vitessio · systay · Nov 22, 2021 · Nov 16, 2021 · Nov 18, 2021
@@ -17,6 +17,8 @@ limitations under the License.
 package fuzzing
 
 import (
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
 	"vitess.io/vitess/go/vt/sqlparser"
 )
 
@@ -25,16 +27,20 @@ func FuzzEqualsSQLNode(data []byte) int {
 	if len(data) < 10 {
 		return 0
 	}
-	if (len(data) % 2) != 0 {
+	f := fuzz.NewConsumer(data)
+	query1, err := f.GetSQLString()
+	if err != nil {
 		return 0
 	}
-	firstHalf := string(data[:len(data)/2])
-	secondHalf := string(data[(len(data)/2)+1:])
-	inA, err := sqlparser.Parse(firstHalf)
+	query2, err := f.GetSQLString()
 	if err != nil {
 		return 0
 	}
-	inB, err := sqlparser.Parse(secondHalf)
+	inA, err := sqlparser.Parse(query1)
+	if err != nil {
+		return 0
+	}
+	inB, err := sqlparser.Parse(query2)
 	if err != nil {
 		return 0
 	}
@@ -45,7 +51,14 @@ func FuzzEqualsSQLNode(data []byte) int {
 	// 3) sqlparser.VisitSQLNode
 
 	// Target 1:
-	_ = sqlparser.EqualsSQLNode(inA, inB)
+	identical := sqlparser.EqualsSQLNode(inA, inA)
+	if !identical {
+		panic("Should be identical")
+	}
+	identical = sqlparser.EqualsSQLNode(inB, inB)
+	if !identical {
+		panic("Should be identical")
+	}
 
 	// Target 2:
 	newSQLNode := sqlparser.CloneSQLNode(inA)

@@ -22,36 +22,53 @@ set -x
 go get github.com/AdaLogics/go-fuzz-headers
 go mod vendor
 
+mv ./go/vt/vttablet/tabletmanager/vreplication/framework_test.go \
+   ./go/vt/vttablet/tabletmanager/vreplication/framework_fuzz.go
+
 #consistent_lookup_test.go is needed for loggingVCursor
 mv ./go/vt/vtgate/vindexes/consistent_lookup_test.go \
    ./go/vt/vtgate/vindexes/consistent_lookup_test_fuzz.go
-compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/vindexes FuzzVindex fuzz_vindex
 
 # fake_vcursor_test.go is needed for loggingVCursor
 mv ./go/vt/vtgate/engine/fake_vcursor_test.go \
     ./go/vt/vtgate/engine/fake_vcursor.go
-compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/engine FuzzEngine engine_fuzzer
 
 # plan_test.go is needed for vschemaWrapper
 mv ./go/vt/vtgate/planbuilder/plan_test.go \
     ./go/vt/vtgate/planbuilder/plan_test_fuzz.go
+
+# tabletserver fuzzer
+mv ./go/vt/vttablet/tabletserver/testutils_test.go \
+   ./go/vt/vttablet/tabletserver/testutils_fuzz.go
+
 compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/planbuilder FuzzTestBuilder fuzz_test_builder gofuzz
+compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/vindexes FuzzVindex fuzz_vindex
+compile_go_fuzzer vitess.io/vitess/go/vt/vttablet/tabletmanager/vreplication FuzzEngine fuzz_replication_engine
+compile_go_fuzzer vitess.io/vitess/go/vt/vtgate/engine FuzzEngine engine_fuzzer
 
