From 0ebcca5eb73c98adc734a91f8cfca16d6f0184c5 Mon Sep 17 00:00:00 2001 From: Morten Siebuhr Date: Wed, 29 Jul 2015 22:32:02 +0200 Subject: [PATCH 1/6] Add basic fuzzer of the parser. --- promql/fuzz.go | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 promql/fuzz.go diff --git a/promql/fuzz.go b/promql/fuzz.go new file mode 100644 index 0000000000..796fe44919 --- /dev/null +++ b/promql/fuzz.go @@ -0,0 +1,67 @@ +package promql +// +build gofuzz + +/* PromQL parser fuzzing instrumentation for use with https://github.com/dvyukov/go-fuzz. + * + * Fuzz each parser by building appropriately instrumented parser, ex. FuzzParseMetric and execute it with it's + * + * go-fuzz-build -func FuzzParseMetric -o FuzzParseMetric.zip github.com/prometheus/prometheus/promql + * + * And then run the tests with the appropriate inputs + * + * go-fuzz -bin FuzzParseMetric.zip -workdir fuzz-data/ParseMetric + * + * Further input samples should go in the folders fuzz-data/ParseMetric/corpus. + * + * Repeat for ParseMetricSeletion, ParseExpr and ParseStmt + */ + +const ( + fuzz_interesting = 1 + fuzz_meh = 0 + fuzz_discard = -1 +) + +// Fuzz the metric parser +func FuzzParseMetric(in []byte) int { + _, err := ParseMetric(string(in)) + + if err == nil { + return fuzz_interesting + } + + return fuzz_discard +} + +// Fuzz the metric selector parser +func FuzzParseMetricSelector(in []byte) int { + _, err := ParseMetricSelector(string(in)) + + if err == nil { + return fuzz_interesting + } + + return fuzz_discard +} + +// Fuzz the expression parser +func FuzzParseExpr(in []byte) int { + _, err := ParseExpr(string(in)) + + if err == nil { + return fuzz_interesting + } + + return fuzz_discard +} + +// Fuzz the parser +func FuzzParseStmts(in []byte) int { + _, err := ParseStmts(string(in)) + + if err == nil { + return fuzz_interesting + } + + return fuzz_discard +} From 5fec020b27dab06c007e66f97da777f3054734a1 Mon Sep 17 00:00:00 2001 From: Morten Siebuhr Date: Wed, 29 Jul 2015 22:32:22 +0200 Subject: [PATCH 2/6] Initial fuzzing corpus for ParseExpr. --- promql/fuzz-data/ParseExpr/corpus/from_tests_1 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_10 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_11 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_12 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_13 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_14 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_15 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_16 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_17 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_18 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_19 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_2 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_20 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_21 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_22 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_23 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_24 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_25 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_26 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_27 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_28 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_29 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_3 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_30 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_31 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_32 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_33 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_34 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_4 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_5 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_6 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_7 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_8 | 1 + promql/fuzz-data/ParseExpr/corpus/from_tests_9 | 1 + 34 files changed, 34 insertions(+) create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_1 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_10 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_11 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_12 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_13 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_14 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_15 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_16 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_17 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_18 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_19 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_2 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_20 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_21 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_22 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_23 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_24 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_25 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_26 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_27 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_28 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_29 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_3 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_30 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_31 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_32 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_33 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_34 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_4 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_5 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_6 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_7 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_8 create mode 100644 promql/fuzz-data/ParseExpr/corpus/from_tests_9 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_1 b/promql/fuzz-data/ParseExpr/corpus/from_tests_1 new file mode 100644 index 0000000000..d00491fd7e --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_1 @@ -0,0 +1 @@ +1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_10 b/promql/fuzz-data/ParseExpr/corpus/from_tests_10 new file mode 100644 index 0000000000..96ae912147 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_10 @@ -0,0 +1 @@ +0755 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_11 b/promql/fuzz-data/ParseExpr/corpus/from_tests_11 new file mode 100644 index 0000000000..42399b8652 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_11 @@ -0,0 +1 @@ ++5.5e-3 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_12 b/promql/fuzz-data/ParseExpr/corpus/from_tests_12 new file mode 100644 index 0000000000..ebe4ec8b9e --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_12 @@ -0,0 +1 @@ +-0755 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_13 b/promql/fuzz-data/ParseExpr/corpus/from_tests_13 new file mode 100644 index 0000000000..8d2f0971e2 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_13 @@ -0,0 +1 @@ +1 + 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_14 b/promql/fuzz-data/ParseExpr/corpus/from_tests_14 new file mode 100644 index 0000000000..0b4439e57c --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_14 @@ -0,0 +1 @@ +1 - 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_15 b/promql/fuzz-data/ParseExpr/corpus/from_tests_15 new file mode 100644 index 0000000000..6f65828d83 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_15 @@ -0,0 +1 @@ +1 * 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_16 b/promql/fuzz-data/ParseExpr/corpus/from_tests_16 new file mode 100644 index 0000000000..7bda04b3eb --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_16 @@ -0,0 +1 @@ +1 % 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_17 b/promql/fuzz-data/ParseExpr/corpus/from_tests_17 new file mode 100644 index 0000000000..645e6d9d20 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_17 @@ -0,0 +1 @@ +1 / 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_18 b/promql/fuzz-data/ParseExpr/corpus/from_tests_18 new file mode 100644 index 0000000000..d8a6bab88c --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_18 @@ -0,0 +1 @@ +1 == 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_19 b/promql/fuzz-data/ParseExpr/corpus/from_tests_19 new file mode 100644 index 0000000000..160e8c346e --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_19 @@ -0,0 +1 @@ +1 != 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_2 b/promql/fuzz-data/ParseExpr/corpus/from_tests_2 new file mode 100644 index 0000000000..3b6020a27c --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_2 @@ -0,0 +1 @@ ++Inf diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_20 b/promql/fuzz-data/ParseExpr/corpus/from_tests_20 new file mode 100644 index 0000000000..627f468173 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_20 @@ -0,0 +1 @@ +1 > 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_21 b/promql/fuzz-data/ParseExpr/corpus/from_tests_21 new file mode 100644 index 0000000000..faaf3a7a23 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_21 @@ -0,0 +1 @@ +1 >= 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_22 b/promql/fuzz-data/ParseExpr/corpus/from_tests_22 new file mode 100644 index 0000000000..9ac3113919 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_22 @@ -0,0 +1 @@ +1 < 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_23 b/promql/fuzz-data/ParseExpr/corpus/from_tests_23 new file mode 100644 index 0000000000..2451e5510b --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_23 @@ -0,0 +1 @@ +1 <= 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_24 b/promql/fuzz-data/ParseExpr/corpus/from_tests_24 new file mode 100644 index 0000000000..67a5a10772 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_24 @@ -0,0 +1 @@ ++1 + -2 * 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_25 b/promql/fuzz-data/ParseExpr/corpus/from_tests_25 new file mode 100644 index 0000000000..25cf8fa2f4 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_25 @@ -0,0 +1 @@ +1 + 2/(3*1) diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_26 b/promql/fuzz-data/ParseExpr/corpus/from_tests_26 new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_26 @@ -0,0 +1 @@ + diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_27 b/promql/fuzz-data/ParseExpr/corpus/from_tests_27 new file mode 100644 index 0000000000..99e8589b50 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_27 @@ -0,0 +1 @@ +#comment diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_28 b/promql/fuzz-data/ParseExpr/corpus/from_tests_28 new file mode 100644 index 0000000000..056501e0d4 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_28 @@ -0,0 +1 @@ +foo * bar diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_29 b/promql/fuzz-data/ParseExpr/corpus/from_tests_29 new file mode 100644 index 0000000000..4d198a88ad --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_29 @@ -0,0 +1 @@ +foo == 1 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_3 b/promql/fuzz-data/ParseExpr/corpus/from_tests_3 new file mode 100644 index 0000000000..8e8b84a07b --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_3 @@ -0,0 +1 @@ +-Inf diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_30 b/promql/fuzz-data/ParseExpr/corpus/from_tests_30 new file mode 100644 index 0000000000..a64e56eedb --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_30 @@ -0,0 +1 @@ +2.5 / bar diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_31 b/promql/fuzz-data/ParseExpr/corpus/from_tests_31 new file mode 100644 index 0000000000..8e828c009d --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_31 @@ -0,0 +1 @@ +foo and bar diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_32 b/promql/fuzz-data/ParseExpr/corpus/from_tests_32 new file mode 100644 index 0000000000..8eeb0d47b3 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_32 @@ -0,0 +1 @@ +foo or bar diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_33 b/promql/fuzz-data/ParseExpr/corpus/from_tests_33 new file mode 100644 index 0000000000..16f8b86e06 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_33 @@ -0,0 +1 @@ +foo + bar or bla and blub diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_34 b/promql/fuzz-data/ParseExpr/corpus/from_tests_34 new file mode 100644 index 0000000000..1f70261cfa --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_34 @@ -0,0 +1 @@ +bar + on(foo) bla / on(baz, buz) group_right(test) blub diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_4 b/promql/fuzz-data/ParseExpr/corpus/from_tests_4 new file mode 100644 index 0000000000..d6c9fff3d7 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_4 @@ -0,0 +1 @@ +.5 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_5 b/promql/fuzz-data/ParseExpr/corpus/from_tests_5 new file mode 100644 index 0000000000..e4c8c3130a --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_5 @@ -0,0 +1 @@ +5. diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_6 b/promql/fuzz-data/ParseExpr/corpus/from_tests_6 new file mode 100644 index 0000000000..acaf810388 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_6 @@ -0,0 +1 @@ +123.4567 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_7 b/promql/fuzz-data/ParseExpr/corpus/from_tests_7 new file mode 100644 index 0000000000..9bc2000f7d --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_7 @@ -0,0 +1 @@ +5e-3 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_8 b/promql/fuzz-data/ParseExpr/corpus/from_tests_8 new file mode 100644 index 0000000000..260602c18e --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_8 @@ -0,0 +1 @@ +5e3 diff --git a/promql/fuzz-data/ParseExpr/corpus/from_tests_9 b/promql/fuzz-data/ParseExpr/corpus/from_tests_9 new file mode 100644 index 0000000000..f2e222d823 --- /dev/null +++ b/promql/fuzz-data/ParseExpr/corpus/from_tests_9 @@ -0,0 +1 @@ +0xc From 7371dcc7875bec486337f90496e4b27d2385ae5f Mon Sep 17 00:00:00 2001 From: Morten Siebuhr Date: Wed, 29 Jul 2015 22:34:22 +0200 Subject: [PATCH 3/6] Fuzzing corpus for ParseMetric. --- promql/fuzz-data/ParseMetric/corpus/exposition_formats_0 | 3 +++ promql/fuzz-data/ParseMetric/corpus/exposition_formats_1 | 1 + promql/fuzz-data/ParseMetric/corpus/exposition_formats_2 | 1 + promql/fuzz-data/ParseMetric/corpus/exposition_formats_3 | 1 + promql/fuzz-data/ParseMetric/corpus/exposition_formats_4 | 1 + 5 files changed, 7 insertions(+) create mode 100644 promql/fuzz-data/ParseMetric/corpus/exposition_formats_0 create mode 100644 promql/fuzz-data/ParseMetric/corpus/exposition_formats_1 create mode 100644 promql/fuzz-data/ParseMetric/corpus/exposition_formats_2 create mode 100644 promql/fuzz-data/ParseMetric/corpus/exposition_formats_3 create mode 100644 promql/fuzz-data/ParseMetric/corpus/exposition_formats_4 diff --git a/promql/fuzz-data/ParseMetric/corpus/exposition_formats_0 b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_0 new file mode 100644 index 0000000000..405bb5131c --- /dev/null +++ b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_0 @@ -0,0 +1,3 @@ +# HELP api_http_request_count The total number of HTTP requests. +# TYPE api_http_request_count counter +http_request_count{method="post",code="200"} 1027 1395066363000 diff --git a/promql/fuzz-data/ParseMetric/corpus/exposition_formats_1 b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_1 new file mode 100644 index 0000000000..76ede7fb69 --- /dev/null +++ b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_1 @@ -0,0 +1 @@ +msdos_file_access_time_ms{path="C:\\DIR\\FILE.TXT",error="Cannot find file:\n\"FILE.TXT\""} 1.234e3 diff --git a/promql/fuzz-data/ParseMetric/corpus/exposition_formats_2 b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_2 new file mode 100644 index 0000000000..64674abec9 --- /dev/null +++ b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_2 @@ -0,0 +1 @@ +metric_without_timestamp_and_labels 12.47 diff --git a/promql/fuzz-data/ParseMetric/corpus/exposition_formats_3 b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_3 new file mode 100644 index 0000000000..6bb7e38838 --- /dev/null +++ b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_3 @@ -0,0 +1 @@ +something_weird{problem="division by zero"} +Inf -3982045 diff --git a/promql/fuzz-data/ParseMetric/corpus/exposition_formats_4 b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_4 new file mode 100644 index 0000000000..47cd3366bc --- /dev/null +++ b/promql/fuzz-data/ParseMetric/corpus/exposition_formats_4 @@ -0,0 +1 @@ +http_request_duration_seconds_bucket{le="+Inf"} 144320 From 9eb2e9850963083d1ccec771d5c6efc1e95f952b Mon Sep 17 00:00:00 2001 From: Morten Siebuhr Date: Mon, 3 Aug 2015 22:23:44 +0200 Subject: [PATCH 4/6] Fix up documentation + go fmt. --- promql/fuzz.go | 108 ++++++++++++++++++++++++++++++------------------- 1 file changed, 66 insertions(+), 42 deletions(-) diff --git a/promql/fuzz.go b/promql/fuzz.go index 796fe44919..3d3864fdf1 100644 --- a/promql/fuzz.go +++ b/promql/fuzz.go @@ -1,67 +1,91 @@ -package promql +// Copyright 2015 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Only build when go-fuzz is in use // +build gofuzz -/* PromQL parser fuzzing instrumentation for use with https://github.com/dvyukov/go-fuzz. - * - * Fuzz each parser by building appropriately instrumented parser, ex. FuzzParseMetric and execute it with it's - * - * go-fuzz-build -func FuzzParseMetric -o FuzzParseMetric.zip github.com/prometheus/prometheus/promql - * - * And then run the tests with the appropriate inputs - * - * go-fuzz -bin FuzzParseMetric.zip -workdir fuzz-data/ParseMetric - * - * Further input samples should go in the folders fuzz-data/ParseMetric/corpus. - * - * Repeat for ParseMetricSeletion, ParseExpr and ParseStmt - */ +package promql +// PromQL parser fuzzing instrumentation for use with +// https://github.com/dvyukov/go-fuzz. +// +// Fuzz each parser by building appropriately instrumented parser, ex. +// FuzzParseMetric and execute it with it's +// +// go-fuzz-build -func FuzzParseMetric -o FuzzParseMetric.zip github.com/prometheus/prometheus/promql +// +// And then run the tests with the appropriate inputs +// +// go-fuzz -bin FuzzParseMetric.zip -workdir fuzz-data/ParseMetric +// +// Further input samples should go in the folders fuzz-data/ParseMetric/corpus. +// +// Repeat for ParseMetricSeletion, ParseExpr and ParseStmt. + +// Tuning which value is returned from Fuzz*-functions has a strong influence +// on how quick the fuzzer converges on "interesting" cases. At least try +// switching between fuzzMeh (= included in corpus, but not a priority) and +// fuzzDiscard (=don't use this input for re-building later inputs) when +// experimenting. const ( - fuzz_interesting = 1 - fuzz_meh = 0 - fuzz_discard = -1 + fuzzInteresting = 1 + fuzzMeh = 0 + fuzzDiscard = -1 ) -// Fuzz the metric parser +// Fuzz the metric parser. +// +// Note that his is not the parser for the text-based exposition-format; that +// lives in github.com/prometheus/client_golang/text. func FuzzParseMetric(in []byte) int { - _, err := ParseMetric(string(in)) + _, err := ParseMetric(string(in)) - if err == nil { - return fuzz_interesting - } + if err == nil { + return fuzzInteresting + } - return fuzz_discard + return fuzzDiscard } -// Fuzz the metric selector parser +// Fuzz the metric selector parser. func FuzzParseMetricSelector(in []byte) int { - _, err := ParseMetricSelector(string(in)) + _, err := ParseMetricSelector(string(in)) - if err == nil { - return fuzz_interesting - } + if err == nil { + return fuzzInteresting + } - return fuzz_discard + return fuzzDiscard } -// Fuzz the expression parser +// Fuzz the expression parser. func FuzzParseExpr(in []byte) int { - _, err := ParseExpr(string(in)) + _, err := ParseExpr(string(in)) - if err == nil { - return fuzz_interesting - } + if err == nil { + return fuzzInteresting + } - return fuzz_discard + return fuzzDiscard } -// Fuzz the parser +// Fuzz the parser. func FuzzParseStmts(in []byte) int { - _, err := ParseStmts(string(in)) + _, err := ParseStmts(string(in)) - if err == nil { - return fuzz_interesting - } + if err == nil { + return fuzzInteresting + } - return fuzz_discard + return fuzzDiscard } From 981b6360043951eb44ae8039c7fca3a71c922401 Mon Sep 17 00:00:00 2001 From: Morten Siebuhr Date: Tue, 4 Aug 2015 12:43:53 +0200 Subject: [PATCH 5/6] Bring fuzzer error handling in line. --- promql/fuzz.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/promql/fuzz.go b/promql/fuzz.go index 3d3864fdf1..f799673512 100644 --- a/promql/fuzz.go +++ b/promql/fuzz.go @@ -49,7 +49,6 @@ const ( // lives in github.com/prometheus/client_golang/text. func FuzzParseMetric(in []byte) int { _, err := ParseMetric(string(in)) - if err == nil { return fuzzInteresting } @@ -60,7 +59,6 @@ func FuzzParseMetric(in []byte) int { // Fuzz the metric selector parser. func FuzzParseMetricSelector(in []byte) int { _, err := ParseMetricSelector(string(in)) - if err == nil { return fuzzInteresting } @@ -71,7 +69,6 @@ func FuzzParseMetricSelector(in []byte) int { // Fuzz the expression parser. func FuzzParseExpr(in []byte) int { _, err := ParseExpr(string(in)) - if err == nil { return fuzzInteresting } @@ -82,7 +79,6 @@ func FuzzParseExpr(in []byte) int { // Fuzz the parser. func FuzzParseStmts(in []byte) int { _, err := ParseStmts(string(in)) - if err == nil { return fuzzInteresting } From ffc8cab39a96b2129adb07c24840d88571957c25 Mon Sep 17 00:00:00 2001 From: Morten Siebuhr Date: Tue, 10 May 2016 11:46:03 +0200 Subject: [PATCH 6/6] Updates fuzzers to discard less interesting data --- promql/fuzz.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/promql/fuzz.go b/promql/fuzz.go index f799673512..e52ccfb255 100644 --- a/promql/fuzz.go +++ b/promql/fuzz.go @@ -53,7 +53,7 @@ func FuzzParseMetric(in []byte) int { return fuzzInteresting } - return fuzzDiscard + return fuzzMeh } // Fuzz the metric selector parser. @@ -63,7 +63,7 @@ func FuzzParseMetricSelector(in []byte) int { return fuzzInteresting } - return fuzzDiscard + return fuzzMeh } // Fuzz the expression parser. @@ -73,7 +73,7 @@ func FuzzParseExpr(in []byte) int { return fuzzInteresting } - return fuzzDiscard + return fuzzMeh } // Fuzz the parser. @@ -83,5 +83,5 @@ func FuzzParseStmts(in []byte) int { return fuzzInteresting } - return fuzzDiscard + return fuzzMeh }