Add reproducer binary for protobuf files

tokio-rs · Jan 20, 2020 · 45ea8be · 45ea8be
1 parent d6bc176
commit 45ea8be
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 2 deletions.
diff --git a/FUZZING.md b/FUZZING.md
@@ -12,8 +12,14 @@ To run the afl fuzz tests, first install cargo-afl:
 Then build a fuzz target and run afl on it:
 
     cd afl/<target>/
-    cargo afl build
-    cargo afl fuzz -i in -o out target/debug/<target>
+    cargo afl build --bin fuzz-target
+    cargo afl fuzz -i in -o out target/debug/fuzz-target
+
+To reproduce a crash:
+
+    cd afl/<target>/
+    cargo build --bin reproduce
+    cargo run --bin reproduce -- out/crashes/<crashfile>
 
 
 ## libfuzzer

diff --git a/afl/.gitignore b/afl/.gitignore
@@ -1 +1,2 @@
 out/
+core.*
diff --git a/afl/proto3/Cargo.toml b/afl/proto3/Cargo.toml
@@ -4,6 +4,14 @@ version = "0.1.0"
 authors = ["Prost developers"]
 edition = "2018"
 
+[[bin]]
+name = "fuzz-target"
+path = "src/main.rs"
+
+[[bin]]
+name = "reproduce"
+path = "src/reproduce.rs"
+
 [dependencies]
 afl = "0.4"
 protobuf = { path = "../../protobuf/" }

diff --git a/afl/proto3/src/reproduce.rs b/afl/proto3/src/reproduce.rs
@@ -0,0 +1,13 @@
+use protobuf::test_messages::proto3::TestAllTypesProto3;
+use tests::roundtrip;
+
+fn main() {
+    let args: Vec<String> = std::env::args().collect();
+    if args.len() != 2 {
+        println!("Usage: {} <path-to-crash>", args[0]);
+        std::process::exit(1);
+    }
+
+    let data = std::fs::read(&args[1]).expect(&format!("Could not open file {}", args[1]));
+    let _ = roundtrip::<TestAllTypesProto3>(&data).unwrap_error();
+}