 
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing Fuzz vtctl_fuzzer
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzIsDML is_dml_fuzzer
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzNormalizer normalizer_fuzzer
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzParser parser_fuzzer
+compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzNodeFormat fuzz_node_format
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzGRPCTMServer fuzz_grpc_tm_server
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzOnlineDDLFromCommentedStatement fuzz_online_ddl_from_commented_statement
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzNewOnlineDDLs fuzz_new_online_ddls
 compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzEqualsSQLNode fuzz_equals_sql_node
+compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzSplitStatementToPieces fuzz_split_statement_to_pieces
+compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzTabletManager_ExecuteFetchAsDba fuzz_tablet_manager_execute_fetch_as_dba
+compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzUnmarshalJSON fuzz_tabletserver_rules_unmarshal_json
+compile_go_fuzzer vitess.io/vitess/go/test/fuzzing FuzzLoadTable fuzz_load_table
 
 compile_go_fuzzer vitess.io/vitess/go/mysql FuzzWritePacket write_packet_fuzzer
 compile_go_fuzzer vitess.io/vitess/go/mysql FuzzHandleNextCommand handle_next_command_fuzzer
 compile_go_fuzzer vitess.io/vitess/go/mysql FuzzReadQueryResults read_query_results_fuzzer
 compile_go_fuzzer vitess.io/vitess/go/mysql FuzzTLSServer fuzz_tls
 
+compile_go_fuzzer vitess.io/vitess/go/vt/vttablet/tabletserver/vstreamer Fuzz vstreamer_planbuilder_fuzzer
+compile_go_fuzzer vitess.io/vitess/go/vt/vttablet/tabletserver FuzzGetPlan fuzz_get_plan
+
 # Several test utils are needed from suite_test.go:
 mv ./go/vt/vtgate/grpcvtgateconn/suite_test.go \
    ./go/vt/vtgate/grpcvtgateconn/suite_test_fuzz.go

@@ -22,6 +22,8 @@ package fuzzing
 import (
 	querypb "vitess.io/vitess/go/vt/proto/query"
 	"vitess.io/vitess/go/vt/sqlparser"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
 )
 
