Fuzz test Serializer to decode FieldValue (#1485)

Mina Farid · web-flow · commit 37edbc694d9e · 2018-07-03T13:40:50.000-04:00
diff --git a/Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm b/Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm
@@ -18,16 +18,27 @@
 
 #include "LibFuzzer/FuzzerDefs.h"
 
+#include "Firestore/core/src/firebase/firestore/model/database_id.h"
 #include "Firestore/core/src/firebase/firestore/remote/serializer.h"
 
+using firebase::firestore::model::DatabaseId;
 using firebase::firestore::remote::Serializer;
 
 namespace {
 
 // Fuzz-test the deserialization process in Firestore. The Serializer reads raw
 // bytes and converts them to a model object.
 void FuzzTestDeserialization(const uint8_t *data, size_t size) {
-  // TODO(minafarid): fuzz-test Serializer.
+  DatabaseId database_id{"project", DatabaseId::kDefault};
+  Serializer serializer{database_id};
+
+  @try {
+    serializer.DecodeFieldValue(data, size);
+  } @catch (...) {
+    // Caught exceptions are ignored because the input might be malformed and
+    // the deserialization might throw an error as intended. Fuzzing focuses on
+    // runtime errors that are detected by the sanitizers.
+  }
 }
 
 // Contains the code to be fuzzed. Called by the fuzzing library with
