\x840\x02\x840\x02\x840" +
"\x02\x840\x02\x840\x02\x840\x02\x840\x020000000" +
"0000000000",
},
{
"Indexing into scratch buffer not handled correctly for some array fields",
"\f\x10000000.FIT@0\x01\x00\x00\x050\x04" +
"\x8c0\x04\x860\x02\x840\x02\x840\x01\x00\x00\x86\x03\x04\x86\x00\x01" +
"\x00\x01\x01\x00\x04\x01\x02C\x00\x01\x00\x13\x14\xfd\x04\x86\x02\x04\x86\x03" +
"\x04\x85\x04\x04\x85\x05\x04\x85\x06\x04\x85\a\x04\x86\b\x04\x86\t\x04\x86" +
"\xfe\x02\x84K\x04\x84L\x02\x84\r\x02\x84\x0e\x02\x84\x15\x02\x84\x16\x02" +
"\x84\x00\x01\x00\x01\x01\x00\x18\x01\x00\x19\x01\x00\x03)\xe6\a\xa3)\xe6" +
"\a\x12\x1d\x85a.\xcb\xfb\xb4\x97\x1d\x85a\x00\x00\x12\xcb\xfb\xb2W" +
"\x00\x005\xb5\x00\x005\xb5\x00\x00\x02=\x00\x00\x00\x00",
},
{
"Appending to a slice using reflection was not done correctly for some fields. Led to refactor of array handling in general",
"\f\x10000000.FIT@0\x01\x00\x00\x050\x04" +
"\x8c0\x04\x860\x02\x840\x02\x84\x00\x01\x000000000" +
"000000\n@0\x01\x00\xb2\x01\n\x02\x84000",
},
{
"Floats and signed integers of equal size are not compatible base types. Reflection panic",
"\f\x10000000.FIT@0\x01\x00\x00\x050\x04" +
"\x8c0\x04\x860\x02\x840\x02\x84\x00\x01\x000000000" +
"000000\x02B0\x01\x00\x14\x06\xfd\x04\x86\v\x04\x88\x01" +
"\x04\x85\x05\x04\x86\x02\x02\x84\x06\x02\x84\xcb00000000",
},
}
for i, input := range inputs {
t.Run(fmt.Sprintf("%d", i), func(t *testing.T) {
defer func() {
if r := recover(); r != nil {
t.Errorf("panic for fuzz input %d", i)
t.Logf("description: %s", input.desc)
t.Logf("stack: %s", rdebug.Stack())
}
}()
_, _ = Decode(bytes.NewReader([]byte(input.p)))
})
}
}