Merge pull request apache#312 from PsiACE/main

alamb · web-flow · commit 2d04266a8e35 · 2021-08-23T05:59:45.000-04:00
Add fuzzer based on honggfuzz
diff --git a/docs/fuzzing.md b/docs/fuzzing.md
@@ -0,0 +1,38 @@
+# Fuzzing
+
+## Installing `honggfuzz`
+
+```
+cargo install honggfuzz
+```
+
+Install [dependencies](https://github.com/rust-fuzz/honggfuzz-rs#dependencies) for your system.
+
+## Running the fuzzer
+
+Running the fuzzer is as easy as running in the `fuzz` directory.
+
+Choose a target:
+
+These are `[[bin]]` entries in `Cargo.toml`.
+List them with `cargo read-manifest | jq '.targets[].name'` from the `fuzz` directory.
+
+Run the fuzzer:
+
+```shell
+cd fuzz
+cargo hfuzz run <target>
+```
+
+After a panic is found, get a stack trace with:
+
+```shell
+cargo hfuzz run-debug <target> hfuzz_workspace/<target>/*.fuzz
+```
+
+For example, with the `fuzz_parse_sql` target:
+
+```shell
+cargo hfuzz run fuzz_parse_sql
+cargo hfuzz run-debug fuzz_parse_sql hfuzz_workspace/fuzz_parse_sql/*.fuzz
+```
diff --git a/fuzz/.gitignore b/fuzz/.gitignore
@@ -0,0 +1,3 @@
+corpus
+hfuzz_target
+hfuzz_workspace
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -0,0 +1,17 @@
+[package]
+name = "fuzz"
+version = "0.1.0"
+edition = "2018"
+publish = false
+
+[dependencies]
+honggfuzz = "0.5.54"
+sqlparser = { path = ".." }
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "fuzz_parse_sql"
+path = "fuzz_targets/fuzz_parse_sql.rs"
diff --git a/fuzz/fuzz_targets/fuzz_parse_sql.rs b/fuzz/fuzz_targets/fuzz_parse_sql.rs
@@ -0,0 +1,12 @@
+use honggfuzz::fuzz;
+use sqlparser::dialect::GenericDialect;
+use sqlparser::parser::Parser;
+
+fn main() {
+    loop {
+        fuzz!(|data: String| {
+            let dialect = GenericDialect {};
+            let _ = Parser::parse_sql(&dialect, &data);
+        });
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+corpus`
	`2`	`+hfuzz_target`
	`3`	`+hfuzz_workspace`