mirrors/prometheus
1
0
Fork 0
mirror of https://github.com/prometheus/prometheus.git synced 2026-05-05 04:16:15 +02:00
Code Issues Projects Releases Wiki Activity

Fuzzing: Remove old go-fuzz infrastructure

Browse Source 
After the migration to native Go fuzzing in PR #17393, this removes
the old dvyukov/go-fuzz based infrastructure. This enables a smooth
transition, because we can merge this pull request when upstream
OSS-Fuzz changes have been done.

This removes:
- promql/fuzz.go and promql/fuzz_test.go (old fuzz functions)
- promql/fuzz-data/ (old corpus files)

The new fuzzing infrastructure is in util/fuzzing/ and is now used
by the CI workflow.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
This commit is contained in:
Julien Pivotto 2026-01-12 13:02:14 +01:00
parent 45b9329e68
commit c2fc92e2f3
45 changed files with 0 additions and 210 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
promql/fuzz-data/ParseExpr/corpus/from_tests_1
View File

@ -1 +0,0 @@
1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_10
View File

@ -1 +0,0 @@
0755

1
promql/fuzz-data/ParseExpr/corpus/from_tests_11
View File

@ -1 +0,0 @@
+5.5e-3

1
promql/fuzz-data/ParseExpr/corpus/from_tests_12
View File

@ -1 +0,0 @@
-0755

1
promql/fuzz-data/ParseExpr/corpus/from_tests_13
View File

@ -1 +0,0 @@
1 + 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_14
View File

@ -1 +0,0 @@
1 - 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_15
View File

@ -1 +0,0 @@
1 * 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_16
View File

@ -1 +0,0 @@
1 % 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_17
View File

@ -1 +0,0 @@
1 / 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_18
View File

@ -1 +0,0 @@
1 == 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_19
View File

@ -1 +0,0 @@
1 != 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_2
View File

@ -1 +0,0 @@
+Inf

1
promql/fuzz-data/ParseExpr/corpus/from_tests_20
View File

@ -1 +0,0 @@
1 > 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_21
View File

@ -1 +0,0 @@
1 >= 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_22
View File

@ -1 +0,0 @@
1 < 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_23
View File

@ -1 +0,0 @@
1 <= 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_24
View File

@ -1 +0,0 @@
+1 + -2 * 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_25
View File

@ -1 +0,0 @@
1 + 2/(3*1)

1
promql/fuzz-data/ParseExpr/corpus/from_tests_26
View File

@ -1 +0,0 @@

1
promql/fuzz-data/ParseExpr/corpus/from_tests_27
View File

@ -1 +0,0 @@
#comment

1
promql/fuzz-data/ParseExpr/corpus/from_tests_28
View File

@ -1 +0,0 @@
foo * bar

1
promql/fuzz-data/ParseExpr/corpus/from_tests_29
View File

@ -1 +0,0 @@
foo == 1

1
promql/fuzz-data/ParseExpr/corpus/from_tests_3
View File

@ -1 +0,0 @@
-Inf

1
promql/fuzz-data/ParseExpr/corpus/from_tests_30
View File

@ -1 +0,0 @@
2.5 / bar

1
promql/fuzz-data/ParseExpr/corpus/from_tests_31
View File

@ -1 +0,0 @@
foo and bar

1
promql/fuzz-data/ParseExpr/corpus/from_tests_32
View File

@ -1 +0,0 @@
foo or bar

1
promql/fuzz-data/ParseExpr/corpus/from_tests_33
View File

@ -1 +0,0 @@
foo + bar or bla and blub

1
promql/fuzz-data/ParseExpr/corpus/from_tests_34
View File

@ -1 +0,0 @@
bar + on(foo) bla / on(baz, buz) group_right(test) blub

1
promql/fuzz-data/ParseExpr/corpus/from_tests_4
View File

@ -1 +0,0 @@
.5

1
promql/fuzz-data/ParseExpr/corpus/from_tests_5
View File

@ -1 +0,0 @@
5.

1
promql/fuzz-data/ParseExpr/corpus/from_tests_6
View File

@ -1 +0,0 @@
123.4567

1
promql/fuzz-data/ParseExpr/corpus/from_tests_7
View File

@ -1 +0,0 @@
5e-3

1
promql/fuzz-data/ParseExpr/corpus/from_tests_8
View File

@ -1 +0,0 @@
5e3

1
promql/fuzz-data/ParseExpr/corpus/from_tests_9
View File

@ -1 +0,0 @@
0xc

1
promql/fuzz-data/ParseMetric/corpus/982cbe5ad899f03c630b1a21876a206707ea3dc9
View File

@ -1 +0,0 @@
o { quantile = "1.0", a = "b" } 8.3835e-05

3
promql/fuzz-data/ParseMetric/corpus/exposition_formats_0
View File

@ -1,3 +0,0 @@
# HELP api_http_request_count The total number of HTTP requests.
# TYPE api_http_request_count counter
http_request_count{method="post",code="200"} 1027 1395066363000

