From 7a86ed3a3d90dbc426f87081d5f214cb31606435 Mon Sep 17 00:00:00 2001 From: Nathaniel Brough Date: Sun, 30 Apr 2023 00:49:03 -0700 Subject: [PATCH] Adds an executor fuzzer and corresponding dictionaries (#1891) --- lib/fuzz/Cargo.lock | 456 +++------------------ lib/fuzz/Cargo.toml | 9 + lib/fuzz/README.md | 68 +++ lib/fuzz/fuzz_targets/fuzz_executor.dict | 327 +++++++++++++++ lib/fuzz/fuzz_targets/fuzz_executor.rs | 29 ++ lib/fuzz/fuzz_targets/fuzz_sql_parser.dict | 324 +++++++++++++++ 6 files changed, 812 insertions(+), 401 deletions(-) create mode 100644 lib/fuzz/README.md create mode 100644 lib/fuzz/fuzz_targets/fuzz_executor.dict create mode 100644 lib/fuzz/fuzz_targets/fuzz_executor.rs create mode 100644 lib/fuzz/fuzz_targets/fuzz_sql_parser.dict diff --git a/lib/fuzz/Cargo.lock b/lib/fuzz/Cargo.lock index d0bdcb50..4057e6ba 100644 --- a/lib/fuzz/Cargo.lock +++ b/lib/fuzz/Cargo.lock @@ -53,6 +53,12 @@ dependencies = [ "derive_arbitrary", ] +[[package]] +name = "arc-swap" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bddcadddf5e9015d310179a59bb28c4d4b9920ad0f11e8e14dbadf654890c9a6" + [[package]] name = "argon2" version = "0.5.0" @@ -150,12 +156,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -[[package]] -name = "base64" -version = "0.13.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" - [[package]] name = "base64" version = "0.21.0" @@ -174,7 +174,7 @@ version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9df288bec72232f78c1ec5fe4e8f1d108aa0265476e93097593c803c8c02062a" dependencies = [ - "base64 0.21.0", + "base64", "blowfish", "getrandom", "subtle", @@ -199,6 +199,12 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitmaps" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "703642b98a00b3b90513279a8ede3fcfa479c126c5fb46e78f3051522f021403" + [[package]] name = "bitvec" version = "1.0.1" @@ -445,12 +451,15 @@ dependencies = [ ] [[package]] -name = "encoding_rs" -version = "0.8.32" +name = "echodb" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "071a31f4ee85403370b58aca746f01041ede6f0da2730960ad001edc2b71b394" +checksum = "312221c0bb46e82cd250c818404ef9dce769a4d5a62915c0249b577762eec34a" dependencies = [ - "cfg-if", + "arc-swap", + "imbl", + "thiserror", + "tokio", ] [[package]] @@ -484,15 +493,9 @@ dependencies = [ "futures-sink", "nanorand", "pin-project", - "spin 0.9.8", + "spin", ] -[[package]] -name = "fnv" -version = "1.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" - [[package]] name = "form_urlencoded" version = "1.1.0" @@ -692,25 +695,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "h2" -version = "0.3.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17f8a914c2987b688368b5138aa05321db91f4090cf26118185672ad588bce21" -dependencies = [ - "bytes", - "fnv", - "futures-core", - "futures-sink", - "futures-util", - "http", - "indexmap", - "slab", - "tokio", - "tokio-util", - "tracing", -] - [[package]] name = "hash32" version = "0.2.1" @@ -735,7 +719,7 @@ dependencies = [ "atomic-polyfill", "hash32", "rustc_version", - "spin 0.9.8", + "spin", "stable_deref_trait", ] @@ -757,77 +741,6 @@ dependencies = [ "digest", ] -[[package]] -name = "http" -version = "0.2.