fuzz

package
v0.0.0-...-51e17a3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 8, 2025 License: Apache-2.0 Imports: 84 Imported by: 0

README

Istio fuzzing

Istio has a series of fuzzers that run continuously through OSS-fuzz.

Native fuzzers

While many jobs are still using the old go-fuzz style fuzzers, using Go 1.18 native fuzzing is preferred. These should be written alongside standard test packages. Currently, these cannot be in <pkg>_test packages; instead move them to a file under <pkg>.

Fuzz jobs will be run in unit test mode automatically (i.e. run once) and as part of OSS-fuzz.

Local testing

To run the fuzzers, follow these steps:

git clone --depth=1 https://github.com/google/oss-fuzz.git
cd oss-fuzz
python infra/helper.py build_image istio
python infra/helper.py build_fuzzers istio ~/go/src/istio.io/istio

Reproduce failure:

python infra/helper.py reproduce istio FuzzX ~/Downloads/clusterfuzz-testcase-minimized-FuzzX-1234

Run:

python infra/helper.py run_fuzzer istio FuzzValidateMeshConfig

Documentation

Overview

nolint: revive

nolint: revive

nolint: revive

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FuzzAggregateController

func FuzzAggregateController(data []byte) int

FuzzAggregateController implements a fuzzer that targets the add and delete registry apis of the aggregate controller. It does so by creating a controller with a pseudo-random Options{} and create pseudo-random service registries and deleting them.

func FuzzAnalyzer

func FuzzAnalyzer(data []byte) int

FuzzAnalyzer implements the fuzzer

func FuzzBNMUnmarshalJSON

func FuzzBNMUnmarshalJSON(data []byte) int

func FuzzCRDRoundtrip

func FuzzCRDRoundtrip(data []byte) int

FuzzRoundtrip tests whether the pilot CRDs can be encoded and decoded.

func FuzzCidrRange

func FuzzCidrRange(data []byte) int

func FuzzCompareDiff

func FuzzCompareDiff(data []byte) int

func FuzzConfigValidation

func FuzzConfigValidation(data []byte) int

func FuzzConfigValidation2

func FuzzConfigValidation2(data []byte) int

FuzzConfigValidation2 implements a second fuzzer for config validation. The fuzzer targets the same API as FuzzConfigValidation above, but its approach to creating a fuzzed config is a bit different in that it utilizes Istio APIs to generate a Spec from json. We currently run both continuously to compare their performance.

func FuzzConfigValidation3

func FuzzConfigValidation3(data []byte) int

func FuzzConvertIngressV1alpha3

func FuzzConvertIngressV1alpha3(data []byte) int

func FuzzConvertIngressVirtualService

func FuzzConvertIngressVirtualService(data []byte) int

func FuzzCreateCertE2EUsingClientCertAuthenticator

func FuzzCreateCertE2EUsingClientCertAuthenticator(data []byte) int

func FuzzExtractIDs

func FuzzExtractIDs(data []byte) int

func FuzzFindRootCertFromCertificateChainBytes

func FuzzFindRootCertFromCertificateChainBytes(data []byte) int

FindRootCertFromCertificateChainBytesFuzz implements a fuzzer that tests util.FindRootCertFromCertificateChainBytes

func FuzzGalleyDiag

func FuzzGalleyDiag(data []byte) int

func FuzzGenCSR

func FuzzGenCSR(data []byte) int

func FuzzGrpcGenGenerate

func FuzzGrpcGenGenerate(data []byte) int

func FuzzHeaderMatcher

func FuzzHeaderMatcher(data []byte) int

func FuzzHostMatcher

func FuzzHostMatcher(data []byte) int

func FuzzInitContext

func FuzzInitContext(data []byte) int

Creates an Environment with fuzzed values and passes that to InitContext

func FuzzIntoResourceFile

func FuzzIntoResourceFile(data []byte) int

func FuzzJwtUtil

func FuzzJwtUtil(data []byte) int

func FuzzKubeCRD

func FuzzKubeCRD(data []byte) int

FuzzKubeCRD implements a fuzzer that targets the kube CRD in two steps. It first creates an object with a config that has had pseudo-random values inserted. When a valid object has been created, it tries and convert that object. If this conversion fails, it panics.

func FuzzMetadataListMatcher

func FuzzMetadataListMatcher(data []byte) int

func FuzzNewBootstrapServer

func FuzzNewBootstrapServer(data []byte) int

func FuzzParseInputs

func FuzzParseInputs(data []byte) int

func FuzzParseMeshNetworks

func FuzzParseMeshNetworks(data []byte) int

func FuzzParsePemEncodedCertificateChain

func FuzzParsePemEncodedCertificateChain(data []byte) int

FuzzParsePemEncodedCertificateChain implements a fuzzer that tests ParsePemEncodedCertificateChain

func FuzzPemCertBytestoString

func FuzzPemCertBytestoString(data []byte) int

FuzzPemCertBytestoString implements a fuzzer that tests PemCertBytestoString

func FuzzUpdateVerifiedKeyCertBundleFromFile

func FuzzUpdateVerifiedKeyCertBundleFromFile(data []byte) int

FuzzUpdateVerifiedKeyCertBundleFromFile implements a fuzzer that tests UpdateVerifiedKeyCertBundleFromFile

func FuzzValidateClusters

func FuzzValidateClusters(data []byte) int

func FuzzValidateMeshConfig

func FuzzValidateMeshConfig(data []byte) int

func FuzzVerifyCertificate

func FuzzVerifyCertificate(data []byte) int

FuzzVerifyCertificate implements a fuzzer that tests util.VerifyCertificate

func FuzzWE

func FuzzWE(data []byte) int

FuzzWE implements a fuzzer that targets several apis in the workloadentry package. It does so by setting up a workloadentry controller with a proxy with pseudo-random values. The fuzzer then uses the controller to test: 1: OnConnect 2: OnDisconnect 3: QueueWorkloadEntryHealth

func FuzzXds

func FuzzXds(data []byte) int

func NewS

func NewS(f *fuzz.ConsumeFuzzer) (*model.Service, error)

Creates a new fuzzed Service

func NewSI

Creates a new fuzzed ServiceInstance

func ValidateTestOptions

func ValidateTestOptions(to core.TestOptions) error

Types

This section is empty.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL