fuzzing: improve cose fuzzer

Signed-off-by: AdamKorcz <adam@adalogics.com>
sigstore · Jan 26, 2023 · 75606f8 · 75606f8
1 parent 187df73
commit 75606f8
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 8 deletions.
diff --git a/pkg/types/cose/fuzz_test.go → pkg/types/cose/v0.0.1/fuzz_test.go b/pkg/types/cose/fuzz_test.go → pkg/types/cose/v0.0.1/fuzz_test.go
@@ -20,18 +20,36 @@ import (
 	"sync"
 	"testing"
 
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
 	fuzzUtils "github.com/sigstore/rekor/pkg/fuzz"
-	"github.com/sigstore/rekor/pkg/types"
+	"github.com/sigstore/rekor/pkg/types/cose"
 )
 
 var initter sync.Once
 
-func FuzzCreateProposedEntry(f *testing.F) {
-	f.Fuzz(func(t *testing.T, version string) {
+func FuzzCoseCreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, propsData []byte) {
 		initter.Do(fuzzUtils.SetFuzzLogger)
-		ctx := context.Background()
-		brt := New()
-		props := types.ArtifactProperties{}
-		_, _ = brt.CreateProposedEntry(ctx, version, props)
+
+		version := "0.0.1"
+
+		ff := fuzz.NewConsumer(propsData)
+
+		props, cleanup, err := fuzzUtils.CreateProps(ff)
+		if err != nil {
+			t.Skip()
+		}
+		defer cleanup()
+
+		it := cose.New()
+		entry, err := it.CreateProposedEntry(context.Background(), version, props)
+		if err != nil {
+			t.Skip()
+		}
+		_, err = it.UnmarshalEntry(entry)
+		if err != nil {
+			t.Skip()
+		}
 	})
 }
diff --git a/tests/oss_fuzz.sh b/tests/oss_fuzz.sh
@@ -44,7 +44,7 @@ compile_native_go_fuzzer github.com/sigstore/rekor/pkg/sharding FuzzValidateUUID
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/sharding FuzzValidateTreeID FuzzValidateTreeID
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/sharding FuzzValidateEntryID FuzzValidateEntryID
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/signer FuzzNewFile FuzzNewFile
-compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/cose FuzzCreateProposedEntry FuzzCreateProposedEntry
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/cose/v0.0.1 FuzzCoseCreateProposedEntry FuzzCoseCreateProposedEntry
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/alpine FuzzPackageUnmarshal FuzzPackageUnmarshal
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/jar FuzzJarUnmarshal FuzzJarUnmarshal
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/hashedrekord FuzzHashedRekord FuzzHashedRekord