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd6effc99afb63425aff9b05836f029929e345a6148a14b7ecd5ab67af944482" -dependencies = [ - "bytes", - "fnv", - "itoa", -] - -[[package]] -name = "http-body" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" -dependencies = [ - "bytes", - "http", - "pin-project-lite", -] - -[[package]] -name = "httparse" -version = "1.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" - -[[package]] -name = "httpdate" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" - -[[package]] -name = "hyper" -version = "0.14.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab302d72a6f11a3b910431ff93aae7e773078c769f0a3ef15fb9ec692ed147d4" -dependencies = [ - "bytes", - "futures-channel", - "futures-core", - "futures-util", - "h2", - "http", - "http-body", - "httparse", - "httpdate", - "itoa", - "pin-project-lite", - "socket2", - "tokio", - "tower-service", - "tracing", - "want", -] - -[[package]] -name = "hyper-rustls" -version = "0.23.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1788965e61b367cd03a62950836d5cd41560c3577d90e40e0819373194d1661c" -dependencies = [ - "http", - "hyper", - "rustls", - "tokio", - "tokio-rustls", -] - [[package]] name = "iana-time-zone" version = "0.1.56" @@ -862,6 +775,28 @@ dependencies = [ "unicode-normalization", ] +[[package]] +name = "imbl" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2806b69cd9f4664844027b64465eacb444c67c1db9c778e341adff0c25cdb0d" +dependencies = [ + "bitmaps", + "imbl-sized-chunks", + "rand_core", + "rand_xoshiro", + "version_check", +] + +[[package]] +name = "imbl-sized-chunks" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6957ea0b2541c5ca561d3ef4538044af79f8a05a1eb3a3b148936aaceaa1076" +dependencies = [ + "bitmaps", +] + [[package]] name = "indexmap" version = "1.9.3" @@ -891,12 +826,6 @@ dependencies = [ "cfg-if", ] -[[package]] -name = "ipnet" -version = "2.7.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12b6ee2129af8d4fb011108c73d99a1b83a85977f23b82460c0ae2e25bb4b57f" - [[package]] name = "itoa" version = "1.0.6" @@ -1002,30 +931,12 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" -[[package]] -name = "mime" -version = "0.3.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" - [[package]] name = "minimal-lexical" version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" -[[package]] -name = "mio" -version = "0.8.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b9d9a46eff5b4ff64b45a9e316a6d1e0bc719ef429cbec4dc630684212bfdf9" -dependencies = [ - "libc", - "log", - "wasi 0.11.0+wasi-snapshot-preview1", - "windows-sys", -] - [[package]] name = "nanoid" version = "0.4.0" @@ -1273,6 +1184,15 @@ dependencies = [ "getrandom", ] +[[package]] +name = "rand_xoshiro" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f97cdb2a36ed4183de61b2f824cc45c9f1037f28afe0a322e9fff4c108b5aaa" +dependencies = [ + "rand_core", +] + [[package]] name = "redox_syscall" version = "0.2.16" @@ -1299,62 +1219,6 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a5996294f19bd3aae0453a862ad728f60e6600695733dd5df01da90c54363a3c" -[[package]] -name = "reqwest" -version = "0.11.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27b71749df584b7f4cac2c426c127a7c785a5106cc98f7a8feb044115f0fa254" -dependencies = [ - "base64 0.21.0", - "bytes", - "encoding_rs", - "futures-core", - "futures-util", - "h2", - "http", - "http-body", - "hyper", - "hyper-rustls", - "ipnet", - "js-sys", - "log", - "mime", - "once_cell", - "percent-encoding", - "pin-project-lite", - "rustls", - "rustls-pemfile", - "serde", - "serde_json", - "serde_urlencoded", - "tokio", - "tokio-rustls", - "tokio-util", - "tower-service", - "url", - "wasm-bindgen", - "wasm-bindgen-futures", - "wasm-streams", - "web-sys", - "webpki-roots", - "winreg", -] - -[[package]] -name = "ring" -version = "0.16.