Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-11-27 15:53:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

test(fuzz): turn everything into esm

Browse Source 
since coverage does not work as expected at all, we can use esm. So if jazzer at some point, add esm support for esm, we can easily add it
This commit is contained in:
hulkoba 2023-12-13 14:40:38 +01:00
parent b29c6fccdf
commit 4c0a324980
No known key found for this signature in database
GPG Key ID: ACB6C4A3A4F2BE2F
18 changed files with 167 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -47,7 +47,7 @@
"prepare": "npm run build", "prepare": "npm run build",
"test": "mocha --timeout 120000 test/unittests.js", "test": "mocha --timeout 120000 test/unittests.js",
"test-type-definitions": "node --loader ts-node/esm test/typescript/definitions.ts", "test-type-definitions": "node --loader ts-node/esm test/typescript/definitions.ts",
"fuzz": "jazzer test/fuzz/$TARGET.cjs -- -artifact_prefix=test/fuzz/reports/", "fuzz": "jazzer test/fuzz/$TARGET -- -artifact_prefix=test/fuzz/reports/",
"benchmark-time": "node test/benchmarks/time.js", "benchmark-time": "node test/benchmarks/time.js",
"benchmark-memory-usage": "node test/benchmarks/memory_usage.js", "benchmark-memory-usage": "node test/benchmarks/memory_usage.js",
"start": "http-server", "start": "http-server",

15
test/fuzz/createCleartextMessage.cjs
View File

@ -1,15 +0,0 @@
const { FuzzedDataProvider } = require('@jazzer.js/core');
const MAX_MESSAGE_LENGTH = 9000;
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const data = new FuzzedDataProvider(inputData);
const text = data.bufToPrintableString(inputData, 2, MAX_MESSAGE_LENGTH, 'utf-8');
return openpgp.default.createCleartextMessage({ text });
});
};

15
test/fuzz/createCleartextMessage.js Normal file
View File

@ -0,0 +1,15 @@
import { FuzzedDataProvider } from '@jazzer.js/core';
import openpgp from '../initOpenpgp.js';
const MAX_MESSAGE_LENGTH = 9000;
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const data = new FuzzedDataProvider(inputData);
const text = data.bufToPrintableString(inputData, 2, MAX_MESSAGE_LENGTH, 'utf-8');
return openpgp.createCleartextMessage({ text });
}

9
test/fuzz/createMessageBinary.cjs
View File

@ -1,9 +0,0 @@
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
return openpgp.default.createMessage({ binary: new Uint8Array(inputData) });
});
};

9
test/fuzz/createMessageBinary.js Normal file
View File

@ -0,0 +1,9 @@
import openpgp from '../initOpenpgp.js';
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
return openpgp.createMessage({ binary: new Uint8Array(inputData) });
}

13
test/fuzz/createMessageText.cjs
View File

@ -1,13 +0,0 @@
const { FuzzedDataProvider } = require('@jazzer.js/core');
const MAX_MESSAGE_LENGTH = 9000;
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const data = new FuzzedDataProvider(inputData);
return openpgp.default.createMessage({ text: data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8') });
});
};

13
test/fuzz/createMessageText.js Normal file
View File

@ -0,0 +1,13 @@
import { FuzzedDataProvider } from '@jazzer.js/core';
import openpgp from '../initOpenpgp.js';
const MAX_MESSAGE_LENGTH = 9000;
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const data = new FuzzedDataProvider(inputData);
return openpgp.createMessage({ text: data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8') });
}

25
test/fuzz/generateKey.cjs
View File

@ -1,25 +0,0 @@
const { FuzzedDataProvider } = require('@jazzer.js/core');
const MAX_NAME_LENGTH = 30;
const MAX_COMMENT_LENGTH = 500;
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const data = new FuzzedDataProvider(inputData);
const asciiString = data.consumeString(MAX_COMMENT_LENGTH);
const utf8String = data.consumeString(MAX_NAME_LENGTH, 'utf-8');
return openpgp.default.generateKey({ userIDs: [
{ name: utf8String },
{ email: utf8String },
{ comment: asciiString },
{ name: utf8String, email: utf8String, comment: asciiString }
],
passphrase: asciiString,
format: 'object' });
});
};

26
test/fuzz/generateKey.js Normal file
View File

@ -0,0 +1,26 @@
import { FuzzedDataProvider } from '@jazzer.js/core';
import openpgp from '../initOpenpgp.js';
const MAX_NAME_LENGTH = 30;
const MAX_COMMENT_LENGTH = 500;
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const data = new FuzzedDataProvider(inputData);
const asciiString = data.consumeString(MAX_COMMENT_LENGTH);
const utf8String = data.consumeString(MAX_NAME_LENGTH, 'utf-8');
return openpgp.generateKey({ userIDs: [
{ name: utf8String },
{ email: utf8String },
{ comment: asciiString },
{ name: utf8String, email: utf8String, comment: asciiString }
],
passphrase: asciiString,
format: 'object' });
}

