DarkFi's VarInt struct is meant to be equivalent to the one used by BTC.
Most of the source code is extremeley similar. This commit adds very
basic tests to ensure equivalence between DarkFi's implementation and
the one used by the BTC crate.
The tests included here are quite basic. Future work can expand on
the testing done on the deserialized values.
This harness can also be used as as guide or template for future
differential fuzzing.
* fuzz: Add honggfuzz
- Added honggfuzz in fuzz2/ (alongside libfuzzer in fuzz/)
- Created convenience script for fuzzing binary decoder
- Created a script to convert inputs that cause crashes into arrays so
that they can be used in unit tests
* Create honggfuzz as subdirectory of fuzz/
- Reorg so that honggfuzz is under fuzz/ instead of in a separate
sibling-level directory fuzz2
- Update fuzz/README.md to make it explicit that it covers libfuzzer
Note: `cargo fuzz`/libfuzzer seems to insist that its folder exists at
`$REPO/fuzz/` so that's the reason for this particular folder structure.
---------
Co-authored-by: y <y>
Add more documentation to fuzz/README.md, especially when it comes to
interpreting out-of-memory issues.
Co-authored-by: y <y>
Co-authored-by: parazyd <parazyd@users.noreply.github.com>
Use artifacts/ rather than corpus/ to track fuzz inputs. corpus appears
to be a temporary directory that will be modified when minimizing test
cases using commands like `cargo fuzz cmin` or `cargo fuzz tmin`. For
this reason it's not suitable for long-term storage and is likely to
make the git commit-staging process very messy.
This input caused an out-of-memory bug. I haven't figured out why yet
but it's good to keep this in the corpus for future testing.
Something interesting: the fuzzer brute-forced the MAGIC BYTES for the
binary on its own! This file is a good starting point for future fuzzing
because it contains the magic bytes: subsequent runs can start from here
instead of needing to "find" the magic bytes via brute forcing every
time
- Inform devs how to build an organized and useful corpora based on the
results of fuzz testing.
- Modify .gitignore to allow corpus/ tracking. Note: files in corpus/
should not be blindly committed but selectively added based on
usefulness
- Add emptyfile to zkas-decoder corpus because it caused a panic