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" -dependencies = [ - "cc", - "libc", - "once_cell", - "spin 0.5.2", - "untrusted", - "web-sys", - "winapi", -] - [[package]] name = "rmp" version = "0.8.11" @@ -1392,27 +1256,6 @@ dependencies = [ "semver", ] -[[package]] -name = "rustls" -version = "0.20.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fff78fc74d175294f4e83b28343315ffcfb114b156f0185e9741cb5570f50e2f" -dependencies = [ - "log", - "ring", - "sct", - "webpki", -] - -[[package]] -name = "rustls-pemfile" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d194b56d58803a43635bdc398cd17e383d6f71f9182b9a192c127ca42494a59b" -dependencies = [ - "base64 0.21.0", -] - [[package]] name = "ryu" version = "1.0.13" @@ -1452,16 +1295,6 @@ dependencies = [ "sha2", ] -[[package]] -name = "sct" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "semver" version = "1.0.17" @@ -1508,18 +1341,6 @@ dependencies = [ "serde", ] -[[package]] -name = "serde_urlencoded" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" -dependencies = [ - "form_urlencoded", - "itoa", - "ryu", - "serde", -] - [[package]] name = "sha-1" version = "0.10.1" @@ -1531,17 +1352,6 @@ dependencies = [ "digest", ] -[[package]] -name = "sha1" -version = "0.10.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3" -dependencies = [ - "cfg-if", - "cpufeatures", - "digest", -] - [[package]] name = "sha2" version = "0.10.6" @@ -1568,22 +1378,6 @@ version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" -[[package]] -name = "socket2" -version = "0.4.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64a4a911eed85daf18834cfaa86a79b7d266ff93ff5ba14005426219480ed662" -dependencies = [ - "libc", - "winapi", -] - -[[package]] -name = "spin" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" - [[package]] name = "spin" version = "0.9.8" @@ -1631,6 +1425,7 @@ dependencies = [ "bung", "chrono", "dmp", + "echodb", "flume", "futures", "futures-concurrency", @@ -1648,8 +1443,6 @@ dependencies = [ "pin-project-lite", "rand", "regex", - "reqwest", - "rustls", "scrypt", "semver", "serde", @@ -1660,7 +1453,6 @@ dependencies = [ "surrealdb-derive", "thiserror", "tokio", - "tokio-tungstenite", "tracing", "trice", "ulid", @@ -1686,6 +1478,7 @@ name = "surrealdb-fuzz" version = "0.0.0" dependencies = [ "arbitrary", + "futures", "libfuzzer-sys", "surrealdb", ] @@ -1791,11 +1584,8 @@ checksum = "d0de47a4eecbe11f498978a9b29d792f0d2692d1dd003650c24c76510e3bc001" dependencies = [ "autocfg", "bytes", - "libc", - "mio", "num_cpus", "pin-project-lite", - "socket2", "tokio-macros", "windows-sys", ] @@ -1811,52 +1601,6 @@ dependencies = [ "syn 2.0.15", ] -[[package]] -name = "tokio-rustls" -version = "0.23.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" -dependencies = [ - "rustls", - "tokio", - "webpki", -] - -[[package]] -name = "tokio-tungstenite" -version = "0.18.