Skip to content

Commit

Permalink
Fuzzing: Add more and modify exiting
Browse files Browse the repository at this point in the history
Signed-off-by: AdamKorcz <adam@adalogics.com>
  • Loading branch information
AdamKorcz committed Nov 1, 2021
1 parent 9c12478 commit 2f6ae06
Show file tree
Hide file tree
Showing 9 changed files with 1,369 additions and 340 deletions.
59 changes: 59 additions & 0 deletions go/test/fuzzing/ast_fuzzer.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
//go:build gofuzz
// +build gofuzz

/*
Copyright 2021 The Vitess Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package fuzzing

import (
"vitess.io/vitess/go/vt/sqlparser"
)

// FuzzEqualsSQLNode implements the fuzzer
func FuzzEqualsSQLNode(data []byte) int {
if len(data) < 10 {
return 0
}
if (len(data) % 2) != 0 {
return 0
}
firstHalf := string(data[:len(data)/2])
secondHalf := string(data[(len(data)/2)+1:])
inA, err := sqlparser.Parse(firstHalf)
if err != nil {
return 0
}
inB, err := sqlparser.Parse(secondHalf)
if err != nil {
return 0
}

// There are 3 targets in this fuzzer:
// 1) sqlparser.EqualsSQLNode
// 2) sqlparser.CloneSQLNode
// 3) sqlparser.VisitSQLNode

// Target 1:
_ = sqlparser.EqualsSQLNode(inA, inB)

// Target 2:
newSQLNode := sqlparser.CloneSQLNode(inA)
if !sqlparser.EqualsSQLNode(inA, newSQLNode) {
panic("These two nodes should be identical")
}

// Target 3:
_ = sqlparser.VisitSQLNode(inA, func(node sqlparser.SQLNode) (bool, error) { return false, nil })
return 1
}
43 changes: 37 additions & 6 deletions go/test/fuzzing/oss_fuzz_build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,23 +14,54 @@
# See the License for the specific language governing permissions and
# limitations under the License.

set -o nounset
set -o pipefail
set -o errexit
set -x

go get github.com/AdaLogics/go-fuzz-headers
go mod vendor

#consistent_lookup_test.go is needed for loggingVCursor
mv ./go/vt/vtgate/vindexes/consistent_lookup_test.go \
./go/vt/vtgate/vindexes/consistent_lookup_test_fuzz.go
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/vindexes FuzzVindex fuzz_vindex

# fake_vcursor_test.go is needed for loggingVCursor
mv ./go/vt/vtgate/engine/fake_vcursor_test.go \
./go/vt/vtgate/engine/fake_vcursor.go
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/engine FuzzEngine engine_fuzzer

# plan_test.go is needed for vschemaWrapper
mv ./go/vt/vtgate/planbuilder/plan_test.go \
./go/vt/vtgate/planbuilder/plan_test_fuzz.go
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/planbuilder FuzzTestBuilder fuzz_test_builder gofuzz


compile_go_fuzzer vitess.io/vitess/go/test/fuzzing Fuzz vtctl_fuzzer
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzIsDML is_dml_fuzzer
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzNormalizer normalizer_fuzzer
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzParser parser_fuzzer
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzGRPCTMServer fuzz_grpc_tm_server
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzOnlineDDLFromCommentedStatement fuzz_online_ddl_from_commented_statement
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzNewOnlineDDLs fuzz_new_online_ddls
compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzEqualsSQLNode fuzz_equals_sql_node

compile_go_fuzzer vitess.io/vitess/go/mysql FuzzWritePacket write_packet_fuzzer
compile_go_fuzzer vitess.io/vitess/go/mysql FuzzHandleNextCommand handle_next_command_fuzzer
compile_go_fuzzer vitess.io/vitess/go/mysql FuzzReadQueryResults read_query_results_fuzzer
compile_go_fuzzer vitess.io/vitess/go/mysql FuzzTLSServer fuzz_tls

# Several test utils are needed from suite_test.go:
mv ./go/vt/vtgate/grpcvtgateconn/suite_test.go \
./go/vt/vtgate/grpcvtgateconn/suite_test_fuzz.go
mv ./go/vt/vtgate/grpcvtgateconn/fuzz_flaky_test.go \
./go/vt/vtgate/grpcvtgateconn/fuzz.go
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/grpcvtgateconn Fuzz grpc_vtgate_fuzzer
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/planbuilder/abstract FuzzAnalyse planbuilder_fuzzer gofuzz

mv ./go/vt/vtgate/engine/fake_vcursor_test.go \
./go/vt/vtgate/engine/fake_vcursor.go
mv ./go/vt/vtgate/engine/fuzz_flaky_test.go ./go/vt/vtgate/engine/engine_fuzz.go
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/engine FuzzEngine engine_fuzzer
compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/planbuilder/abstract FuzzAnalyse fuzz_analyse gofuzz



# Build dictionaries
cp $SRC/vitess/go/test/fuzzing/vtctl_fuzzer.dict $OUT/

88 changes: 88 additions & 0 deletions go/test/fuzzing/vt_schema_fuzzer.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
//go:build gofuzz
// +build gofuzz

/*
Copyright 2021 The Vitess Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package fuzzing

import (
fuzz "github.com/AdaLogics/go-fuzz-headers"

"vitess.io/vitess/go/vt/schema"
"vitess.io/vitess/go/vt/sqlparser"
)

// FuzzOnlineDDLFromCommentedStatement implements a fuzzer
// that targets schema.OnlineDDLFromCommentedStatement
func FuzzOnlineDDLFromCommentedStatement(data []byte) int {
stmt, err := sqlparser.Parse(string(data))
if err != nil {
return 0
}
onlineDDL, err := schema.OnlineDDLFromCommentedStatement(stmt)
if err != nil {
return 0
}
_, _ = onlineDDL.GetAction()
_, _, _ = onlineDDL.GetActionStr()
_ = onlineDDL.GetGCUUID()
return 1
}

// FuzzNewOnlineDDLs implements a fuzzer that
// targets schema.NewOnlineDDLs
func FuzzNewOnlineDDLs(data []byte) int {
f := fuzz.NewConsumer(data)

keyspace, err := f.GetString()
if err != nil {
return 0
}

ddlstmtString, err := f.GetString()
if err != nil {
return 0
}
ddlStmt, _, err := schema.ParseOnlineDDLStatement(ddlstmtString)
if err != nil {
return 0
}

sql, err := f.GetString()
if err != nil {
return 0
}

ddlStrategySetting := &schema.DDLStrategySetting{}
err = f.GenerateStruct(ddlStrategySetting)
if err != nil {
return 0
}

requestContext, err := f.GetString()
if err != nil {
return 0
}

onlineDDLs, err := schema.NewOnlineDDLs(keyspace, sql, ddlStmt, ddlStrategySetting, requestContext)
if err != nil {
return 0
}
for _, onlineDDL := range onlineDDLs {
_, _ = onlineDDL.GetAction()
_, _, _ = onlineDDL.GetActionStr()
_ = onlineDDL.GetGCUUID()
}
return 1
}
Loading

0 comments on commit 2f6ae06

Please sign in to comment.