27
test/fuzz/readKeyArmored.cjs
View File

@ -1,27 +0,0 @@
const { FuzzedDataProvider } = require('@jazzer.js/core');
const ignored = ['Misformed armored text'];
const MAX_MESSAGE_LENGTH = 9000;
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const data = new FuzzedDataProvider(inputData);
const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
const armoredKey = `-----BEGIN PGP PRIVATE KEY BLOCK----- ${fuzzedText} -----END PGP PRIVATE KEY BLOCK-----`;
return openpgp.default.readKey({ armoredKey })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
});
};

28
test/fuzz/readKeyArmored.js Normal file
View File

@ -0,0 +1,28 @@
import { FuzzedDataProvider } from '@jazzer.js/core';
import openpgp from '../initOpenpgp.js';
const ignored = ['Misformed armored text'];
const MAX_MESSAGE_LENGTH = 9000;
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const data = new FuzzedDataProvider(inputData);
const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
const armoredKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----\n ${fuzzedText} -----END PGP PRIVATE KEY BLOCK-----`;
return openpgp.readKey({ armoredKey })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
}

22
test/fuzz/readKeyBinary.cjs
View File

@ -1,22 +0,0 @@
const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const binaryKey = new Uint8Array(`-----BEGIN PGP PRIVATE KEY BLOCK----- ${inputData} -----END PGP PRIVATE KEY BLOCK-----`);
return openpgp.default.readKey({ binaryKey })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
});
};

22
test/fuzz/readKeyBinary.js Normal file
View File

@ -0,0 +1,22 @@
import openpgp from '../initOpenpgp.js';
const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const binaryKey = new Uint8Array(`-----BEGIN PGP PRIVATE KEY BLOCK-----\n ${inputData.toString('base64')} -----END PGP PRIVATE KEY BLOCK-----`);
return openpgp.readKey({ binaryKey })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
}

22
test/fuzz/readMessageBinary.cjs
View File

@ -1,22 +0,0 @@
const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const binaryMessage = new Uint8Array(`-----BEGIN PGP MESSAGE----- ${inputData} -----END PGP MESSAGE-----`);
return openpgp.default.readMessage({ binaryMessage })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
});
};

22
test/fuzz/readMessageBinary.js Normal file
View File

@ -0,0 +1,22 @@
import openpgp from '../initOpenpgp.js';
const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const binaryMessage = new Uint8Array(`-----BEGIN PGP MESSAGE-----\n ${inputData.toString('base64')} -----END PGP MESSAGE-----`);
return openpgp.readMessage({ binaryMessage })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
}

27
test/fuzz/readMessageText.cjs
View File

@ -1,27 +0,0 @@
const { FuzzedDataProvider } = require('@jazzer.js/core');
const ignored = ['Misformed armored text'];
const MAX_MESSAGE_LENGTH = 9000;
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
module.exports.fuzz = function(inputData) {
import('../initOpenpgp.js').then(openpgp => {
const data = new FuzzedDataProvider(inputData);
const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
const armoredMessage = `-----BEGIN PGP MESSAGE----- ${fuzzedText} -----END PGP MESSAGE-----`;
return openpgp.default.readMessage({ armoredMessage })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
});
};

27
test/fuzz/readMessageText.js Normal file
View File

@ -0,0 +1,27 @@
import { FuzzedDataProvider } from '@jazzer.js/core';
import openpgp from '../initOpenpgp.js';
const ignored = ['Misformed armored text'];
const MAX_MESSAGE_LENGTH = 9000;
function ignoredError(error) {
return ignored.some(message => error.message.includes(message));
}
/**
* @param { Buffer } inputData
*/
export function fuzz (inputData) {
const data = new FuzzedDataProvider(inputData);
const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
const armoredMessage = `-----BEGIN PGP MESSAGE-----\n ${fuzzedText} -----END PGP MESSAGE-----`;
return openpgp.readMessage({ armoredMessage })
.catch(error => {
if (error.message && !ignoredError(error)) {
throw error;
}
});
}

15
test/fuzz/readme.md
View File

@ -11,14 +11,7 @@ To generate and run fuzz tests, we use the [Jazzer.js](https://github.com/CodeIn
This directory contains fuzz targets like for example `createMessageBinary`. This directory contains fuzz targets like for example `createMessageBinary`.
You can run this fuzz target without options: You can run this fuzz target:
```sh
npx jazzer test/fuzz/createMessageBinary.cjs
```
(You will notice the `.cjs` file ending. This is because jazzer does not support esm, yet)
or with the given settings at your package.json:
```sh ```sh
TARGET=createMessageBinary npm run fuzz TARGET=createMessageBinary npm run fuzz
``` ```
@ -50,12 +43,12 @@ See further details in [Fuzzing using fuzz targets and the CLI](https://github.c
### Run limitations ### Run limitations
You can pass the `-max_total_time` flag to the internal fuzzing engine to stop the fuzzing run after 10 seconds. You can edit the npm command and pass the `-max_total_time` flag to the internal fuzzing engine to stop the fuzzing run after 10 seconds.
```sh ```sh
npx jazzer test/fuzz/createMessageBinary.cjs -- -max_total_time=10 jazzer test/fuzz/$TARGET -- -max_total_time=10
``` ```
Or you can limit the number of runs: Or you can limit the number of runs:
```sh ```sh
npx jazzer test/fuzz/createMessageBinary.cjs -- -runs=4000000 jazzer test/fuzz/$TARGET -- -runs=4000000
``` ```