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54319c93411147bced34cb5609a80e0a8e44c5999c93903a81cd866630ec0bfd" -dependencies = [ - "futures-util", - "log", - "rustls", - "tokio", - "tokio-rustls", - "tungstenite", - "webpki", -] - -[[package]] -name = "tokio-util" -version = "0.7.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5427d89453009325de0d8f342c9490009f76e999cb7672d77e46267448f7e6b2" -dependencies = [ - "bytes", - "futures-core", - "futures-sink", - "pin-project-lite", - "tokio", - "tracing", -] - -[[package]] -name = "tower-service" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" - [[package]] name = "tracing" version = "0.1.37" @@ -1900,33 +1644,6 @@ dependencies = [ "web-sys", ] -[[package]] -name = "try-lock" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" - -[[package]] -name = "tungstenite" -version = "0.18.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30ee6ab729cd4cf0fd55218530c4522ed30b7b6081752839b68fcec8d0960788" -dependencies = [ - "base64 0.13.1", - "byteorder", - "bytes", - "http", - "httparse", - "log", - "rand", - "rustls", - "sha1", - "thiserror", - "url", - "utf-8", - "webpki", -] - [[package]] name = "typenum" version = "1.16.0" @@ -1970,12 +1687,6 @@ version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" -[[package]] -name = "untrusted" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" - [[package]] name = "url" version = "2.3.1" @@ -1993,12 +1704,6 @@ version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e8db7427f936968176eaa7cdf81b7f98b980b18495ec28f1b5791ac3bfe3eea9" -[[package]] -name = "utf-8" -version = "0.7.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" - [[package]] name = "uuid" version = "1.3.1" @@ -2023,16 +1728,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d5b2c62b4012a3e1eca5a7e077d13b3bf498c4073e33ccd58626607748ceeca" -[[package]] -name = "want" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" -dependencies = [ - "log", - "try-lock", -] - [[package]] name = "wasi" version = "0.10.0+wasi-snapshot-preview1" @@ -2111,19 +1806,6 @@ version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" -[[package]] -name = "wasm-streams" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bbae3363c08332cadccd13b67db371814cd214c2524020932f0804b8cf7c078" -dependencies = [ - "futures-util", - "js-sys", - "wasm-bindgen", - "wasm-bindgen-futures", - "web-sys", -] - [[package]] name = "wasmtimer" version = "0.2.0" @@ -2147,25 +1829,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webpki" -version = "0.22.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd" -dependencies = [ - "ring", - "untrusted", -] - -[[package]] -name = "webpki-roots" -version = "0.22.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6c71e40d7d2c34a5106301fb632274ca37242cd0c9d3e64dbece371a40a2d87" -dependencies = [ - "webpki", -] - [[package]] name = "winapi" version = "0.3.9" @@ -2329,15 +1992,6 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" -[[package]] -name = "winreg" -version = "0.