Make fuzzing to compile and run

JOSEPHGILBY · Nov 5, 2022 · 4700034 · 4700034
1 parent 9ce3712
commit 4700034
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 13 deletions.
diff --git a/fuzz/.gitignore b/fuzz/.gitignore
@@ -1,4 +1,4 @@
-
 target
 corpus
 artifacts
+coverage
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -1,17 +1,18 @@
-
 [package]
 name = "quick-xml-fuzz"
-version = "0.0.1"
+version = "0.0.0"
 authors = ["Automatically generated"]
 publish = false
+edition = "2018"
 
 [package.metadata]
 cargo-fuzz = true
 
+[dependencies]
+libfuzzer-sys = "0.4"
+
 [dependencies.quick-xml]
 path = ".."
-[dependencies.libfuzzer-sys]
-git = "https://github.com/rust-fuzz/libfuzzer-sys.git"
 
 # Prevent this from interfering with workspaces
 [workspace]
@@ -20,3 +21,5 @@ members = ["."]
 [[bin]]
 name = "fuzz_target_1"
 path = "fuzz_targets/fuzz_target_1.rs"
+test = false
+doc = false
diff --git a/fuzz/README.md b/fuzz/README.md
@@ -0,0 +1,7 @@
+Run fuzzing with `-O` to avoid false positives at `debug_assert!`, e.g.:
+
+```bash
+cargo fuzz run -O -j4 fuzz_target_1
+```
+
+See also: https://github.com/rust-fuzz/cargo-fuzz
diff --git a/fuzz/fuzz_targets/fuzz_target_1.rs b/fuzz/fuzz_targets/fuzz_target_1.rs
@@ -1,5 +1,5 @@
 #![no_main]
-#[macro_use] extern crate libfuzzer_sys;
+use libfuzzer_sys::fuzz_target;
 
 use quick_xml::events::Event;
 use quick_xml::reader::Reader;
@@ -12,20 +12,22 @@ fuzz_target!(|data: &[u8]| {
     let mut buf = vec![];
     loop {
         match reader.read_event_into(&mut buf) {
-            Ok(Event::Start(ref e)) | Ok(Event::Empty(ref e))=> {
-                if e.unescaped().is_err() {
-                    break;
-                }
+            Ok(Event::Start(ref e)) | Ok(Event::Empty(ref e)) => {
                 for a in e.attributes() {
-                    if a.ok().map_or(false, |a| a.unescaped_value().is_err()) {
+                    if a.ok().map_or(false, |a| a.unescape_value().is_err()) {
                         break;
                     }
                 }
             }
             Ok(Event::Text(ref e)) | Ok(Event::Comment(ref e))
-            | Ok(Event::CData(ref e)) | Ok(Event::PI(ref e))
+            | Ok(Event::PI(ref e))
             | Ok(Event::DocType(ref e)) => {
-                if e.unescaped().is_err() {
+                if e.unescape().is_err() {
+                    break;
+                }
+            }
+            Ok(Event::CData(e)) => {
+                if e.escape().is_err() {
                     break;
                 }
             }