test: Add more functionality to the bootstrap harness.

Ideally this would be able to reach some of the events, so we can write
code to respond to those events, but so far only the friend request
event actually happens.

other/bootstrap_daemon/docker/tox-bootstrapd.sha256

@@ -1 +1 @@
-b3fb4157d7fc6cd3455f40020bb6b69e5bab4bbdb6ce66d5bc7095146ba5a49e  /usr/local/bin/tox-bootstrapd
+42f29a351f27d994d14bab0e6288fcb839220af9878ce37a49fbd120b07d16dc  /usr/local/bin/tox-bootstrapd

testing/fuzzing/BUILD.bazel

@@ -1,19 +1,18 @@
 load("@rules_cc//cc:defs.bzl", "cc_library")
 load("@rules_fuzzing//fuzzing:cc_defs.bzl", "cc_fuzz_test")
 
-cc_library(
-    name = "fuzz_adapter",
-    srcs = ["fuzz_adapter.c"],
-    hdrs = ["fuzz_adapter.h"],
-    visibility = ["//c-toxcore:__subpackages__"],
-)
+package(features = ["layering_check"])
 
 cc_library(
     name = "fuzz_support",
     srcs = ["fuzz_support.cc"],
     hdrs = ["fuzz_support.h"],
     visibility = ["//c-toxcore:__subpackages__"],
-    deps = ["//c-toxcore/toxcore:tox"],
+    deps = [
+        "//c-toxcore/toxcore:crypto_core",
+        "//c-toxcore/toxcore:network",
+        "//c-toxcore/toxcore:tox",
+    ],
 )
 
 cc_library(
@@ -31,6 +30,9 @@ cc_fuzz_test(
     deps = [
         ":fuzz_support",
         "//c-toxcore/toxcore:tox",
+        "//c-toxcore/toxcore:tox_dispatch",
+        "//c-toxcore/toxcore:tox_events",
+        "//c-toxcore/toxcore:util",
     ],
 )
 

testing/fuzzing/CMakeLists.txt

@@ -2,7 +2,7 @@
 target_compile_definitions(toxcore_static PUBLIC "FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION")
 
 # Override network and random functions
-add_library(fuzz_adapter fuzz_adapter.c fuzz_support.cc fuzz_support.h)
+add_library(fuzz_support fuzz_support.cc fuzz_support.h)
 
 set(LIBFUZZER_LINKER_FLAGS)
 if (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
@@ -13,14 +13,14 @@ endif()
 
 # Fuzzes the toxsave API
 add_executable(toxsave_fuzzer toxsave_harness.cc)
-target_link_libraries(toxsave_fuzzer toxcore_static fuzz_adapter ${LIBFUZZER_LINKER_FLAGS})
+target_link_libraries(toxsave_fuzzer toxcore_static fuzz_support ${LIBFUZZER_LINKER_FLAGS})
 
 # Fuzzes the bootstrap process
 add_executable(bootstrap_fuzzer bootstrap_harness.cc)
-target_link_libraries(bootstrap_fuzzer toxcore_static fuzz_adapter ${LIBFUZZER_LINKER_FLAGS})
+target_link_libraries(bootstrap_fuzzer toxcore_static fuzz_support ${LIBFUZZER_LINKER_FLAGS})
 
 add_executable(DHT_fuzz_test ../../toxcore/DHT_fuzz_test.cc)
-target_link_libraries(DHT_fuzz_test toxcore_static fuzz_adapter ${LIBFUZZER_LINKER_FLAGS})
+target_link_libraries(DHT_fuzz_test toxcore_static fuzz_support ${LIBFUZZER_LINKER_FLAGS})
 
 add_executable(tox_events_fuzz_test ../../toxcore/tox_events_fuzz_test.cc)
-target_link_libraries(tox_events_fuzz_test toxcore_static fuzz_adapter ${LIBFUZZER_LINKER_FLAGS})
+target_link_libraries(tox_events_fuzz_test toxcore_static fuzz_support ${LIBFUZZER_LINKER_FLAGS})

testing/fuzzing/bootstrap_harness.cc

@@ -3,23 +3,124 @@
 #include <memory>
 
 #include "../../toxcore/tox.h"
+#include "../../toxcore/tox_dispatch.h"
+#include "../../toxcore/tox_events.h"
 #include "../../toxcore/tox_private.h"
-#include "fuzz_adapter.h"
+#include "../../toxcore/tox_struct.h"
+#include "../../toxcore/util.h"
 #include "fuzz_support.h"
 
+namespace {
+
+void setup_callbacks(Tox_Dispatch *dispatch)
+{
+    tox_events_callback_conference_connected(
+        dispatch, [](Tox *tox, const Tox_Event_Conference_Connected *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_conference_connected(
+        dispatch, [](Tox *tox, const Tox_Event_Conference_Connected *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_conference_invite(
+        dispatch, [](Tox *tox, const Tox_Event_Conference_Invite *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_conference_message(
+        dispatch, [](Tox *tox, const Tox_Event_Conference_Message *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_conference_peer_list_changed(dispatch,
+        [](Tox *tox, const Tox_Event_Conference_Peer_List_Changed *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_conference_peer_name(
+        dispatch, [](Tox *tox, const Tox_Event_Conference_Peer_Name *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_conference_title(
+        dispatch, [](Tox *tox, const Tox_Event_Conference_Title *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_file_chunk_request(
+        dispatch, [](Tox *tox, const Tox_Event_File_Chunk_Request *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_file_recv(
+        dispatch, [](Tox *tox, const Tox_Event_File_Recv *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_file_recv_chunk(
+        dispatch, [](Tox *tox, const Tox_Event_File_Recv_Chunk *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_file_recv_control(
+        dispatch, [](Tox *tox, const Tox_Event_File_Recv_Control *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_connection_status(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Connection_Status *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_lossless_packet(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Lossless_Packet *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_lossy_packet(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Lossy_Packet *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_message(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Message *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_name(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Name *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_read_receipt(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Read_Receipt *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_request(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Request *event, void *user_data) {
+            Tox_Err_Friend_Add err;
+            tox_friend_add_norequest(tox, tox_event_friend_request_get_public_key(event), &err);
+            assert(err == TOX_ERR_FRIEND_ADD_OK || err == TOX_ERR_FRIEND_ADD_OWN_KEY
+                || err == TOX_ERR_FRIEND_ADD_ALREADY_SENT
+                || err == TOX_ERR_FRIEND_ADD_BAD_CHECKSUM);
+        });
+    tox_events_callback_friend_status(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Status *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_status_message(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Status_Message *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_friend_typing(
+        dispatch, [](Tox *tox, const Tox_Event_Friend_Typing *event, void *user_data) {
+            assert(event == nullptr);
+        });
+    tox_events_callback_self_connection_status(
+        dispatch, [](Tox *tox, const Tox_Event_Self_Connection_Status *event, void *user_data) {
+            assert(event == nullptr);
+        });
+}
+
+}
+
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 {
-    network_adapter_init(data, size);
+    Fuzz_Data input{data, size};
 
-    uint64_t clock = 0;
-    auto sys = fuzz_system(clock);
-    assert(sys->mono_time_callback != nullptr);
-    assert(sys->mono_time_user_data != nullptr);
+    Fuzz_System sys(input);
+    assert(sys.rng != nullptr);
 
     Tox_Options *opts = tox_options_new(nullptr);
     assert(opts != nullptr);
-    tox_options_set_operating_system(opts, sys.get());
+    tox_options_set_operating_system(opts, sys.sys.get());
 
     Tox_Err_New error_new;
     Tox *tox = tox_new(opts, &error_new);
@@ -34,19 +135,25 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     const bool success = tox_bootstrap(tox, "127.0.0.1", 12345, pub_key, nullptr);
     assert(success);
 
-    /*
-     * The iteration count here is a magic value in the literal sense, too small
-     * and coverage will be bad, too big and fuzzing will not be efficient.
-     * NOTE: This should be fine tuned after gathering some experience.
-     */
-
-    for (uint32_t i = 0; i < 50; ++i) {
-        tox_iterate(tox, nullptr);
-        // Move the clock forward a decent amount so all the time-based checks
-        // trigger more quickly.
-        clock += 200;
+    tox_events_init(tox);
+
+    Tox_Dispatch *dispatch = tox_dispatch_new(nullptr);
+    assert(dispatch != nullptr);
+    setup_callbacks(dispatch);
+
+    while (input.size > 0) {
+        Tox_Err_Events_Iterate error_iterate;
+        Tox_Events *events = tox_events_iterate(tox, true, &error_iterate);
+        assert(tox_events_equal(events, events));
+        tox_dispatch_invoke(dispatch, events, tox, nullptr);
+        tox_events_free(events);
+        // Move the clock forward a random amount so all the time-based checks
+        // trigger more quickly. Move by at least 20ms (iteration interval) so
+        // at least something happens.
+        sys.clock += max_u16(20, random_u08(sys.rng.get()));
     }
 
+    tox_dispatch_free(dispatch);
     tox_kill(tox);
     return 0;  // Non-zero return values are reserved for future use.
 }