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" -dependencies = [ - "winapi", -] - [[package]] name = "ws_stream_wasm" version = "0.7.4" diff --git a/lib/fuzz/Cargo.toml b/lib/fuzz/Cargo.toml index e775cec3..e28af1b6 100644 --- a/lib/fuzz/Cargo.toml +++ b/lib/fuzz/Cargo.toml @@ -10,9 +10,12 @@ cargo-fuzz = true [dependencies] libfuzzer-sys = { version= "0.4", features = ["arbitrary-derive"] } arbitrary = { version = "1", features = ["derive"] } +futures = "0.3.28" [dependencies.surrealdb] path = ".." +features = ["kv-mem"] +default-features = false # Prevent this from interfering with workspaces [workspace] @@ -26,3 +29,9 @@ name = "fuzz_sql_parser" path = "fuzz_targets/fuzz_sql_parser.rs" test = false doc = false + +[[bin]] +name = "fuzz_executor" +path = "fuzz_targets/fuzz_executor.rs" +test = false +doc = false diff --git a/lib/fuzz/README.md b/lib/fuzz/README.md new file mode 100644 index 00000000..f0cdc372 --- /dev/null +++ b/lib/fuzz/README.md @@ -0,0 +1,68 @@ +# Fuzzing +Surrealdb maintains a set of fuzz testing harnesses that are managed by +[cargo-fuzz](https://github.com/rust-fuzz/cargo-fuzz). + +To build and run the fuzzer we will need to; +- Install a specific version of the nightly compiler +- Install cargo fuzz +- Build a fuzz friendly version of surrealdb with our harnesses + +## Installing nightly +One of the key requirements for high-performance fuzzing is the ability +to collect code-coverage feedback at runtime. With the current stable +version of rustc we can't instrument our fuzz-harnesses with coverage feedback. +Because of this we need to use some of the more bleeding edge features +available in the nightly release. + +Unfortunately for us the nightly release is a little unstable and there +was a [bug](https://github.com/rust-lang/rust/issues/110475) in the +latest version of the nightly compiler that prevents use from compiling +some of surrealdb's depdendencies. To workaround this issue we've carefully +picked a version of the nightly compiler that works with both cargo-fuzz +and our dependencies. This version is `nightly-2023-04-21`. To install +this version we simply need to run; + +`rustup install nightly-2023-04-21` + +## Installing cargo-fuzz +Full details on the different install options are available, in the +[cargo-fuzz book](https://rust-fuzz.github.io/book/cargo-fuzz/setup.html). +but for the sake of brevity you can just install the basics with the +command below. + +`cargo +nightly-2023-04-21 install cargo-fuzz` + +## Building the fuzzers +Now that we've install cargo-fuzz we can go ahead and build our fuzzers. +``` +cd lib +# -O: Optimised build +# --debug-assertions: Catch common bugs, e.g. integer overflow. +cargo +nightly-2023-04-21 fuzz build -O --debug-assertions +```` + +## Running the fuzzer +Now that the fuzzer has successfully built we can actually run them. To +list the available fuzz harnesses we can use the command. +``` +cargo +nightly-2023-04-21 fuzz list +``` + +Once we know what fuzzer (in this case fuzz_executor) we want to run we +can it using the command; +``` +cargo +nightly-2023-04-21 fuzz run -O --debug-assertions fuzz_executor +``` + +The previous command will run the fuzzer in libfuzzer's default mode, +which means as a single thread. If you would like to speed fuzzing +up we can make use of all cores, and use a dictionary file. e.g. +``` +# -fork: Run N seperate process fuzzing in parralell in this case we +# use nproc to match the number of processors on our local +# machine. +# -dict: Make use the fuzzer specific dictionary file. +cargo +nightly-2023-04-21 fuzz run -O --debug-assertions \ + fuzz_executor -- -fork=$(nproc) \ + -dict=fuzz/fuzz_targets/fuzz_executor.dict +``` \ No newline at end of file diff --git a/lib/fuzz/fuzz_targets/fuzz_executor.dict b/lib/fuzz/fuzz_targets/fuzz_executor.dict new file mode 100644 index 00000000..80523a66 --- /dev/null +++ b/lib/fuzz/fuzz_targets/fuzz_executor.dict @@ -0,0 +1,327 @@ +"AFTER" +"ALL" +"ALLINSIDE" +"AND" +"ANYINSIDE" +"AS" +"ASC" +"ASSERT" +"AT" +"BEFORE" +"BEGIN" +"BY" +"CANCEL" +"COLLATE" +"COLUMNS" +"COMMIT" +"CONTAINS" +"CONTAINSALL" +"CONTAINSANY" +"CONTAINSNONE" +"CONTAINSNOT" +"CONTENT" +"CREATE" +"DATABASE" +"DB" +"DEFINE" +"DELETE" +"DESC" +"DIFF" +"DROP" +"EDDSA" +"ELSE" +"END" +"ERR" +"EVENT" +"EVENTS" +"FALSE" +"FETCH" +"FIELD" +"FIELDS" +"FLEX" +"FLEXI" +"FLEXIBLE" +"FOR" +"FORCE" +"FROM" +"FULL" +"FUNCTION" +"GBR" +"GROUP" +"HEAD" +"ID" +"IF" +"IGNORE" +"IMPORT" +"IN" +"INDEX" +"INFO" +"INSERT" +"INSIDE" +"INTERSECTS" +"INTO" +"IS" +"KILL" +"KV" +"LET" +"LICENSE" +"LIMIT" +"LOGIN" +"MERGE" +"NAMESPACE" +"NONE" +"NONEINSIDE" +"NOTINSIDE" +"NS" +"NULL" +"NUMERIC" +"OK" +"ON" +"OPTION" +"OR" +"ORDER" +"OUTSIDE" +"PARALLEL" +"PARAM" +"PASSHASH" +"PASSWORD" +"PATCH" +"PATH" +"PERMISSIONS" +"PI" +"RELATE" +"REMOVE" +"REPLACE" +"RETURN" +"SC" +"SCHEMAFUL" +"SCHEMAFULL" +"SCHEMALESS" +"SCOPE" +"SELECT" +"SESSION" +"SET" +"SIGHUP" +"SIGINT" +"SIGNIN" +"SIGNUP" +"SIGQUIT" +"SIGTERM" +"SLEEP" +"SPLIT" +"START" +"TABLE" +"TABLES" +"TAU" +"TB" +"THEN" +"TIMEOUT" +"TK" +"TOKEN" +"TRANSACTION" +"TRUE" +"TYPE" +"UNIQUE" +"UPDATE" +"UPPERCASE" +"USE" +"VALUE" +"VALUES" +"VERSION" +"WHEN" +"WHERE" +"&&" +"||" +"??" +"?:" +"!=" +"==" +"?=" +"*=" +"!~" +"?~" +"*~" +"<=" +">=" +"**" +"::" +"array" +"array::" +"array::add(" +"array::all(" +"array::any(" +"array::append(" +"array::combine(" +"array::complement(" +"array::concat(" +"array::difference(" +"array::distinct(" +"array::flatten(" +"array::group(" +"array::insert(" +"array::intersect(" +"array::len(" +"array::max(" +"array::min(" +"array::pop(" +"array::prepend(" +"array::push(" +"array::remove(" +"array::reverse(" +"array::sort(" +"array::sort::asc(" +"array::sort::desc(" +"array::union(" +"count(" +"crypto" +"crypto::" +"crypto::md5(" +"crypto::sha1(" +"crypto::sha256(" +"crypto::argon2::compare(" +"crypto::argon2::generate(" +"crypto::pbkdf2::compare(" +"crypto::pbkdf2::generate(" +"crypto::bcrypt::compare(" +"crypto::bcrypt::generate(" +"crypto::scrypt::compare(" +"crypto::scrypt::generate(" +"geo" +"geo::" +"geo::area(" +"geo::bearing(" +"geo::centroid(" +"geo::distance(" +"geo::hash" +"hash" +"geo::hash::decode(" +"geo::hash::encode(" +"http" +"http::" +"http::head(" +"http::get(" +"http::put(" +"http::post(" +"http::patch(" +"http::delete(" +"is" +"is::" +"is::alphanum(" +"is::alpha(" +"is::ascii(" +"is::datetime(" +"is::domain(" +"is::email(" +"is::hexadecimal(" +"is::latitude(" +"is::longitude(" +"is::numeric(" +"is::semver(" +"is::url(" +"is::uuid(" +"math" +"math::" +"math::abs(" +"math::ceil(" +"math::fixed(" +"math::floor(" +"math::max(" +"math::mean(" +"math::median(" +"math::min(" +"math::product(" +"math::round(" +"math::sqrt(" +"math::sum(" +"meta" +"meta::" +"meta::id(" +"meta::tb(" +"parse" +"parse::" +"parse::email" +"email" +"parse::email::host(" +"parse::email::user(" +"parse::email::domain(" +"parse::email::fragments(" +"parse::url::host(" +"parse::url::path(" +"parse::url::port(" +"parse::url::query(" +"rand(" +"rand" +"rand::bool(" +"rand::enum(" +"rand::float(" +"rand::guid(" +"rand::int(" +"rand::string(" +"rand::time(" +"rand::uuid(" +"uuid" +"rand::uuid::v4(" +"rand::uuid::v7(" +"session" +"session::" +"session::db(" +"session::id(" +"session::ip(" +"session::ns(" +"session::origin(" +"session::sc" +# Sleep