From 4c0a3249807a63d42a42e0fe087d995ded8f6272 Mon Sep 17 00:00:00 2001 From: hulkoba Date: Wed, 13 Dec 2023 14:40:38 +0100 Subject: [PATCH] test(fuzz): turn everything into esm since coverage does not work as expected at all, we can use esm. So if jazzer at some point, add esm support for esm, we can easily add it --- package.json | 2 +- test/fuzz/createCleartextMessage.cjs | 15 --------------- test/fuzz/createCleartextMessage.js | 15 +++++++++++++++ test/fuzz/createMessageBinary.cjs | 9 --------- test/fuzz/createMessageBinary.js | 9 +++++++++ test/fuzz/createMessageText.cjs | 13 ------------- test/fuzz/createMessageText.js | 13 +++++++++++++ test/fuzz/generateKey.cjs | 25 ------------------------- test/fuzz/generateKey.js | 26 ++++++++++++++++++++++++++ test/fuzz/readKeyArmored.cjs | 27 --------------------------- test/fuzz/readKeyArmored.js | 28 ++++++++++++++++++++++++++++ test/fuzz/readKeyBinary.cjs | 22 ---------------------- test/fuzz/readKeyBinary.js | 22 ++++++++++++++++++++++ test/fuzz/readMessageBinary.cjs | 22 ---------------------- test/fuzz/readMessageBinary.js | 22 ++++++++++++++++++++++ test/fuzz/readMessageText.cjs | 27 --------------------------- test/fuzz/readMessageText.js | 27 +++++++++++++++++++++++++++ test/fuzz/readme.md | 15 ++++----------- 18 files changed, 167 insertions(+), 172 deletions(-) delete mode 100644 test/fuzz/createCleartextMessage.cjs create mode 100644 test/fuzz/createCleartextMessage.js delete mode 100644 test/fuzz/createMessageBinary.cjs create mode 100644 test/fuzz/createMessageBinary.js delete mode 100644 test/fuzz/createMessageText.cjs create mode 100644 test/fuzz/createMessageText.js delete mode 100644 test/fuzz/generateKey.cjs create mode 100644 test/fuzz/generateKey.js delete mode 100644 test/fuzz/readKeyArmored.cjs create mode 100644 test/fuzz/readKeyArmored.js delete mode 100644 test/fuzz/readKeyBinary.cjs create mode 100644 test/fuzz/readKeyBinary.js delete mode 100644 test/fuzz/readMessageBinary.cjs create mode 100644 test/fuzz/readMessageBinary.js delete mode 100644 test/fuzz/readMessageText.cjs create mode 100644 test/fuzz/readMessageText.js diff --git a/package.json b/package.json index 64e6cb4c7..e0fdf3e20 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "prepare": "npm run build", "test": "mocha --timeout 120000 test/unittests.js", "test-type-definitions": "node --loader ts-node/esm test/typescript/definitions.ts", - "fuzz": "jazzer test/fuzz/$TARGET.cjs -- -artifact_prefix=test/fuzz/reports/", + "fuzz": "jazzer test/fuzz/$TARGET -- -artifact_prefix=test/fuzz/reports/", "benchmark-time": "node test/benchmarks/time.js", "benchmark-memory-usage": "node test/benchmarks/memory_usage.js", "start": "http-server", diff --git a/test/fuzz/createCleartextMessage.cjs b/test/fuzz/createCleartextMessage.cjs deleted file mode 100644 index c2941db28..000000000 --- a/test/fuzz/createCleartextMessage.cjs +++ /dev/null @@ -1,15 +0,0 @@ -const { FuzzedDataProvider } = require('@jazzer.js/core'); - -const MAX_MESSAGE_LENGTH = 9000; -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const data = new FuzzedDataProvider(inputData); - const text = data.bufToPrintableString(inputData, 2, MAX_MESSAGE_LENGTH, 'utf-8'); - return openpgp.default.createCleartextMessage({ text }); - }); - -}; - diff --git a/test/fuzz/createCleartextMessage.js b/test/fuzz/createCleartextMessage.js new file mode 100644 index 000000000..356a5e721 --- /dev/null +++ b/test/fuzz/createCleartextMessage.js @@ -0,0 +1,15 @@ +import { FuzzedDataProvider } from '@jazzer.js/core'; + +import openpgp from '../initOpenpgp.js'; + +const MAX_MESSAGE_LENGTH = 9000; + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + const data = new FuzzedDataProvider(inputData); + const text = data.bufToPrintableString(inputData, 2, MAX_MESSAGE_LENGTH, 