From 4450fd40a4710d100de53196fd763a5148086481 Mon Sep 17 00:00:00 2001
From: 5225225 <5225225@mailbox.org>
Date: Mon, 10 Jan 2022 18:17:24 +0000
Subject: [PATCH] Add fuzzing harness, try to decode into various types (#468)

* WIP adding fuzzing

* Check for round trips (BinaryHeap isn't PartialEq)

* Expand globs

* Rename fuzzing target
---
 fuzz/.gitignore                |  3 ++
 fuzz/Cargo.lock                | 60 ++++++++++++++++++++++++++++++++++
 fuzz/Cargo.toml                | 25 ++++++++++++++
 fuzz/fuzz_targets/roundtrip.rs | 51 +++++++++++++++++++++++++++++
 4 files changed, 139 insertions(+)
 create mode 100644 fuzz/.gitignore
 create mode 100644 fuzz/Cargo.lock
 create mode 100644 fuzz/Cargo.toml
 create mode 100644 fuzz/fuzz_targets/roundtrip.rs

diff --git a/fuzz/.gitignore b/fuzz/.gitignore
new file mode 100644
index 0000000..a092511
--- /dev/null
+++ b/fuzz/.gitignore
@@ -0,0 +1,3 @@
+target
+corpus
+artifacts
diff --git a/fuzz/Cargo.lock b/fuzz/Cargo.lock
new file mode 100644
index 0000000..ce6fef6
--- /dev/null
+++ b/fuzz/Cargo.lock
@@ -0,0 +1,60 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+version = 3
+
+[[package]]
+name = "arbitrary"
+version = "1.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "510c76ecefdceada737ea728f4f9a84bd2e1ef29f1ba555e560940fe279954de"
+
+[[package]]
+name = "bincode"
+version = "2.0.0-beta.0"
+dependencies = [
+ "bincode_derive",
+]
+
+[[package]]
+name = "bincode-fuzz"
+version = "0.0.0"
+dependencies = [
+ "bincode",
+ "libfuzzer-sys",
+]
+
+[[package]]
+name = "bincode_derive"
+version = "2.0.0-beta.0"
+dependencies = [
+ "virtue",
+]
+
+[[package]]
+name = "cc"
+version = "1.0.72"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "22a9137b95ea06864e018375b72adfb7db6e6f68cfc8df5a04d00288050485ee"
+
+[[package]]
+name = "libfuzzer-sys"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "36a9a84a6e8b55dfefb04235e55edb2b9a2a18488fcae777a6bdaa6f06f1deb3"
+dependencies = [
+ "arbitrary",
+ "cc",
+ "once_cell",
+]
+
+[[package]]
+name = "once_cell"
+version = "1.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5"
+
+[[package]]
+name = "virtue"
+version = "0.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0e85ed1066abcc0ea331cce3ce83cccf30ae9900529ca46f353b22ca79b56b8"
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
new file mode 100644
index 0000000..ddf1d28
--- /dev/null
+++ b/fuzz/Cargo.toml
@@ -0,0 +1,25 @@
+[package]
+name = "bincode-fuzz"
+version = "0.0.0"
+authors = ["Automatically generated"]
+publish = false
+edition = "2018"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+libfuzzer-sys = "0.4"
+
+[dependencies.bincode]
+path = ".."
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "roundtrip"
+path = "fuzz_targets/roundtrip.rs"
+test = false
+doc = false
diff --git a/fuzz/fuzz_targets/roundtrip.rs b/fuzz/fuzz_targets/roundtrip.rs
new file mode 100644
index 0000000..b3c23bb
--- /dev/null
+++ b/fuzz/fuzz_targets/roundtrip.rs
@@ -0,0 +1,51 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+use std::collections::{BTreeMap, BTreeSet, HashMap, VecDeque};
+use std::ffi::CString;
+use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6};
+use std::num::{NonZeroI128, NonZeroI32, NonZeroU128, NonZeroU32};
+use std::path::PathBuf;
+use std::rc::Rc;
+use std::sync::Arc;
+use std::time::{Duration, SystemTime};
+
+#[derive(bincode::Decode, bincode::Encode, PartialEq, Debug)]
+enum AllTypes {
+    BTreeMap(BTreeMap<u8, u8>),
+    HashMap(HashMap<u8, u8>),
+    BTreeSet(BTreeSet<u8>),
+    VecDeque(VecDeque<u8>),
+    Vec(Vec<u8>),
+    String(String),
+    Box(Box<u8>),
+    BoxSlice(Box<[u8]>),
+    Rc(Rc<u8>),
+    Arc(Arc<u8>),
+    CString(CString),
+    SystemTime(SystemTime),
+    Duration(Duration),
+    PathBuf(PathBuf),
+    IpAddr(IpAddr),
+    Ipv4Addr(Ipv4Addr),
+    Ipv6Addr(Ipv6Addr),
+    SocketAddr(SocketAddr),
+    SocketAddrV4(SocketAddrV4),
+    SocketAddrV6(SocketAddrV6),
+    NonZeroU32(NonZeroU32),
+    NonZeroI32(NonZeroI32),
+    NonZeroU128(NonZeroU128),
+    NonZeroI128(NonZeroI128),
+    // Cow(Cow<'static, [u8]>), Blocked, see comment on decode
+}
+
+fuzz_target!(|data: &[u8]| {
+    let config = bincode::config::Configuration::standard().with_limit::<1024>();
+    let result: Result<(AllTypes, _), _> = bincode::decode_from_slice(data, config);
+
+    if let Ok((before, _)) = result {
+        let encoded = bincode::encode_to_vec(&before, config).expect("round trip");
+        let (after, _) = bincode::decode_from_slice(&encoded, config).unwrap();
+        assert_eq!(before, after);
+    }
+});