From a23e3889e26e2dd1387cf2f97d3430cedeae8e76 Mon Sep 17 00:00:00 2001
From: Chris Hennick <hennickc@amazon.com>
Date: Mon, 1 May 2023 11:56:46 -0700
Subject: [PATCH] Strengthen fuzz_write: use longer vectors and multiple writes

---
 .github/workflows/ci.yaml       |  2 +-
 fuzz/fuzz_targets/fuzz_write.rs | 21 ++++++++++++++++-----
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 21383cfb..14337205 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -109,4 +109,4 @@ jobs:
           cargo fuzz build fuzz_write
       - name: run fuzz
         run: |
-          cargo fuzz run fuzz_write -- -timeout=1s -runs=1000000
+          cargo fuzz run fuzz_write -- -timeout=1s -runs=1000000 -max_len=5000000000
diff --git a/fuzz/fuzz_targets/fuzz_write.rs b/fuzz/fuzz_targets/fuzz_write.rs
index 3b2a73d6..8b1a9cd5 100644
--- a/fuzz/fuzz_targets/fuzz_write.rs
+++ b/fuzz/fuzz_targets/fuzz_write.rs
@@ -1,12 +1,21 @@
 #![no_main]
+
 use libfuzzer_sys::fuzz_target;
 use arbitrary::Arbitrary;
 use std::io::{Cursor, Read, Seek, Write};
 
+#[derive(Arbitrary,Debug)]
+pub struct ExtraData {
+    pub header_id: u16,
+    pub data: Vec<u8>
+}
+
 #[derive(Arbitrary,Debug)]
 pub struct File {
     pub name: String,
-    pub contents: Vec<u8>
+    pub contents: Vec<Vec<u8>>,
+    pub local_extra_data: Vec<ExtraData>,
+    pub central_extra_data: Vec<ExtraData>
 }
 
 #[derive(Arbitrary,Debug)]
@@ -22,7 +31,7 @@ pub enum FileOperation {
     DeepCopy {
         base: Box<FileOperation>,
         new_name: String
-    },
+    }
 }
 
 impl FileOperation {
@@ -40,11 +49,13 @@ fn do_operation<T>(writer: &mut zip_next::ZipWriter<T>,
                    where T: Read + Write + Seek {
     match operation {
         FileOperation::Write {file, mut options} => {
-            if (*file).contents.len() >= u32::MAX as usize {
+            if file.contents.iter().map(Vec::len).sum::<usize>() >= u32::MAX as usize {
                 options = options.large_file(true);
             }
             writer.start_file(file.name.to_owned(), options)?;
-            writer.write_all(file.contents.as_slice())?;
+            for chunk in &file.contents {
+                writer.write_all(chunk.as_slice())?;
+            }
         }
         FileOperation::ShallowCopy {base, new_name} => {
             do_operation(writer, base)?;
@@ -63,5 +74,5 @@ fuzz_target!(|data: Vec<FileOperation>| {
     for operation in data {
         let _ = do_operation(&mut writer, &operation);
     }
-    writer.finish().unwrap();
+    let _ = zip_next::ZipArchive::new(writer.finish().unwrap());
 });
\ No newline at end of file