'utf-8'); + return openpgp.createCleartextMessage({ text }); +} + diff --git a/test/fuzz/createMessageBinary.cjs b/test/fuzz/createMessageBinary.cjs deleted file mode 100644 index 7774a0571..000000000 --- a/test/fuzz/createMessageBinary.cjs +++ /dev/null @@ -1,9 +0,0 @@ -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - return openpgp.default.createMessage({ binary: new Uint8Array(inputData) }); - }); -}; - diff --git a/test/fuzz/createMessageBinary.js b/test/fuzz/createMessageBinary.js new file mode 100644 index 000000000..ef35f2c4c --- /dev/null +++ b/test/fuzz/createMessageBinary.js @@ -0,0 +1,9 @@ +import openpgp from '../initOpenpgp.js'; + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + return openpgp.createMessage({ binary: new Uint8Array(inputData) }); +} + diff --git a/test/fuzz/createMessageText.cjs b/test/fuzz/createMessageText.cjs deleted file mode 100644 index 77d624467..000000000 --- a/test/fuzz/createMessageText.cjs +++ /dev/null @@ -1,13 +0,0 @@ -const { FuzzedDataProvider } = require('@jazzer.js/core'); - -const MAX_MESSAGE_LENGTH = 9000; - -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const data = new FuzzedDataProvider(inputData); - return openpgp.default.createMessage({ text: data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8') }); - }); -}; diff --git a/test/fuzz/createMessageText.js b/test/fuzz/createMessageText.js new file mode 100644 index 000000000..37c0077e5 --- /dev/null +++ b/test/fuzz/createMessageText.js @@ -0,0 +1,13 @@ +import { FuzzedDataProvider } from '@jazzer.js/core'; + +import openpgp from '../initOpenpgp.js'; + +const MAX_MESSAGE_LENGTH = 9000; + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + const data = new FuzzedDataProvider(inputData); + return openpgp.createMessage({ text: data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8') }); +} diff --git a/test/fuzz/generateKey.cjs b/test/fuzz/generateKey.cjs deleted file mode 100644 index 4dd9660fa..000000000 --- a/test/fuzz/generateKey.cjs +++ /dev/null @@ -1,25 +0,0 @@ -const { FuzzedDataProvider } = require('@jazzer.js/core'); - -const MAX_NAME_LENGTH = 30; -const MAX_COMMENT_LENGTH = 500; - -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const data = new FuzzedDataProvider(inputData); - const asciiString = data.consumeString(MAX_COMMENT_LENGTH); - const utf8String = data.consumeString(MAX_NAME_LENGTH, 'utf-8'); - - return openpgp.default.generateKey({ userIDs: [ - { name: utf8String }, - { email: utf8String }, - { comment: asciiString }, - { name: utf8String, email: utf8String, comment: asciiString } - ], - passphrase: asciiString, - format: 'object' }); - }); -}; - diff --git a/test/fuzz/generateKey.js b/test/fuzz/generateKey.js new file mode 100644 index 000000000..b9887a7cb --- /dev/null +++ b/test/fuzz/generateKey.js @@ -0,0 +1,26 @@ +import { FuzzedDataProvider } from '@jazzer.js/core'; + +import openpgp from '../initOpenpgp.js'; + +const MAX_NAME_LENGTH = 30; +const MAX_COMMENT_LENGTH = 500; + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + + const data = new FuzzedDataProvider(inputData); + const asciiString = data.consumeString(MAX_COMMENT_LENGTH); + const utf8String = data.consumeString(MAX_NAME_LENGTH, 'utf-8'); + + return openpgp.generateKey({ userIDs: [ + { name: utf8String }, + { email: utf8String }, + { comment: asciiString }, + { name: utf8String, email: utf8String, comment: asciiString } + ], + passphrase: asciiString, + format: 'object' }); +} + diff --git a/test/fuzz/readKeyArmored.cjs b/test/fuzz/readKeyArmored.cjs deleted file mode 100644 index 51b40388c..000000000 --- a/test/fuzz/readKeyArmored.cjs +++ /dev/null @@ -1,27 +0,0 @@ -const { FuzzedDataProvider } = require('@jazzer.js/core'); - -const ignored = ['Misformed armored text']; -const MAX_MESSAGE_LENGTH = 