 func FuzzIsDML(data []byte) int {
@@ -46,3 +48,27 @@ func FuzzParser(data []byte) int {
 	}
 	return 1
 }
+
+func FuzzNodeFormat(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	query, err := f.GetSQLString()
+	if err != nil {
+		return 0
+	}
+	node, err := sqlparser.Parse(query)
+	if err != nil {
+		return 0
+	}
+	buf := &sqlparser.TrackedBuffer{}
+	err = f.GenerateStruct(buf)
+	if err != nil {
+		return 0
+	}
+	node.Format(buf)
+	return 1
+}
+
+func FuzzSplitStatementToPieces(data []byte) int {
+	_, _ = sqlparser.SplitStatementToPieces(string(data))
+	return 1
+}
@@ -0,0 +1,53 @@
+/*
+Copyright 2021 The Vitess Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fuzzing
+
+import (
+	"context"
+	"sync"
+	"testing"
+
+	"vitess.io/vitess/go/mysql"
+	"vitess.io/vitess/go/mysql/fakesqldb"
+	"vitess.io/vitess/go/sqltypes"
+	"vitess.io/vitess/go/vt/dbconfigs"
+	"vitess.io/vitess/go/vt/mysqlctl/fakemysqldaemon"
+	"vitess.io/vitess/go/vt/vttablet/tabletmanager"
+	"vitess.io/vitess/go/vt/vttablet/tabletservermock"
+)
+
+var fuzzInitter sync.Once
+
+func initTesting() {
+	testing.Init()
+}
+
+func FuzzTabletManager_ExecuteFetchAsDba(data []byte) int {
+	fuzzInitter.Do(initTesting)
+	t := &testing.T{}
+	ctx := context.Background()
+	cp := mysql.ConnParams{}
+	db := fakesqldb.New(t)
+	db.AddQueryPattern(".*", &sqltypes.Result{})
+	daemon := fakemysqldaemon.NewFakeMysqlDaemon(db)
+
+	dbName := "dbname"
+	tm := &tabletmanager.TabletManager{
+		MysqlDaemon:         daemon,
+		DBConfigs:           dbconfigs.NewTestDBConfigs(cp, cp, dbName),
+		QueryServiceControl: tabletservermock.NewController(),
+	}
+	_, _ = tm.ExecuteFetchAsDba(ctx, data, dbName, 10, false, false)
+	return 1
+}
@@ -0,0 +1,24 @@
+/*
+Copyright 2021 The Vitess Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fuzzing
+
+import (
+	"vitess.io/vitess/go/vt/vttablet/tabletserver/rules"
+)
+
+func FuzzUnmarshalJSON(data []byte) int {
+	qrs := rules.New()
+	_ = qrs.UnmarshalJSON(data)
+	return 1
+}
@@ -0,0 +1,74 @@
+/*
+Copyright 2021 The Vitess Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fuzzing
+
+import (
+	"context"
+	"sync"
+	"testing"
+
+	"vitess.io/vitess/go/mysql/fakesqldb"
+	"vitess.io/vitess/go/sqltypes"
+	"vitess.io/vitess/go/vt/vttablet/tabletserver/connpool"
+	"vitess.io/vitess/go/vt/vttablet/tabletserver/schema"
+	"vitess.io/vitess/go/vt/vttablet/tabletserver/tabletenv"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+)
+
+var initter sync.Once
+
+func FuzzLoadTable(data []byte) int {
+	initter.Do(initTesting)
+	f := fuzz.NewConsumer(data)
+	tableName, err := f.GetString()
+	if err != nil {
+		return 0
+	}
+	comment, err := f.GetString()
+	if err != nil {
+		return 0
+	}
+	query, err := f.GetSQLString()
+	if err != nil {
+		return 0
+	}
+
+	t := &testing.T{}
+
+	db := fakesqldb.New(t)
+	defer db.Close()
+	db.AddQuery(query, &sqltypes.Result{})
+
+	_, _ = newTestLoadTable(tableName, comment, db)
+	return 1
+}
+
+func newTestLoadTable(tableName, comment string, db *fakesqldb.DB) (*schema.Table, error) {
+	ctx := context.Background()
+	appParams := db.ConnParams()
+	dbaParams := db.ConnParams()
+	connPool := connpool.NewPool(tabletenv.NewEnv(nil, "SchemaTest"), "", tabletenv.ConnPoolConfig{
+		Size:               2,
+		IdleTimeoutSeconds: 10,
+	})
+	connPool.Open(appParams, dbaParams, appParams)
+	conn, err := connPool.Get(ctx)
+	if err != nil {
+		return nil, err
+	}
+	defer conn.Recycle()
+
+	return schema.LoadTable(conn, tableName, comment)
+}
@@ -20,7 +20,6 @@ import (
 	"context"
 	"fmt"
 	"net"
-	"sync"
 	"testing"
 
 	"google.golang.org/grpc"
@@ -34,8 +33,6 @@ import (
 	topodatapb "vitess.io/vitess/go/vt/proto/topodata"
 )
 
-var initter sync.Once
-
 func onceInit() {
 	testing.Init()
 }

@@ -24,6 +24,8 @@ import (
 	"vitess.io/vitess/go/vt/sqlparser"
 	"vitess.io/vitess/go/vt/vtgate/semantics"
 	"vitess.io/vitess/go/vt/vtgate/vindexes"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
 )
 
 var _ semantics.SchemaInformation = (*fakeFuzzSI)(nil)
@@ -43,7 +45,12 @@ func (s *fakeFuzzSI) FindTableOrVindex(tablename sqlparser.TableName) (*vindexes
 
 // FuzzAnalyse implements the fuzzer
 func FuzzAnalyse(data []byte) int {
-	tree, err := sqlparser.Parse(string(data))
+	f := fuzz.NewConsumer(data)
+	query, err := f.GetSQLString()
+	if err != nil {
+		return 0
+	}
+	tree, err := sqlparser.Parse(query)
 	if err != nil {
 		return -1
 	}

@@ -80,7 +80,7 @@ func loadFormalForFuzzing(f *fuzz.ConsumeFuzzer) (*vschemapb.SrvVSchema, error)
 func FuzzTestBuilder(data []byte) int {
 	initter.Do(onceInit)
 	f := fuzz.NewConsumer(data)
-	query, err := f.GetString()
+	query, err := f.GetSQLString()
 	if err != nil {
 		return 0
 	}