is just going to slow the fuzzer down +# "sleep(" +"string" +"string::concat(" +"string::endsWith(" +"string::join(" +"string::len(" +"string::lowercase(" +"string::repeat(" +"string::replace(" +"string::reverse(" +"string::slice(" +"string::slug(" +"string::split(" +"string::startsWith(" +"string::trim(" +"string::uppercase(" +"string::words(" +"time" +"time::" +"time::day(" +"time::floor(" +"time::format(" +"time::group(" +"time::hour(" +"time::minute(" +"time::month(" +"time::nano(" +"time::now(" +"time::round(" +"time::second(" +"time::timezone(" +"time::unix(" +"time::wday(" +"time::week(" +"time::yday(" +"time::year(" +"type" +"type::" +"type::bool(" +"type::datetime(" +"type::decimal(" +"type::duration(" +"type::float(" +"type::int(" +"type::number(" +"type::point(" +# Avoid regex in the fuzzer as it will just slow things down. +# the rust regex crate is already fuzzed. +# "type::regex(" +"type::string(" +"type::table(" +"type::thing(" +# TODO: Add Javascript keywords + diff --git a/lib/fuzz/fuzz_targets/fuzz_executor.rs b/lib/fuzz/fuzz_targets/fuzz_executor.rs new file mode 100644 index 00000000..f58656f6 --- /dev/null +++ b/lib/fuzz/fuzz_targets/fuzz_executor.rs @@ -0,0 +1,29 @@ +#![no_main] + +use libfuzzer_sys::fuzz_target; + +fuzz_target!(|commands: Vec<&str>| { + let blacklisted_command_strings = ["sleep"]; + + use surrealdb::{dbs::Session, kvs::Datastore}; + let max_commands = 500; + if commands.len() > max_commands { + return; + } + + futures::executor::block_on(async { + let dbs = Datastore::new("memory").await.unwrap(); + let ses = Session::for_kv().with_ns("test").with_db("test"); + for command in commands.iter() { + for blacklisted_string in blacklisted_command_strings.iter() { + if command.contains(blacklisted_string) { + return; + } + } + let _ignore_the_result = dbs.execute(command, &ses, None, false).await; + + // TODO: Add some async timeout and `tokio::select!` between it and the query + // Alternatively, wrap future in `tokio::time::Timeout`. + } + }); +}); diff --git a/lib/fuzz/fuzz_targets/fuzz_sql_parser.dict b/lib/fuzz/fuzz_targets/fuzz_sql_parser.dict new file mode 100644 index 00000000..6e907713 --- /dev/null +++ b/lib/fuzz/fuzz_targets/fuzz_sql_parser.dict @@ -0,0 +1,324 @@ +"AFTER" +"ALL" +"ALLINSIDE" +"AND" +"ANYINSIDE" +"AS" +"ASC" +"ASSERT" +"AT" +"BEFORE" +"BEGIN" +"BY" +"CANCEL" +"COLLATE" +"COLUMNS" +"COMMIT" +"CONTAINS" +"CONTAINSALL" +"CONTAINSANY" +"CONTAINSNONE" +"CONTAINSNOT" +"CONTENT" +"CREATE" +"DATABASE" +"DB" +"DEFINE" +"DELETE" +"DESC" +"DIFF" +"DROP" +"EDDSA" +"ELSE" +"END" +"ERR" +"EVENT" +"EVENTS" +"FALSE" +"FETCH" +"FIELD" +"FIELDS" +"FLEX" +"FLEXI" +"FLEXIBLE" +"FOR" +"FORCE" +"FROM" +"FULL" +"FUNCTION" +"GBR" +"GROUP" +"HEAD" +"ID" +"IF" +"IGNORE" +"IMPORT" +"IN" +"INDEX" +"INFO" +"INSERT" +"INSIDE" +"INTERSECTS" +"INTO" +"IS" +"KILL" +"KV" +"LET" +"LICENSE" +"LIMIT" +"LOGIN" +"MERGE" +"NAMESPACE" +"NONE" +"NONEINSIDE" +"NOTINSIDE" +"NS" +"NULL" +"NUMERIC" +"OK" +"ON" +"OPTION" +"OR" +"ORDER" +"OUTSIDE" +"PARALLEL" +"PARAM" +"PASSHASH" +"PASSWORD" +"PATCH" +"PATH" +"PERMISSIONS" +"PI" +"RELATE" +"REMOVE" +"REPLACE" +"RETURN" +"SC" +"SCHEMAFUL" +"SCHEMAFULL" +"SCHEMALESS" +"SCOPE" +"SELECT" +"SESSION" +"SET" +"SIGHUP" +"SIGINT" +"SIGNIN" +"SIGNUP" +"SIGQUIT" +"SIGTERM" +"SLEEP" +"SPLIT" +"START" +"TABLE" +"TABLES" +"TAU" +"TB" +"THEN" +"TIMEOUT" +"TK" +"TOKEN" +"TRANSACTION" +"TRUE" +"TYPE" +"UNIQUE" +"UPDATE" +"UPPERCASE" +"USE" +"VALUE" +"VALUES" +"VERSION" +"WHEN" +"WHERE" +"&&" +"||" +"??" +"?:" +"!