9000; - -function ignoredError(error) { - return ignored.some(message => error.message.includes(message)); -} - -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const data = new FuzzedDataProvider(inputData); - const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8'); - const armoredKey = `-----BEGIN PGP PRIVATE KEY BLOCK----- ${fuzzedText} -----END PGP PRIVATE KEY BLOCK-----`; - - return openpgp.default.readKey({ armoredKey }) - .catch(error => { - if (error.message && !ignoredError(error)) { - throw error; - } - }); - }); -}; - diff --git a/test/fuzz/readKeyArmored.js b/test/fuzz/readKeyArmored.js new file mode 100644 index 000000000..c20746d9a --- /dev/null +++ b/test/fuzz/readKeyArmored.js @@ -0,0 +1,28 @@ +import { FuzzedDataProvider } from '@jazzer.js/core'; + +import openpgp from '../initOpenpgp.js'; + +const ignored = ['Misformed armored text']; +const MAX_MESSAGE_LENGTH = 9000; + +function ignoredError(error) { + return ignored.some(message => error.message.includes(message)); +} + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + + const data = new FuzzedDataProvider(inputData); + const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8'); + const armoredKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----\n ${fuzzedText} -----END PGP PRIVATE KEY BLOCK-----`; + + return openpgp.readKey({ armoredKey }) + .catch(error => { + if (error.message && !ignoredError(error)) { + throw error; + } + }); +} + diff --git a/test/fuzz/readKeyBinary.cjs b/test/fuzz/readKeyBinary.cjs deleted file mode 100644 index bd4102b5f..000000000 --- a/test/fuzz/readKeyBinary.cjs +++ /dev/null @@ -1,22 +0,0 @@ -const ignored = ['This message / key probably does not conform to a valid OpenPGP format']; - -function ignoredError(error) { - return ignored.some(message => error.message.includes(message)); -} - -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const binaryKey = new Uint8Array(`-----BEGIN PGP PRIVATE KEY BLOCK----- ${inputData} -----END PGP PRIVATE KEY BLOCK-----`); - - return openpgp.default.readKey({ binaryKey }) - .catch(error => { - if (error.message && !ignoredError(error)) { - throw error; - } - }); - }); -}; - diff --git a/test/fuzz/readKeyBinary.js b/test/fuzz/readKeyBinary.js new file mode 100644 index 000000000..c837e47a3 --- /dev/null +++ b/test/fuzz/readKeyBinary.js @@ -0,0 +1,22 @@ +import openpgp from '../initOpenpgp.js'; + +const ignored = ['This message / key probably does not conform to a valid OpenPGP format']; + +function ignoredError(error) { + return ignored.some(message => error.message.includes(message)); +} + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + const binaryKey = new Uint8Array(`-----BEGIN PGP PRIVATE KEY BLOCK-----\n ${inputData.toString('base64')} -----END PGP PRIVATE KEY BLOCK-----`); + + return openpgp.readKey({ binaryKey }) + .catch(error => { + if (error.message && !ignoredError(error)) { + throw error; + } + }); +} + diff --git a/test/fuzz/readMessageBinary.cjs b/test/fuzz/readMessageBinary.cjs deleted file mode 100644 index 38cd97ed6..000000000 --- a/test/fuzz/readMessageBinary.cjs +++ /dev/null @@ -1,22 +0,0 @@ -const ignored = ['This message / key probably does not conform to a valid OpenPGP format']; - -function ignoredError(error) { - return ignored.some(message => error.message.includes(message)); -} - -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const binaryMessage = new Uint8Array(`-----BEGIN PGP MESSAGE----- ${inputData} -----END PGP MESSAGE-----`); - - return openpgp.default.readMessage({ binaryMessage }) - .catch(error => { - if (error.message && !ignoredError(error)) { - throw error; - } - }); - }); -}; - diff --git a/test/fuzz/readMessageBinary.js b/test/fuzz/readMessageBinary.js new file mode 100644 index 000000000..f171b1eca --- /dev/null +++ b/test/fuzz/readMessageBinary.js @@ -0,0 +1,22 @@ +import openpgp from '../initOpenpgp.js'; + +const ignored = ['This message / key probably does not conform to a valid OpenPGP format']; + +function ignoredError(error) { + return ignored.some(message => error.message.includes(message)); +} + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + const binaryMessage = new Uint8Array(`-----BEGIN PGP MESSAGE-----\n ${inputData.toString('base64')} -----END PGP MESSAGE-----`); + + return openpgp.readMessage({ binaryMessage }) + .catch(error => { + if (error.message && !ignoredError(error)) { + throw error; + } + }); +} + diff --git a/test/fuzz/readMessageText.cjs b/test/fuzz/readMessageText.cjs deleted file mode 100644 index 072832b17..000000000 --- a/test/fuzz/readMessageText.cjs +++ /dev/null @@ -1,27 +0,0 @@ -const { FuzzedDataProvider } = require('@jazzer.js/core'); - -const ignored = ['Misformed armored text']; -const MAX_MESSAGE_LENGTH = 9000; - -function ignoredError(error) { - return ignored.some(message => error.message.includes(message)); -} - -/** - * @param { Buffer } inputData - */ -module.exports.fuzz = function(inputData) { - import('../initOpenpgp.js').then(openpgp => { - const data = new FuzzedDataProvider(inputData); - const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8'); - const armoredMessage = `-----BEGIN PGP MESSAGE----- ${fuzzedText} -----END PGP MESSAGE-----`; - - return openpgp.default.readMessage({ armoredMessage }) - .catch(error => { - if (error.message && !ignoredError(error)) { - throw error; - } - }); - }); -}; - diff --git a/test/fuzz/readMessageText.js b/test/fuzz/readMessageText.js new file mode 100644 index 000000000..48a52a1df --- /dev/null +++ b/test/fuzz/readMessageText.js @@ -0,0 +1,27 @@ +import { FuzzedDataProvider } from '@jazzer.js/core'; + +import openpgp from '../initOpenpgp.js'; + +const ignored = ['Misformed armored text']; +const MAX_MESSAGE_LENGTH = 9000; + +function ignoredError(error) { + return ignored.some(message => error.message.includes(message)); +} + +/** + * @param { Buffer } inputData + */ +export function fuzz (inputData) { + const data = new FuzzedDataProvider(inputData); + const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8'); + const armoredMessage = `-----BEGIN PGP MESSAGE-----\n ${fuzzedText} -----END PGP MESSAGE-----`; + + return openpgp.readMessage({ armoredMessage }) + .catch(error => { + if (error.message && !ignoredError(error)) { + throw error; + } + }); +} + diff --git a/test/fuzz/readme.md b/test/fuzz/readme.md index 5c77221c6..3c650c41c 100644 --- a/test/fuzz/readme.md +++ b/test/fuzz/readme.md @@ -11,14 +11,7 @@ To generate and run fuzz tests, we use the [Jazzer.js](https://github.com/CodeIn This directory contains fuzz targets like for example `createMessageBinary`. -You can run this fuzz target without options: -```sh -npx jazzer test/fuzz/createMessageBinary.cjs -``` -(You will notice the `.cjs` file ending. This is because jazzer does not support esm, yet) - -or with the given settings at your package.json: - +You can run this fuzz target: ```sh TARGET=createMessageBinary npm run fuzz ``` @@ -50,12 +43,12 @@ See further details in [Fuzzing using fuzz targets and the CLI](https://github.c ### Run limitations -You can pass the `-max_total_time` flag to the internal fuzzing engine to stop the fuzzing run after 10 seconds. +You can edit the npm command and pass the `-max_total_time` flag to the internal fuzzing engine to stop the fuzzing run after 10 seconds. ```sh -npx jazzer test/fuzz/createMessageBinary.cjs -- -max_total_time=10 +jazzer test/fuzz/$TARGET -- -max_total_time=10 ``` Or you can limit the number of runs: ```sh -npx jazzer test/fuzz/createMessageBinary.cjs -- -runs=4000000 +jazzer test/fuzz/$TARGET -- -runs=4000000 ``` \ No newline at end of file