diff --git a/WORKSPACE.bazel b/WORKSPACE.bazel index 823c6e374..a3f3ec2fb 100644 --- a/WORKSPACE.bazel +++ b/WORKSPACE.bazel @@ -74,6 +74,13 @@ http_archive( urls = ["https://github.com/google/re2/archive/03da4fc0857c285e3a26782f6bc8931c4c950df4.zip"], ) +http_archive( + name = "com_google_fuzztest", + sha256 = "c75f224b34c3c62ee901381fb743f6326f7b91caae0ceb8fe62f3fd36f187627", + strip_prefix = "fuzztest-58b4e7065924f1a284952b84ea827ce35a87e4dc", + urls = ["https://github.com/google/fuzztest/archive/58b4e7065924f1a284952b84ea827ce35a87e4dc.zip"], +) + # -------- Load and call dependencies of underlying libraries -------- load("@bazel_skylib//:workspace.bzl", "bazel_skylib_workspace") diff --git a/quiche/BUILD.bazel b/quiche/BUILD.bazel index 04bbe9fb2..5a6d611c9 100644 --- a/quiche/BUILD.bazel +++ b/quiche/BUILD.bazel @@ -322,6 +322,31 @@ cc_library( ], ) +cc_test( + name = "http_frame_fuzzer", + srcs = ["http2/decoder/http2_frame_decoder_test.cc"], + deps = [ + ":binary_http", + ":quiche_core", + ":quiche_platform_default_testonly", + ":quiche_protobufs_testonly_cc_proto", + ":quiche_tool_support", + ":quiche_test_support", + "@boringssl//:crypto", + "@boringssl//:ssl", + "@com_google_absl//absl/base:core_headers", + "@com_google_absl//absl/container:flat_hash_map", + "@com_google_absl//absl/container:flat_hash_set", + "@com_google_absl//absl/memory", + "@com_google_absl//absl/strings", + "@com_google_absl//absl/strings:str_format", + "@com_google_absl//absl/types:optional", + "@com_google_fuzztest//fuzztest", + "@com_google_fuzztest//fuzztest:fuzztest_gtest_main", + "@com_google_googleurl//url", + ], +) + test_suite_from_source_list( name = "quiche_tests", srcs = quiche_tests_srcs, @@ -354,6 +379,7 @@ test_suite_from_source_list( "@com_google_absl//absl/strings:str_format", "@com_google_absl//absl/types:optional", "@com_google_absl//absl/types:span", + "@com_google_fuzztest//fuzztest", "@com_google_googletest//:gtest_main", "@com_google_googleurl//url", ], diff --git a/quiche/http2/decoder/http2_frame_decoder_test.cc b/quiche/http2/decoder/http2_frame_decoder_test.cc index cd408805d..9a018293b 100644 --- a/quiche/http2/decoder/http2_frame_decoder_test.cc +++ b/quiche/http2/decoder/http2_frame_decoder_test.cc @@ -18,6 +18,8 @@ #include "quiche/http2/test_tools/verify_macros.h" #include "quiche/common/platform/api/quiche_logging.h" +#include "fuzztest/fuzztest.h" + using ::testing::AssertionSuccess; namespace http2 { @@ -914,6 +916,14 @@ TEST_F(Http2FrameDecoderTest, WindowUpdateTooLong) { EXPECT_TRUE(DecodePayloadExpectingFrameSizeError(kFrameData, header)); } +void FuzzFrameDecoder(const std::string &s) { + http2::Http2FrameDecoderNoOpListener listener; + http2::Http2FrameDecoder decoder(&listener); + http2::DecodeBuffer db(reinterpret_cast(s.c_str()), s.size()); + decoder.DecodeFrame(&db); +} +FUZZ_TEST(Http2FrameDecoderFuzzTest, FuzzFrameDecoder); + } // namespace } // namespace test } // namespace http2