Skip to content
Merged
Changes from 1 commit
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
5d40fc4
Avoid crashes in fuzz-tests due to input strings being too long.
jmarantz Oct 27, 2019
8f9ab93
Eliminate 64k limit on # of segments in a real symbol-table stat-name…
jmarantz Oct 28, 2019
beb4684
some cleanup
jmarantz Oct 28, 2019
d143365
Share helper methods for encoding/decoding symbols and sizes.
jmarantz Oct 29, 2019
5ef1a49
cleanup
jmarantz Oct 29, 2019
c425551
typo
jmarantz Oct 29, 2019
f680ccc
fix confusing about whether the encoding-length was the number of byt…
jmarantz Oct 29, 2019
9fee9f5
fix over-aggressive inequality for fake symbol tables
jmarantz Oct 29, 2019
184fbed
don't recompute the number of bytes consumed.
jmarantz Oct 29, 2019
6ac3dee
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Oct 29, 2019
9c62a9e
remove dynamo-stats test change which is not needed
jmarantz Oct 29, 2019
4482ca7
use totalSizeBytes to simplify some code.
jmarantz Oct 29, 2019
14220bb
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 1, 2019
4d345d0
add MemBlock abstraction to isolate risky memory operations.
jmarantz Nov 2, 2019
5b6f0db
reduce need to do byte access to the memory buffers.
jmarantz Nov 2, 2019
70ffe33
remove remainder of memcpy and pointer arithmetic outside MemBlock cl…
jmarantz Nov 2, 2019
9f1eae7
format
jmarantz Nov 2, 2019
cf33e18
some cleanup -- still needs more unit tests.
jmarantz Nov 2, 2019
14b8740
remove superfluous methods.
jmarantz Nov 2, 2019
eb6eb51
add unit test.
jmarantz Nov 2, 2019
6d4b8bc
improve class comment.
jmarantz Nov 2, 2019
cf71f0b
rename MemBlock to MemBlockBuilder.
jmarantz Nov 2, 2019
256a857
Rename MemBlock to MemBlockBuilder to better reflect intended usage m…
jmarantz Nov 2, 2019
cb17d28
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 2, 2019
7b3150e
format.
jmarantz Nov 2, 2019
c4ddd4a
improve comments and function naming.
jmarantz Nov 3, 2019
c728651
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 3, 2019
4824977
guard memcpy against 0-byte calls, which show up as asan failures.
jmarantz Nov 3, 2019
3c9b184
Merge branch 'stats-fuzzer-not-too-long' of github.com:jmarantz/envoy…
jmarantz Nov 14, 2019
5f4ea86
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 14, 2019
64c0af4
RELEASE_ASSERT rather than ASSERT, use non-constructing allocation.
jmarantz Nov 17, 2019
06e3fbc
add test to make sure we don't construct anything.
jmarantz Nov 18, 2019
b2131df
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 18, 2019
a281e28
update gold values
jmarantz Nov 18, 2019
cd98dd2
Go back to new-ing an array and clean up.
jmarantz Nov 19, 2019
cf7b451
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 19, 2019
8069e89
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 20, 2019
9ae8144
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Nov 22, 2019
922a860
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Dec 10, 2019
6dcc218
typo and gold values update.
jmarantz Dec 10, 2019
006b5c7
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Dec 14, 2019
aa70e5e
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Dec 15, 2019
9033ac6
post-merge cleanup
jmarantz Dec 15, 2019
d19d722
more cleanups
jmarantz Dec 15, 2019
ae1da1b
Cleanup lifetime issues in test infrastructure.
jmarantz Dec 15, 2019
bc9871e
update MemBlockBuilder interface change
jmarantz Dec 16, 2019
ae0b1dd
Merge branch 'master' into stats-fuzzer-not-too-long
jmarantz Dec 16, 2019
f4ef7c6
popuplate -> setCacacity
jmarantz Dec 16, 2019
3edfac7
add direct fuzzing of the encoder.
jmarantz Dec 18, 2019
4f5be6c
Share testing infrastructure between fuzz-tests and unit-tests.
jmarantz Dec 18, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 25 additions & 9 deletions test/common/stats/symbol_table_fuzz_test.cc
Original file line number Diff line number Diff line change
Expand Up @@ -5,26 +5,42 @@
#include "test/fuzz/fuzz_runner.h"
#include "test/fuzz/utility.h"

#include "absl/strings/match.h"
#include "absl/strings/string_view.h"

namespace Envoy {
namespace Stats {
namespace Fuzz {

// Adds a stat-name to the symbol table, discarding it if it ends in ".", and
// splitting it in two if it's too long (64k bytes).
//
// The actual requirement for StatName allows up to 64k "."-separated segments
// of 64k, but it's simpler to just limit the whole string. I don't think
// there's that much value in using strings larger than 64k.
void addSymbol(StatNamePool& pool, SymbolTable& symbol_table, absl::string_view str) {
while (absl::EndsWith(str, ".")) {
str.remove_suffix(1);
}

if (str.size() >= StatNameMaxSize) {
Comment thread
jmarantz marked this conversation as resolved.
Outdated
size_t halfway = str.size() / 2;
addSymbol(pool, symbol_table, str.substr(0, halfway));

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need to have this kind of smart logic; if you just cap the string at StatNameMaxSize, the fuzzer will be able to do what is implied in this logic if it is helpful to the exploration.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm changing the symbol-table impl to simply not have this limit, which should simplify fuzzing. It works I think but still not quite ready for review. Will ping again when ready.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is ready for review now.

addSymbol(pool, symbol_table, str.substr(halfway));
} else if (!str.empty()) {
StatName stat_name = pool.add(str);
FUZZ_ASSERT(str == symbol_table.toString(stat_name));
}
}

// Fuzzer for symbol tables.
DEFINE_FUZZER(const uint8_t* buf, size_t len) {
FuzzedDataProvider provider(buf, len);
SymbolTableImpl symbol_table;
StatNamePool pool(symbol_table);

while (provider.remaining_bytes() != 0) {
std::string next_data = provider.ConsumeRandomLengthString(provider.remaining_bytes());

// ending with a "." is not considered legal, so just skip.
if (!next_data.empty() && next_data[next_data.size() - 1] == '.') {
continue;
}

StatName stat_name = pool.add(next_data);
FUZZ_ASSERT(next_data == symbol_table.toString(stat_name));
addSymbol(pool, symbol_table, provider.ConsumeRandomLengthString(provider.remaining_bytes()));
Comment thread
jmarantz marked this conversation as resolved.
Outdated
}
}

Expand Down