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_1
View File

@ -1 +0,0 @@
msdos_file_access_time_ms{path="C:\\DIR\\FILE.TXT",error="Cannot find file:\n\"FILE.TXT\""} 1.234e3

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_2
View File

@ -1 +0,0 @@
metric_without_timestamp_and_labels 12.47

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_3
View File

@ -1 +0,0 @@
something_weird{problem="division by zero"} +Inf -3982045

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_4
View File

@ -1 +0,0 @@
http_request_duration_seconds_bucket{le="+Inf"} 144320

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_5
View File

@ -1 +0,0 @@
go_gc_duration_seconds{ quantile="0.9", a="b"} 8.3835e-05

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_6
View File

@ -1 +0,0 @@
go_gc_duration_seconds{ quantile="1.0", a="b" } 8.3835e-05

1
promql/fuzz-data/ParseMetric/corpus/exposition_formats_7
View File

@ -1 +0,0 @@
go_gc_duration_seconds { quantile = "1.0", a = "b" } 8.3835e-05

127
promql/fuzz.go
View File

@ -1,127 +0,0 @@
// Copyright The Prometheus Authors
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Only build when go-fuzz is in use
//go:build gofuzz
package promql
import (
"errors"
"io"
"github.com/prometheus/prometheus/model/labels"
"github.com/prometheus/prometheus/model/textparse"
"github.com/prometheus/prometheus/promql/parser"
)
// PromQL parser fuzzing instrumentation for use with
// https://github.com/dvyukov/go-fuzz.
//
// Fuzz each parser by building appropriately instrumented parser, ex.
// FuzzParseMetric and execute it with it's
//
// go-fuzz-build -func FuzzParseMetric -o FuzzParseMetric.zip github.com/prometheus/prometheus/promql
//
// And then run the tests with the appropriate inputs
//
// go-fuzz -bin FuzzParseMetric.zip -workdir fuzz-data/ParseMetric
//
// Further input samples should go in the folders fuzz-data/ParseMetric/corpus.
//
// Repeat for FuzzParseOpenMetric, FuzzParseMetricSelector and FuzzParseExpr.
// Tuning which value is returned from Fuzz*-functions has a strong influence
// on how quick the fuzzer converges on "interesting" cases. At least try
// switching between fuzzMeh (= included in corpus, but not a priority) and
// fuzzDiscard (=don't use this input for re-building later inputs) when
// experimenting.
const (
fuzzInteresting = 1
fuzzMeh = 0
fuzzDiscard = -1
// Input size above which we know that Prometheus would consume too much
// memory. The recommended way to deal with it is check input size.
// https://google.github.io/oss-fuzz/getting-started/new-project-guide/#input-size
maxInputSize = 10240
)
// Use package-scope symbol table to avoid memory allocation on every fuzzing operation.
var symbolTable = labels.NewSymbolTable()
var fuzzParser = parser.NewParser(parser.Options{})
func fuzzParseMetricWithContentType(in []byte, contentType string) int {
p, warning := textparse.New(in, contentType, symbolTable, textparse.ParserOptions{})
if p == nil || warning != nil {
// An invalid content type is being passed, which should not happen
// in this context.
panic(warning)
}
var err error
for {
_, err = p.Next()
if err != nil {
break
}
}
if errors.Is(err, io.EOF) {
err = nil
}
if err == nil {
return fuzzInteresting
}
return fuzzMeh
}
// Fuzz the metric parser.
//
// Note that this is not the parser for the text-based exposition-format; that
// lives in github.com/prometheus/client_golang/text.
func FuzzParseMetric(in []byte) int {
return fuzzParseMetricWithContentType(in, "text/plain")
}
func FuzzParseOpenMetric(in []byte) int {
return fuzzParseMetricWithContentType(in, "application/openmetrics-text")
}
// Fuzz the metric selector parser.
func FuzzParseMetricSelector(in []byte) int {
if len(in) > maxInputSize {
return fuzzMeh
}
_, err := fuzzParser.ParseMetricSelector(string(in))
if err == nil {
return fuzzInteresting
}
return fuzzMeh
}
// Fuzz the expression parser.
func FuzzParseExpr(in []byte) int {
if len(in) > maxInputSize {
return fuzzMeh
}
_, err := fuzzParser.ParseExpr(string(in))
if err == nil {
return fuzzInteresting
}
return fuzzMeh
}

38
promql/fuzz_test.go
View File

@ -1,38 +0,0 @@
// Copyright The Prometheus Authors
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Only build when go-fuzz is in use
//go:build gofuzz
package promql
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestfuzzParseMetricWithContentTypePanicOnInvalid(t *testing.T) {
defer func() {
if p := recover(); p == nil {
t.Error("invalid content type should panic")
} else {
err, ok := p.(error)
require.True(t, ok)
require.ErrorContains(t, err, "duplicate parameter name")
}
}()
const invalidContentType = "application/openmetrics-text; charset=UTF-8; charset=utf-8"
fuzzParseMetricWithContentType([]byte{}, invalidContentType)
}