Merge pull request #14561 from samueleresca/fuzzing-validation

Ensure that input validation between API and Apply is consistent

.github/workflows/fuzzing.yaml

@@ -0,0 +1,19 @@
+name: Fuzzing v3rpc
+on: [push, pull_request]
+jobs:
+  fuzzing:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+    env:
+      TARGET_PATH: ./server/etcdserver/api/v3rpc
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-go@v2
+      with:
+        go-version: "1.19.1"
+    - run: GOARCH=amd64 CPU=4 make fuzz
+    - uses: actions/upload-artifact@v2
+      if: failure()
+      with:
+        path: "${{env.TARGET_PATH}}/testdata/fuzz/**/*"

Makefile

@@ -33,6 +33,10 @@ test-e2e-release: build
 test-linearizability: build
 	PASSES="linearizability" ./scripts/test.sh $(GO_TEST_FLAGS)
 
+.PHONY: fuzz
+fuzz: 
+	./scripts/fuzzing.sh
+
 # Static analysis
 
 verify: verify-gofmt verify-bom verify-lint verify-dep verify-shellcheck verify-goword verify-govet verify-license-header verify-receiver-name verify-mod-tidy verify-shellcheck verify-shellws verify-proto-annotations

scripts/fuzzing.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+set -e
+source ./scripts/test_lib.sh
+
+GO_CMD="go"
+fuzz_time=${FUZZ_TIME:-"300s"}
+target_path=${TARGET_PATH:-"./server/etcdserver/api/v3rpc"}
+TARGETS="FuzzTxnRangeRequest  FuzzTxnPutRequest  FuzzTxnDeleteRangeRequest"
+
+
+for target in ${TARGETS}; do
+    log_callout -e "\\nExecuting fuzzing with target ${target} in $target_path with a timeout of $fuzz_time\\n"
+    run pushd "${target_path}"
+        $GO_CMD test -fuzz "${target}" -fuzztime "${fuzz_time}"
+    run popd
+    log_success -e "\\COMPLETED: fuzzing with target $target in $target_path \\n"
+done
+

server/etcdserver/api/v3rpc/validationfuzz_test.go

@@ -0,0 +1,167 @@
+package v3rpc
+
+import (
+	"context"
+	"testing"
+
+	pb "go.etcd.io/etcd/api/v3/etcdserverpb"
+	txn "go.etcd.io/etcd/server/v3/etcdserver/txn"
+	"go.etcd.io/etcd/server/v3/lease"
+	betesting "go.etcd.io/etcd/server/v3/storage/backend/testing"
+	"go.etcd.io/etcd/server/v3/storage/mvcc"
+	"go.uber.org/zap/zaptest"
+)
+
+func FuzzTxnRangeRequest(f *testing.F) {
+	testcases := []pb.RangeRequest{
+		{
+			Key:        []byte{2},
+			RangeEnd:   []byte{2},
+			Limit:      3,
+			Revision:   3,
+			SortOrder:  2,
+			SortTarget: 2,
+		},
+	}
+
+	for _, tc := range testcases {
+		soValue := pb.RangeRequest_SortOrder_value[tc.SortOrder.String()]
+		soTarget := pb.RangeRequest_SortTarget_value[tc.SortTarget.String()]
+		f.Add(tc.Key, tc.RangeEnd, tc.Limit, tc.Revision, soValue, soTarget)
+	}
+
+	f.Fuzz(func(t *testing.T,
+		key []byte,
+		rangeEnd []byte,
+		limit int64,
+		revision int64,
+		sortOrder int32,
+		sortTarget int32,
+	) {
+		fuzzRequest := &pb.RangeRequest{
+			Key:        key,
+			RangeEnd:   rangeEnd,
+			Limit:      limit,
+			SortOrder:  pb.RangeRequest_SortOrder(sortOrder),
+			SortTarget: pb.RangeRequest_SortTarget(sortTarget),
+		}
+
+		verifyCheck(t, func() error {
+			return checkRangeRequest(fuzzRequest)
+		})
+
+		execTransaction(t, &pb.RequestOp{
+			Request: &pb.RequestOp_RequestRange{
+				RequestRange: fuzzRequest,
+			},
+		})
+	})
+}
+
+func FuzzTxnPutRequest(f *testing.F) {
+	testcases := []pb.PutRequest{
+		{
+			Key:         []byte{2},
+			Value:       []byte{2},
+			Lease:       2,
+			PrevKv:      false,
+			IgnoreValue: false,
+			IgnoreLease: false,
+		},
+	}
+
+	for _, tc := range testcases {
+		f.Add(tc.Key, tc.Value, tc.Lease, tc.PrevKv, tc.IgnoreValue, tc.IgnoreLease)
+	}
+
+	f.Fuzz(func(t *testing.T,
+		key []byte,
+		value []byte,
+		leaseValue int64,
+		prevKv bool,
+		ignoreValue bool,
+		IgnoreLease bool,
+	) {
+		fuzzRequest := &pb.PutRequest{
+			Key:         key,
+			Value:       value,
+			Lease:       leaseValue,
+			PrevKv:      prevKv,
+			IgnoreValue: ignoreValue,
+			IgnoreLease: IgnoreLease,
+		}
+
+		verifyCheck(t, func() error {
+			return checkPutRequest(fuzzRequest)
+		})
+
+		execTransaction(t, &pb.RequestOp{
+			Request: &pb.RequestOp_RequestPut{
+				RequestPut: fuzzRequest,
+			},
+		})
+	})
+}
+
+func FuzzTxnDeleteRangeRequest(f *testing.F) {
+	testcases := []pb.DeleteRangeRequest{
+		{
+			Key:      []byte{2},
+			RangeEnd: []byte{2},
+			PrevKv:   false,
+		},
+	}
+
+	for _, tc := range testcases {
+		f.Add(tc.Key, tc.RangeEnd, tc.PrevKv)
+	}
+
+	f.Fuzz(func(t *testing.T,
+		key []byte,
+		rangeEnd []byte,
+		prevKv bool,
+	) {
+		fuzzRequest := &pb.DeleteRangeRequest{
+			Key:      key,
+			RangeEnd: rangeEnd,
+			PrevKv:   prevKv,
+		}
+
+		verifyCheck(t, func() error {
+			return checkDeleteRequest(fuzzRequest)
+		})
+
+		execTransaction(t, &pb.RequestOp{
+			Request: &pb.RequestOp_RequestDeleteRange{
+				RequestDeleteRange: fuzzRequest,
+			},
+		})
+	})
+}
+
+func verifyCheck(t *testing.T, check func() error) {
+	errCheck := check()
+	if errCheck != nil {
+		t.Skip("Validation not passing. Skipping the apply.")
+	}
+}
+
+func execTransaction(t *testing.T, req *pb.RequestOp) {
+	b, _ := betesting.NewDefaultTmpBackend(t)
+	defer betesting.Close(t, b)
+	s := mvcc.NewStore(zaptest.NewLogger(t), b, &lease.FakeLessor{}, mvcc.StoreConfig{})
+	defer s.Close()
+
+	// setup cancelled context
+	ctx, cancel := context.WithCancel(context.TODO())
+	cancel()
+
+	request := &pb.TxnRequest{
+		Success: []*pb.RequestOp{req},
+	}
+
+	_, _, err := txn.Txn(ctx, zaptest.NewLogger(t), request, false, s, &lease.FakeLessor{})
+	if err != nil {
+		t.Skipf("Application erroring. %s", err.Error())
+	}
+}