=" +"==" +"?=" +"*=" +"!~" +"?~" +"*~" +"<=" +">=" +"**" +"::" +"array" +"array::" +"array::add(" +"array::all(" +"array::any(" +"array::append(" +"array::combine(" +"array::complement(" +"array::concat(" +"array::difference(" +"array::distinct(" +"array::flatten(" +"array::group(" +"array::insert(" +"array::intersect(" +"array::len(" +"array::max(" +"array::min(" +"array::pop(" +"array::prepend(" +"array::push(" +"array::remove(" +"array::reverse(" +"array::sort(" +"array::sort::asc(" +"array::sort::desc(" +"array::union(" +"count(" +"crypto" +"crypto::" +"crypto::md5(" +"crypto::sha1(" +"crypto::sha256(" +"crypto::argon2::compare(" +"crypto::argon2::generate(" +"crypto::pbkdf2::compare(" +"crypto::pbkdf2::generate(" +"crypto::bcrypt::compare(" +"crypto::bcrypt::generate(" +"crypto::scrypt::compare(" +"crypto::scrypt::generate(" +"geo" +"geo::" +"geo::area(" +"geo::bearing(" +"geo::centroid(" +"geo::distance(" +"geo::hash" +"hash" +"geo::hash::decode(" +"geo::hash::encode(" +"http" +"http::" +"http::head(" +"http::get(" +"http::put(" +"http::post(" +"http::patch(" +"http::delete(" +"is" +"is::" +"is::alphanum(" +"is::alpha(" +"is::ascii(" +"is::datetime(" +"is::domain(" +"is::email(" +"is::hexadecimal(" +"is::latitude(" +"is::longitude(" +"is::numeric(" +"is::semver(" +"is::url(" +"is::uuid(" +"math" +"math::" +"math::abs(" +"math::ceil(" +"math::fixed(" +"math::floor(" +"math::max(" +"math::mean(" +"math::median(" +"math::min(" +"math::product(" +"math::round(" +"math::sqrt(" +"math::sum(" +"meta" +"meta::" +"meta::id(" +"meta::tb(" +"parse" +"parse::" +"parse::email" +"email" +"parse::email::host(" +"parse::email::user(" +"parse::email::domain(" +"parse::email::fragments(" +"parse::url::host(" +"parse::url::path(" +"parse::url::port(" +"parse::url::query(" +"rand(" +"rand" +"rand::bool(" +"rand::enum(" +"rand::float(" +"rand::guid(" +"rand::int(" +"rand::string(" +"rand::time(" +"rand::uuid(" +"uuid" +"rand::uuid::v4(" +"rand::uuid::v7(" +"session" +"session::" +"session::db(" +"session::id(" +"session::ip(" +"session::ns(" +"session::origin(" +"session::sc" +"sleep(" +"string" +"string::concat(" +"string::endsWith(" +"string::join(" +"string::len(" +"string::lowercase(" +"string::repeat(" +"string::replace(" +"string::reverse(" +"string::slice(" +"string::slug(" +"string::split(" +"string::startsWith(" +"string::trim(" +"string::uppercase(" +"string::words(" +"time" +"time::" +"time::day(" +"time::floor(" +"time::format(" +"time::group(" +"time::hour(" +"time::minute(" +"time::month(" +"time::nano(" +"time::now(" +"time::round(" +"time::second(" +"time::timezone(" +"time::unix(" +"time::wday(" +"time::week(" +"time::yday(" +"time::year(" +"type" +"type::" +"type::bool(" +"type::datetime(" +"type::decimal(" +"type::duration(" +"type::float(" +"type::int(" +"type::number(" +"type::point(" +"type::regex(" +"type::string(" +"type::table(" +"type::thing(" +# TODO: Add Javascript keywords +