Alexander Zaitsev
commit
87d7b31f5e
GPG key ID:
4AEE18F83AFDEB23
5 changed files with 85 additions and 0 deletions
16
.github/workflows/ci.yaml
vendored
16
.github/workflows/ci.yaml
vendored
|
|
@ -74,3 +74,19 @@ jobs:
|
||||||
|
|
||||||
- name: Docs
|
- name: Docs
|
||||||
run: cargo doc
|
run: cargo doc
|
||||||
|
|
||||||
|
fuzz:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v2
|
||||||
|
- uses: actions-rs/toolchain@v1
|
||||||
|
with:
|
||||||
|
profile: minimal
|
||||||
|
toolchain: nightly
|
||||||
|
override: true
|
||||||
|
|
||||||
|
- run: cargo install cargo-fuzz
|
||||||
|
- name: compile fuzz
|
||||||
|
run: |
|
||||||
|
cargo fuzz build fuzz_read
|
||||||
|
|
|
||||||
21
README.md
21
README.md
|
|
@ -75,3 +75,24 @@ See the [examples directory](examples) for:
|
||||||
* How to extract a zip file.
|
* How to extract a zip file.
|
||||||
* How to extract a single file from a zip.
|
* How to extract a single file from a zip.
|
||||||
* How to read a zip from the standard input.
|
* How to read a zip from the standard input.
|
||||||
|
|
||||||
|
Fuzzing
|
||||||
|
-------
|
||||||
|
|
||||||
|
Fuzzing support is through [cargo fuzz](https://github.com/rust-fuzz/cargo-fuzz). To install cargo fuzz:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cargo install cargo-fuzz
|
||||||
|
```
|
||||||
|
|
||||||
|
To list fuzz targets:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cargo +nightly fuzz list
|
||||||
|
```
|
||||||
|
|
||||||
|
To start fuzzing zip extraction:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cargo +nightly fuzz run fuzz_read
|
||||||
|
```
|
||||||
|
|
|
||||||
3
fuzz/.gitignore
vendored
Normal file
3
fuzz/.gitignore
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
target
|
||||||
|
corpus
|
||||||
|
artifacts
|
||||||
25
fuzz/Cargo.toml
Normal file
25
fuzz/Cargo.toml
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
[package]
|
||||||
|
name = "zip-fuzz"
|
||||||
|
version = "0.0.0"
|
||||||
|
authors = ["Automatically generated"]
|
||||||
|
publish = false
|
||||||
|
edition = "2018"
|
||||||
|
|
||||||
|
[package.metadata]
|
||||||
|
cargo-fuzz = true
|
||||||
|
|
||||||
|
[dependencies]
|
||||||
|
libfuzzer-sys = "0.4"
|
||||||
|
|
||||||
|
[dependencies.zip]
|
||||||
|
path = ".."
|
||||||
|
|
||||||
|
# Prevent this from interfering with workspaces
|
||||||
|
[workspace]
|
||||||
|
members = ["."]
|
||||||
|
|
||||||
|
[[bin]]
|
||||||
|
name = "fuzz_read"
|
||||||
|
path = "fuzz_targets/fuzz_read.rs"
|
||||||
|
test = false
|
||||||
|
doc = false
|
||||||
20
fuzz/fuzz_targets/fuzz_read.rs
Normal file
20
fuzz/fuzz_targets/fuzz_read.rs
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
#![no_main]
|
||||||
|
use libfuzzer_sys::fuzz_target;
|
||||||
|
|
||||||
|
fn decompress_all(data: &[u8]) -> Result<(), Box<dyn std::error::Error>> {
|
||||||
|
let reader = std::io::Cursor::new(data);
|
||||||
|
let mut zip = zip::ZipArchive::new(reader)?;
|
||||||
|
|
||||||
|
for i in 0..zip.len() {
|
||||||
|
let mut file = zip.by_index(i)?;
|
||||||
|
if file.size() < 1 << 20 {
|
||||||
|
let _ = std::io::copy(&mut file, &mut std::io::sink());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
fuzz_target!(|data: &[u8]| {
|
||||||
|
let _ = decompress_all(data);
|
||||||
|
});
|
||||||
Loading…
Add table
Reference in a new issue