Skip to content

test(tools): extend decoder panic-safety guard to multi-param host decoders#69

Merged
xunholy merged 1 commit into
mainfrom
fix/multiparam-decoder-panic-guard
Jun 20, 2026
Merged

test(tools): extend decoder panic-safety guard to multi-param host decoders#69
xunholy merged 1 commit into
mainfrom
fix/multiparam-decoder-panic-guard

Conversation

@xunholy

@xunholy xunholy commented Jun 20, 2026

Copy link
Copy Markdown
Owner

What

The hex/text panic-safety guards in decoder_fuzz_safety_test.go only sweep decoders with exactly one required param (isPureHexDecoder / pureTextDecoderParam both gate on len(Required)==1). That leaves the multi-param host family — 15 tools today — with no panic guard at all, even though each parses structured hex/string/integer fields an operator may paste truncated or malformed:

  • encoders: rfid_pacs_encode, ioprox_encode, dcf77_synth, noralsy_encode, viking_encode, jablotron_encode, presco_encode, subghz_weather_synth, subghz_pocsag_synth, ir_raw_encode, t5577_config_encode
  • KDFs: wpa_pmk_derive, hmac_compute, postgres_password, eth_keystore_decrypt
  • hashcat-line formatters: wifi_eapol_hc22000, wifi_pmkid_hc22000
  • identify: nfc_iso14443a_identify

Change

Adds TestMultiParamDecoders_MalformedInputNeverPanics, completing the guard's stated mission. It sweeps each required param across a type-aware degenerate battery (numeric params → boundary/overflow values; everything else → truncated-hex / empty / stray-separator strings that historically tripped length-field parsers) while the other params hold a fixed degenerate anchor, plus an all-params-degenerate pass. A tested >= 10 sanity floor guards against the filter silently going inert.

All 15 currently pass — this is a regression lock, no production code change.

Also fixes a stale §1.1 coverage-matrix row in gap-analysis.md: HID Prox / EM4xxx PACS decode was listed as a NEW gap when rfid_pacs_decode (+ inverse rfid_pacs_encode) shipped long ago. The §3 backlog already marks it shipped; the matrix row lagged.

Verification

  • gofmt clean, go vet ./... clean
  • golangci-lint run ./...0 issues
  • go test -race ./internal/tools/ok (161s); new guard sweeps 15 multi-param host decoders, all pass

…coders

The hex and text panic-safety guards in decoder_fuzz_safety_test.go only
sweep decoders with exactly one required param (isPureHexDecoder /
pureTextDecoderParam both gate on len(Required)==1). That leaves the
multi-param host family — 15 tools today: the encoders (rfid_pacs_encode,
ioprox_encode, dcf77_synth, noralsy/viking/jablotron/presco_encode), the
KDFs (wpa_pmk_derive, hmac_compute, postgres_password, eth_keystore_decrypt)
and the wifi_*_hc22000 hashcat-line formatters — with no panic guard at
all, even though each parses structured hex / string / integer fields an
operator may paste truncated or malformed.

Add TestMultiParamDecoders_MalformedInputNeverPanics, completing the
guard's stated mission (a new multi-field tool added without bounds-checking
a short hex field or an out-of-range count would pass its own happy-path
tests but trip here). It sweeps each required param across a type-aware
degenerate battery — numeric params get boundary/overflow values, the rest
get the truncated-hex / empty / stray-separator strings that historically
tripped length-field parsers — while the other params hold a fixed
degenerate anchor, plus an all-params-degenerate pass. A sanity floor (10+)
guards against the filter silently going inert.

All 15 currently pass; this locks that in. No production code change.

Also fix a stale §1.1 coverage-matrix row in gap-analysis.md: HID Prox /
EM4xxx PACS decode was listed as a NEW gap when rfid_pacs_decode (and the
inverse rfid_pacs_encode) shipped long ago — the §3 backlog already marks
it shipped; the matrix row lagged.
@xunholy xunholy merged commit ccc4ce9 into main Jun 20, 2026
10 of 11 checks passed
@xunholy xunholy deleted the fix/multiparam-decoder-panic-guard branch June 20, 2026 01:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant