Added a fuzzer #575
Added a fuzzer #575
Conversation
Signed-off-by: AdamKorcz <adam@adalogics.com>
|
This issue has been automatically marked as stale because it hasn't seen a recent update. It'll be automatically closed in a few days. |
@AdamKorcz are you still working on this? |
I will still be happy to see this integrated. |
I was going through the article https://adalogics.com/blog/fuzzing-istio-cve-CVE-2022-23635 cc @elithrar would love to hear your thoughts as well. |
Thank you for reading our blog post. I also believe Gorilla Mux will benefit from this. |
|
This seems fine, although the scope of the fuzzing seems constrained to the route matching regexp. |
You are correct. We can add more fuzzers anytime. This first fuzzer is a starter to get continuous fuzzing of Mux set up. |
|
Hey @AdamKorcz 👋 - just a quick follow-up - are you still working on it? |
|
@coreydaley Why was this closed? |
|
I'm not sure that it is something that we are interested in implementing at this time. Can you give a more detailed explanation of how introducing fuzzing for this particular function would benefit the project? |
This PR adds a fuzzer for the Regexp functionality. It does not modify any core functionality.
The fuzzer can be run locally, and I will be happy to setup continuous fuzzing as well through oss-fuzz. This would allow Google to run the fuzzer periodically and notify maintainers in case any bugs were found.
A small note on this fuzzer: It panics here, and the optimal solution to that would be to remove the panic from a point of view of fuzzing. However, since there is just a single panic in regexp.go, we could remove it during fuzzing runs or rewrite it slightly to not stop the fuzzer. This would be the solution in the case on running continuous fuzzing.
Signed-off-by: AdamKorcz adam@adalogics.com